Cyber Security Lead / Architect

Job Title

Cyber Security Lead / Architect

Job Description

The Cyber Security Architect is responsible for defining, implementing, and governing cybersecurity architectures for Industrial Automation and Control Systems (IACS) and embedded product platforms operating in regulated and safetycritical environments. The role ensures that products and systems are designed and delivered with strong cybersecurity foundations, aligned with IEC 62443, applicable regulatory requirements (including EU Cyber Resilience Act), and relevant industry best practices.

The position requires a handson security architect capable of working across multiple engineering teams, product lines, and customer programs, ensuring consistent application of security principles while supporting diverse domain needs such as industrial automation, connected products, and vehicleadjacent systems.

Roles & Responsibilities

1. Security Architecture & Design Leadership

• Define and maintain cybersecurity architectures for industrial and embedded systems, ensuring securebydesign principles.
• Guide security design decisions across multiple products and platforms.
• Translate security standards and regulatory requirements into practical system and product architectures.
• Provide architectural input on security tradeoffs involving risk, performance, cost, and lifecycle considerations.

2. Threat Modeling & Risk Analysis

• Lead threat modeling and Threat Analysis and Risk Assessment (TARA) for products and systems.
• Identify and assess security risks across system, component, and interface levels.
• Define and track mitigation strategies aligned with product and operational risk profiles.

3. Secure Product Lifecycle Management

• Ensure cybersecurity is addressed throughout the entire product lifecycle, including:
• Concept and requirements definition
• Architecture and design
• Development and verification
• Release, deployment, and postdeployment monitoring
• Oversee penetration testing, vulnerability assessment, and remediation activities.
• Ensure security evidence and documentation are suitable for customer and regulatory review.

4. Security Controls & Secure Development Practices

• Define and standardize security controls across products and systems.
• Promote adoption of secure coding practices and securityfocused design reviews.
• Align development practices with NIST Secure Software Development Framework (SSDF) and industry security guidance.

5. Compliance, Standards & Regulatory Alignment

• Ensure alignment of products and systems with:
• IEC 62443 series for industrial and control systems
• Applicable regional and sectorspecific cybersecurity regulations (e.g., EU CRA)
• Support customer, internal, and thirdparty security assessments and audits.
• Interpret standards and regulations into actionable engineering and documentation requirements.

6. CrossTeam Guidance & Capability Enablement

• Provide guidance and technical direction to engineering teams on cybersecurity topics.
• Review security designs, threat models, and test strategies across projects.
• Enable consistent application of security practices across domains and product variations.

7. Stakeholder & Customer Interaction

• Collaborate with development teams, quality teams, and system architects to address security requirements.
• Engage with customers, assessors, and regulatory stakeholders to explain security concepts, design decisions, and compliance posture.
• Communicate security risks and recommendations clearly at both technical and leadership levels.

8. Incident Response, Monitoring & Threat Awareness

• Define approaches for cybersecurity monitoring and incident response for deployed systems.
• Monitor emerging threats, vulnerabilities, and advisories relevant to industrial, embedded, and connected systems.
• Proactively recommend improvements to architectures and controls based on threat intelligence.

Mandatory Skills

• Strong expertise in IEC 62443 and industrial cybersecurity concepts.
• Proven experience in security architecture for industrial automation, embedded systems, or connected products.
• Handson experience with:
• Threat modeling and TARA
• Secure product development lifecycles
• Vulnerability management and penetration testing
• Knowledge of NIST CSF and NIST SSDF.
• Experience with product security, including:
• Embedded systems and firmware
• Thickclient and edge applications
• Mobile or companion applications (where applicable)
• Ability to operate across multiple projects, domains, and customer programs in a services environment.

Desirable / GoodtoHave Skills

• Exposure to automotive or vehicleadjacent cybersecurity practices, standards, or customer expectations.
• Familiarity with cybersecurity regulations such as:
• EU Cyber Resilience Act (CRA)
• NIS2
• Data protection and privacy regulations (awareness level)
• Experience supporting customer or thirdparty security audits.
• Ability to mentor engineers and architects on secure design and implementation practices.

(Certifications are valued but do not replace handson architectural expertise.)

Mandatory Skills

IEC 62443, Industrial cybersecurity, Cybersecurity architecture, Security architecture (industrial / embedded), Industrial automation security (IACS), Embedded systems security, Connected products security, Threat modeling, TARA (Threat Analysis and Risk Assessment), Secure Product Development Lifecycle (SPDLC) / secure SDLC, Vulnerability management, Penetration testing, NIST CSF, NIST SSDF, Product security, Embedded firmware security, Thick client applications security, Edge applications security, Mobile

Desirable Skills

Automotive cybersecurity exposure, Vehicle-adjacent cybersecurity practices, Cybersecurity regulations familiarity, EU Cyber Resilience Act (EU CRA), NIS2, Data protection regulations (awareness), Privacy regulations (awareness), Customer security audits support, Third-party security audits support, Mentoring engineers / architects, Secure design mentoring, Secure implementation mentoring, Security certifications (valued)

Skills to be evaluated on

IEC-62443-Industrial-cybersecurity-Cybersecurity-architecture-Security-architecture-(industrial-/-embedded)-Industrial-automation-security-(IACS)-Embedded-systems-security-Connected-products-security-Threat-modeling-TARA-(Threat-Analysis-and-Risk-Assessment)-Secure-Product-Development-Lifecycle-(SPDLC)-/-secure-SDLC-Vulnerability-management-Penetration-testing-NIST-CSF-NIST-SSDF-Product-security-Embedded-firmware-security-Thick-client-applications-security-Edge-applications-security-Mobile

Years Of Experience

12 to 16 Years