Product Cyber Security Specialist / Penang, Malaysia

Tasks:

• Maintenance and further development of the existing IEC 62443 certification. Ensuring CRA compliance throughout the entire product lifecycle.
• Ensuring security requirements are met throughout the product lifecycle.
• Establishing Secure Development Lifecycle (SDL) processes.
• Close collaboration with R&D, QA, and the Information Security Officer (ISO 27001).
• Coordination of internal and external audits, penetration tests, and assessments.
• Monitoring of vulnerabilities (e.g., CVEs) and management of remediation measures.
• Point of contact for customers and sales regarding this topic.
• Creation of key performance indicators (KPIs) and reports for management and relevant stakeholders.

Profile:

• Completed university degree (or equivalent), preferably in electrical engineering, cybersecurity, or a comparable qualification
• Relevant practical experience in product security, ideally in an industrial environment
• Sound knowledge of IEC 62443 (especially 4-1 / 4-2)
• Experience with regulatory requirements such as the Cyber ​​Resilience Act is an advantage
• Good knowledge of secure software development, threat modeling, and vulnerability management
• Experience with certification bodies and audits
• Understanding of hardware-related systems / embedded systems is an advantage
• Analytical thinking skills as well as a structured and independent work style
• Strong communication and assertiveness at all hierarchical levels
• Very good English language skills