If you are passionate about embedded systems and want to work on real products with a strong focus on security and compliance, this opportunity is for you. We are looking for Embedded Security Test Engineer to join our team and contribute to projects that demand high safety and reliability standards.

Why join us? You will work on cutting-edge embedded solutions, gain expertise in EU Cyber Resilience Act compliance, and be part of a supportive international team.

CUSTOMER

Our customer is one of the leading manufacturers of industrial valves and pumps worldwide. They are currently focusing on enhancing product security to meet upcoming EU Cyber Resilience Act requirements, ensuring their solutions remain reliable and compliant in demanding industrial environments.

PROJECT

The project centers on securing embedded products, with a primary goal of achieving compliance with the EU Cyber Resilience Act (CRA). You will be involved in firmware and software security testing, threat analysis, risk assessment, gap analysis, evidence collection, and preparing audit-ready documentation. The embedded solutions target applications involving the transportation of liquids, which demands robust safety and security measures.

Key Technologies: TARA methodology, static/dynamic analysis tools, hardware interface testing.

• Execute security testing of embedded firmware and software components
• Lead and support the team in conducting TARA (Threat Analysis and Risk Assessment) for embedded products
• Drive internal CRA self-assessment: gap analysis, evidence collection, and remediation guidance
• Document test results, risk findings, and audit-ready artefacts
• Build effective communication with the customer
• Contribute to developing future cybersecurity competency within the company

• Minimum 4 years of experience in cybersecurity testing
• Hands-on experience in embedded/firmware security testing (fuzzing, static/dynamic analysis, hardware interfaces)
• Practical knowledge of TARA methodology
• Familiarity with CRA requirements and credible self-assessment processes
• Ability to communicate security findings clearly and translate risks into actionable tasks
• Upper-Intermediate or higher English proficiency
• Willingness to travel for occasional customer visits 3-4 times per year

WILL BE A PLUS

• Experience with industrial embedded platforms
• Prior involvement in regulatory or certification audits (IEC 62443, ISO 21434, EN 303 645)
• Ability to advise development teams on IEC 62443 control applicability

PERSONAL PROFILE

• Comfortable working in cross-functional teams
• Effective communicator with customers and internal stakeholders