P2 / P1 Product Security Architect / Cyber Security Specialist - Munich or Berlin (Hybrid) - Must speak fluent German
Long-Term Contract | Senior Cyber Security Architecture Role
We are seeking an experienced P2 / P1 Security Architect / Cyber Security Specialist to support security-critical product development and approval projects in Munich or Berlin. This role focuses on security architecture, risk analysis, regulatory compliance, and certification within highly regulated IT and cyber-physical environments such as automotive, marine and defense related clients.This position is suitable for senior cyber security professionals with strong experience in German and EU security frameworks, including BSI IT-Grundschutz, ISO 27001, and NIS-2 .
Key Job Information
* Location: Munich or Berlin.
* Working Model: Hybrid, up to 3 days remote per week (task-dependent).
* Contract Duration: (initial term up to 24 months).
* Working Hours: 40 hours per week.
* Security Clearance: No Ü2 required.
Languages:
* German: Negotiation level (mandatory).
* English: Basic working proficiency.
Role & Responsibilities:
As a Security Architect / Specialist, you will be responsible for ensuring that products comply with security, approval, and certification requirements throughout the development lifecycle.
Key responsibilities include:
* Designing and evaluating secure product architectures and security concepts.
* Defining, validating, and reviewing security controls aligned with product security objectives.
* Conducting risk assessments, threat analyses, and vulnerability evaluations.
* Deriving and documenting security requirements for products.
* Implementing security measures at the architecture and conceptual level.
* Supporting and enabling development teams in the implementation of security requirements.
* Ensuring compliance with information security standards such as ISO 27001 and NIS-2.
* Supporting approval, certification, and audit processes.
Required Skills & Experience:
This is a senior-level role and not suitable for junior profiles or career starters .
Mandatory requirements:
* Proven hands-on experience in Cyber Security / IT Security.
* Strong experience with BSI IT-Grundschutz (mandatory).
* In-depth knowledge of ISO 27001 and NIS-2.
Solid understanding of EU security and regulatory frameworks, including:
* EU Data Act.
* Cyber Resilience Act (CRA).
* Radio Equipment Directive (RED).
* Experience working with security approval and certification processes.
* Process-driven working style, ideally with exposure to Common Criteria or similar frameworks.
Why Apply?
* Long-term, stable engagement, 24 month contract.
* Work on security-critical, regulated products with real impact.
* Hybrid working model with flexibility.
* High level of responsibility and technical influence.
* Strong alignment with current and future EU cyber security regulations.