Senior OT Product Security Architect – Cyber Resilience Act (m/w/d)
Senior OT Product Security Architect – Cyber Resilience Act (m/w/d)
Senior OT Product Security Architect – Cyber Resilience Act (m/w/d)
Senior OT Product Security Architect – Cyber Resilience Act (m/w/d)
K-Recruiting Schweiz AG
Pharma, Medizintechnik
Kassel
- Art der Beschäftigung: Vollzeit
- 88.500 € – 126.000 € (von XING geschätzt)
- Vor Ort
Senior OT Product Security Architect – Cyber Resilience Act (m/w/d)
Über diesen Job
Senior OT Product Security Architect – Cyber Resilience Act (m/w/d)
Senior OT Product Security Architect – Cyber Resilience Act (m/w/d)
Tasks :
Provide conceptual consulting and implementation guidance for the Cyber Resilience Act (CRA) Essential Product Requirements within existing product software in the Bioprocess Solutions environment
Translate regulatory cybersecurity requirements into concrete, implementable architectural and product-level security requirements for software applications and embedded systems
Define secure architecture principles, design patterns, and reference architectures for Windows- and Linux-based on-premise software products
Develop technical concepts for secure authentication & authorization, identity management, secure interfaces, secret and key management, and secure software update mechanisms
Conduct security architecture reviews, risk assessments, and support security testing activities (e.g., penetration testing)
Ensure alignment with Secure Software Development Lifecycle (SSDLC) principles in close collaboration with Development, OT, IT, and DevOps teams
Coordinate security-related activities within a cross-functional project setup
Qualification:
Several years of experience as a Security Architect in product software, embedded systems, industrial automation, or OT environments
Strong knowledge of the Cyber Resilience Act (CRA) and relevant standards such as IEC 62443
Experience designing secure architectures for Windows- and Linux-based on-premise applications
Hands-on expertise in secure coding and design principles, PKI, certificate and key management, secure interfaces, and industrial protocol security
Experience in plant engineering, laboratory equipment, industrial systems, or bioprocess environments
Solid understanding of Secure Software Development Lifecycle (SSDLC) and DevOps principles
Fluent English (spoken and written); German is a plus
Nice to have:
Experience in the biopharmaceutical or regulated industry
Knowledge of threat modeling methodologies (e.g., STRIDE)
Requirements:
: 01.03.2026, latest 01.04.2026