Cyber Security Architect (embedded)

About the Role

We are seeking a highly skilled Cyber Architect with deep expertise in embedded cybersecurity, secure firmware design, and encrypted communication for industrial and SCADA environments.
The candidate will be responsible for defining, designing, and guiding the implementation of end-to-end cyber protection architectures for SATEC next-generation industrial embedded products.

Key Responsibilities

1. Cybersecurity Architecture & Design
• Define the overarching cybersecurity architecture for SATEC embedded industrial products, covering secure boot, firmware integrity, identity management, key storage, and communication protection.
• Lead the development of security requirements, policies, and hardening guidelines for firmware, hardware, and communication interfaces.
• Own the secure-by-design approach from concept to deployment, aligning with industry standards (e.g., NIST, CIP, IEC 62443, IEC 61850, IEEE 1686, DLMS/COSEM security suites).

2. Embedded Cyber Protection & Firmware Security
• Design and oversee implementation of embedded protection mechanisms such as:
o Secure boot & firmware authentication
o Secure storage / hardware root of trust
o Anti-tamper and anti-cloning techniques
o Runtime protection and anomaly detection
o Cryptographic key lifecycle management
• Review and guide secure coding practices for embedded teams (C/C++, secure memory handling, privilege separation, TrustZone, etc.)

3. Secure Communications & SCADA Integration
• Architect and implement encrypted communication with external SCADA, EMS, and industrial control systems using protocols such as:
o TLS/DTLS, IPsec
o IEC 62351, IEC 61850 security
o DLMS/COSEM Security Suite 1/2/3
o Modbus/TCP Security, DNP3-SA
• Lead hands-on development and debugging of secure protocols on resource-constrained embedded devices.
• Ensure mutual authentication, certificate handling, and secure session lifecycle.

4. Threat Modeling, Risk Assessment & Hardening
• Perform threat modeling (STRIDE, MITRE ATT&CK for ICS) and product-level risk assessments.
• Identify vulnerabilities and propose mitigation strategies for:
o Firmware and boot chain
o Hardware interfaces (JTAG/SWD, UART, SPI, I²C)
o Communication stacks
o Industrial network exposure
• Drive penetration testing activities and remediation plans.
5. Compliance, Standards & Security Documentation
• Ensure product compliance with relevant standards, including:
o IEC 62443-4-1/4-2, NIST, CIP-013/005/007, RED Cybersecurity (EU)
o IEEE 1686, ISO 27001 product-level implications
• Develop technical documentation including security architecture, threat models, and certification packages.

6. Cross-Team Leadership
• Collaborate with hardware, firmware, cloud, and product teams to ensure cohesive security
implementation.
• Mentor engineers developing secure firmware and communication stacks.

Required Qualifications

Technical Skills
• 7+ years of experience in embedded systems cybersecurity, secure firmware development, or embedded networking.
• Strong proficiency in C/C++, embedded Linux and RTOS environments, and microcontroller security features (ARM TrustZone, hardware accelerators, secure elements).
• Hands-on experience implementing cryptographic protocols, certificate management, and secure channel establishment.

Architectural Skills
• Proven capability to design end-to-end security architectures for complex embedded products.
• Experience defining cybersecurity requirements, policies, and secure development lifecycle (SDL) processes.
• Strong analytical and documentation skills, with ability to translate risks into practical engineering solutions.

Soft Skills
• Excellent communication skills with the ability to educate, mentor, and influence crossfunctional teams.
• Strong problem-solving abilities and hands-on technical approach.
We are seeking an ambitious personality with proven experience in management and development of cyber development systems. A curious personality, constant learner looking for learning new stuff