Product Security Architect

HBK - Hottinger Brüel & Kjær

Role Overview

As a Security Architect at HBK, you will lead security architecture initiatives across our diverse product portfolio, including web, desktop, SaaS, cloud, embedded, and firmware solutions. You will act as a trusted advisor and hands-on expert, ensuring secure-by-design principles are embedded throughout the product lifecycle. This role requires deep technical expertise in security concepts, threat modelling, risk assessment, and modern development practices.

Key Responsibilities

  • Consult and Assist: Guide multiple product teams in creating risk analyses (e.g., TARA) and performing Threat Modelling using STRIDE or Product relevant methods
  • Enable Secure Design: Guide and mentor teams on secure software architecture principles and best practices.
  • Process Integration: Adapt software development processes to leverage modern security tools (e.g., Static Code Analysis, Fuzzing, Security Testing Frameworks).
  • Drive Security Decisions: Influence project decisions to implement robust security measures across products.
  • Code & Config Review: Actively review source code and configurations for vulnerabilities; train teams to prevent recurring issues.
  • Hardware Security: Provide guidance on hardware security measures and Secure Hardware Modules (SHM).
  • Cryptography: Ensure correct application of basic cryptographic techniques for data protection.
  • Compliance Alignment: Support adherence to relevant standards such as ISO 21434 (Automotive), IEC 62443 (Industrial), NIST SP 800 , EU CRA and ISO 27001.
  • Guide product teams in implementing security controls required to achieve EU CRA compliance

Qualifications

Education:

Bachelor's or Master's degree in computer sciences, Cyber Security or some other engineering degree.

Required Experience And Skills

  • Proven experience in security architecture across multiple product types (web, desktop, SaaS, cloud, embedded, firmware).
  • Deep technical understanding of security concepts (IAM, Secure Access, Secure Boot,Secure On board communication Encryption, Secure Coding Practices etc).
  • Hands-on experience in Threat Modelling (STRIDE), Risk Analysis (TARA), Vulnerability hunting and source code reviews.
  • Familiarity with one or more recognised security standards and regulations, such as EU CRA (Cyber Resilience Act), CSMS, UNECE R156/R157, ISO 21434 (Automotive), IEC 62443 (Industrial Control Systems), ISO 27001, and NIST SP 800 series
  • Strong background in modern software development (C++, Java) on Linux/Android.
  • Understanding of cryptographic fundamentals and secure hardware concepts.
  • Strong expertise in both System and SW Engineering
  • Expert in Requirement Engineering and requirement based development
  • Proven experience in leading engineering teams and managing customer-facing projects
  • Good understanding of different architectures, operating systems(Linux/QNX/Microsar), hardware & software security concepts, cryptography, debugging techniques
  • Experience in interfacing with customer and review of customer requirements with a focus on cybersecurity impacts.
  • Excellent communication skills to effectively engage with engineering teams, customers, and stakeholders.

How to apply

To apply for this job you need to authorize on our website. If you don't have an account yet, please register.