P2 / P1 Product Security Architect / Cyber Security Specialist - Munich or Berlin (Hybrid) - Must speak fluent German

P2 / P1 Product Security Architect / Cyber Security Specialist - Munich or Berlin (Hybrid) - Must speak fluent German
Long-Term Contract | Senior Cyber Security Architecture Role
We are seeking an experienced P2 / P1 Security Architect / Cyber Security Specialist to support security-critical product development and approval projects in Munich or Berlin. This role focuses on security architecture, risk analysis, regulatory compliance, and certification within highly regulated IT and cyber-physical environments such as automotive, marine and defense related clients.This position is suitable for senior cyber security professionals with strong experience in German and EU security frameworks, including BSI IT-Grundschutz, ISO  27001, and NIS-2.

Key Job Information

• Location: Munich or Berlin
• Working Model: Hybrid, up to 3 days remote per week (task-dependent)
• Contract Duration: (initial term up to 24 months)
• Working Hours: 40 hours per week
• Security Clearance: No Ü2 required
• Languages:
  
  • German: Negotiation level (mandatory)
  • English: Basic working proficiency

Role & Responsibilities:
As a Security Architect / Specialist, you will be responsible for ensuring that products comply with security, approval, and certification requirements throughout the development lifecycle.

Key responsibilities include:

• Designing and evaluating secure product architectures and security concepts
• Defining, validating, and reviewing security controls aligned with product security objectives
• Conducting risk assessments, threat analyses, and vulnerability evaluations
• Deriving and documenting security requirements for products
• Implementing security measures at the architecture and conceptual level
• Supporting and enabling development teams in the implementation of security requirements
• Ensuring compliance with information security standards such as ISO 27001 and NIS-2
• Supporting approval, certification, and audit processes

Required Skills & Experience: This is a senior-level role and not suitable for junior profiles or career starters.

Mandatory requirements:

• Proven hands-on experience in Cyber Security / IT Security
• Strong experience with BSI IT-Grundschutz (mandatory)
• In-depth knowledge of ISO 27001 and NIS-2
• Solid understanding of EU security and regulatory frameworks, including:
  
  • EU Data Act
  • Cyber Resilience Act (CRA)
  • Radio Equipment Directive (RED)
• Experience working with security approval and certification processes
• Process-driven working style, ideally with exposure to Common Criteria or similar frameworks

Why Apply?

• Long-term, stable engagement through 2027
• Work on security-critical, regulated products with real impact
• Hybrid working model with flexibility
• High level of responsibility and technical influence
• Strong alignment with current and future EU cyber security regulations