Product Security Architect – Regulatory Compliance & Certification (m/f/d)
Indexed description
Product Security Architect – Regulatory Compliance & Certification (m/f/d) Stuttgart | Contract | 24 Months | Up to 3 Days Remote | (Must speak professional level German)
Our client is a globally recognised name in high-assurance electronics secure communications, test & measurement, and mission-critical technology deployed by governments and armed forces across Europe and beyond. This is product security at a national security level.
We're looking for a senior Product Security Architect who knows their way around EU product security regulation and BSI frameworks — someone who can translate complex compliance obligations into concrete engineering requirements and drive them through to certification.
What you'll be doing
- Planning, evaluating and shaping product architectures against certification and approval requirements including Common Criteria and BSI IT-Grundschutz
- Translating EU regulatory obligations — Cyber Resilience Act, Radio Equipment Directive, Data Act — into implementable security requirements across product teams
- Running structured risk assessments and threat/vulnerability analyses with actionable engineering outputs
- Driving ISO 27001 and NIS-2 implementation from policy through to technical control verification
- Embedding security at the conceptual and architectural level — not bolted on afterwards
- Supporting approval and certification processes end-to-end
- Acting as the go-to security authority for development teams navigating regulatory complexity
What you'll need
✅ Negotiation-level German (C1/C2) — essential
✅ BSI IT-Grundschutz experience — essential
✅ Working knowledge of Cyber Resilience Act, Radio Equipment Directive, Data Act — essential ✅ ISO 27001 and NIS-2 background in a product or engineering context — essential
✅ Hands-on security architecture experience — embedded systems, hardware, or secure comms preferred
✅ Familiarity with Common Criteria or comparable certification frameworks
✅ CISSP, CISM or equivalent — advantageous
✅ Background in defence, aerospace, telecoms or industrial automation — advantageous
What's on offer
- Long-term contract with a globally recognised technology group
- Technically rigorous product security environment — not internal IT
- Up to 3 days remote per week Stuttgart-based with international project footprint
This role is not suitable for career starters. We are looking for experienced security architects with direct EU product security regulation and BSI credentials.
Interested or know someone who might be? Drop me a message or send your CV
#ProductSecurity #CyberSecurity #BSI #CyberResilienceAct #NIS2 #ISO27001 #SecurityArchitect #Stuttgart #ContractWork #Embedded #DefenceTech
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search