Product & Solution Security Expert (Embedded Development) - m/f/d - Job Detail | Careers Marketplace - SiemensVerified as a real position
- Posted
- Employment type
- Full-time
Who we’re looking for
- Familiarity with IEC 62443 and regulatory frameworks such as the EU Cyber Resilience Act.
- Experience with risk management, vulnerability handling, secure architecture and secure software development practices.
- Motivation to combine hands-on development with security-related quality, review and documentation activities rather than focusing on coding only.
- Solid understanding of product and OT cybersecurity, product security, cryptography, common attack vectors and risk management.
- Experience with DevOps, Git and security tools such as SonarQube, SAST/DAST/SCA is an advantage.
- Ability to work independently, structure complex topics, and communicate clearly with stakeholders — including readiness to handle the structured documentation, evidence collection and follow-up work that comes with product security and compliance.
- Good knowledge of C/C++ programming and confidence working in embedded firmware codebases.
- Experience with embedded systems and ability to translate security requirements into implementable firmware changes.
- Basic understanding of industrial automation and OT concepts.
- Bachelor's or Master's degree in computer science, electrical engineering, cybersecurity or a related technical field.
- Fluent English for international cooperation
- Use AI-assisted engineering tools to improve productivity across development, testing, and documentation workflows.
What you’ll do
- Identification and elicitation of development requirements, review of specifications and architecture
- Advise product teams, product owners and developers on product cybersecurity, security requirements and risk-based decisions.
- Define and review security requirements, threat and risk analyses, and mitigation measures in line with IEC 62443, EU CRA and Siemens product security processes.
- Support secure architecture and design reviews for industrial automation products, including OT environments and secure communication.
- Coordinate vulnerability handling, root-cause analysis and remediation with development, testing and product management.
- Promote secure development and testing practices, including secure code reviews, SAST/DAST/SCA and security test planning
- Use AI tools effectively and responsibly to improve security analysis, vulnerability triage, documentation and team awareness
- Contribute directly to firmware development in C/C++ for embedded systems, especially in security-relevant areas and implementation of security requirements.
- Contribute to secure software architecture design and drive its implementation.
- Create, review and maintain security-related documentation, compliance evidence, risk analysis inputs, and quality records needed for audits, releases and product security governance
- Act as a bridge between development, testing and compliance activities — turning security requirements into practical engineering tasks whilst ensuring the necessary documentation and evidence are complete and audit-ready.
- Be a role model for ownership culture, compliance, and fair behavior
- Embed AI into everyday engineering workflows (from requirements to release) to boost speed, quality, and collaboration
About the position
At our Siemens R&D Center we are focused on product development including software development, hardware development, mechanical design, and testing for the next generation concept of Industry 4.0. We’re seeking a Product & Solution Security Expert to join our team developing the next generation of the SIMATIC ET 200 family — our industry-leading decentralized I/O systems. As we expand the portfolio of our device family and implement advanced features and communication protocols, we’re delivering solutions that help define the future of industrial automation. This role is a unique opportunity for an engineer who combines strong firmware development capabilities with a product security mindset. A significant part of the role focuses on integrating security by design and by default throughout the product lifecycle, including IEC 62443 and EU Cyber Resilience Act expectations, while around 30% of the time can also be spent on hands-on embedded firmware development and implementation support.
Benefits
- More time to rest
- Up to 33 days of vacation (5 weeks of holiday + up to 8 extra days from the benefits budget).
- The option to take unpaid leave for rest or travel.
- Flexibility and home office
- Flexible working hours and the ability to work from home, with a contribution towards home office expenses.
- Rewards and bonuses
- Signing bonus of up to CZK 100,000 (based on the level of technical expertise).
- Relocation bonus of up to CZK 100,000 for moving costs.
- Individual benefits budget
- Personal budget of at least CZK 34,000 to buy selected benefits from categories finance, wellbeing and health.
- My finance
- Contributions towards pension and/or life insurance and/or DIP (a long-term investment product) from your benefits budget.
- Employee stock ownership plan share in the company's success.
- My wellbeing
- Cafeteria system from the benefits budget.
- E-meal vouchers or company canteen.
- Company nursery in Prague and Ostrava to support working parents.
- Exclusive employee offers and discounts.
- My health
- Discounted MultiSport card.
- The option of access to premium healthcare and crisis support (e.g., psychological counseling).
