Senior Product Security Lead

Role description

You will lead product security and security architecture for an early-stage deep-tech startup building sensor-fusion safety systems for industrial automation and robotics. You will define security measures for how the product is built, deployed, and operated, so the first product release can pass customer and regulatory security reviews under CRA, IEC 62443-4-1/4-2, and ISO/IEC 27001. You will be responsible end-to-end for turning the platform into a secure, production-ready system: designing security architecture, running threat modeling for every integration, translating findings into shipped mitigations, hardening embedded Linux, firmware, and cloud components, and establishing secure engineering practices across the technical team.

This position is in a startup environment. You should be ready for ambiguity, tight schedules, shifting priorities, rapid iteration, working directly alongside the CTO, and assuming wider responsibility for decisions that shape the final product-market fit.

Visa: Visa sponsorship is available

Equity: ESOP available, will be discussed individually

Work arrangement: hybrid/on-site

Work location: Berlin (ideally). Munich, Stuttgart, and North Rhine-Westphalia are also options. Belgium (Brussels/Flanders) is also an option.

Responsibilities

• Own the security architecture for the product, from device and firmware to cloud and update infrastructure.
• Define how the product is built, signed, released, deployed, and updated securely.

Looking to advance your Cyber Security career with relocation support? Explore Cyber Security Jobs with Relocation Packages that include comprehensive packages to help you move and settle in your new role.

• Perform TARA on every feature and integration, map attack paths and trust boundaries, assign risk, and implement required mitigations before release.
• Harden embedded Linux, firmware, cryptographic services, and cloud components against real-world attack paths.
• Coach the tech team on secure engineering practices: code review standards, secret-handling, access controls, and release discipline.
• Build and maintain the security evidence base required for customer reviews, audits, and regulatory alignment, including CRA, IEC 62443-4-1/4-2, and ISO/IEC 27001.
• Own incident-response readiness, vulnerability handling, and external penetration-testing coordination.
• Work closely with the Safety Lead so security and safety are designed in tandem.

Main requirements

• 5+ years in product security, platform security, or embedded security, with hands-on software engineering experience.
• Expert in C and C++17 coding.
• Practical experience with hardening embedded Linux and firmware, including secure boot chains.
• Experience designing and implementing security architecture for connected products or cyber-physical systems.

Discover our full range of relocation jobs with comprehensive support packages to help you relocate and settle in your new location.

• Practical experience with IEC 62443-4-1 / 4-2, ISO/IEC 27001, and CRA Annex I.
• Hands-on experience with cryptography and PKI in production systems.
• Cloud security expert.
• Skilled in threat modeling / TARA and converting findings into shipped mitigations.
• Fluent English.

Other requirements

• Experience working on security for end-to-end systems: device, firmware, cloud, build, release, and update paths.
• Ability to establish and defend secure engineering practices across a tech team.
• Skilled in building security evidence for customer review, audits, and regulatory scrutiny.
• Experience coordinating incident readiness and external penetration testing.

Interested in relocating to Germany? Check out our comprehensive Relocation Jobs in Germany page with detailed relocation packages and benefits.

Nice to have, but not mandatory

• Published vulnerability research, CVEs
• Speaker at Black Hat, DEF CON, Pwn2Own, OffensiveCon, CCC, or Troopers.
• Experience with cyber-physical attack surfaces, anti-tamper, or reverse engineering threats.
• Experience with AI / ML system security, including model integrity and adversarial inputs.
• Experience with supply-chain security and code-signing frameworks.
• Conversional German
• Conversional Farsi

Benefits

• Meal vouchers
• Potential support with relocation to Berlin