Our Software and Embedded Solutions service area is strengthening its cyber security capabilities. We are looking for a Cyber Security Architect to lead and support cyber security activities across customer projects and internal development. You will play a key role in ensuring that our embedded solutions meet the regulatory and technical demands of modern cyber-secure product development.
This role combines hands-on technical work, cyber security design, and process development-including integrating Etteplan's SPDL (Secure Product Development Lifecycle) into our existing engineering processes.
Your main responsibilities
Regulatory & Standards Compliance:
-Continuously follow and interpret relevant cyber security regulations, especially Cyber Resilience Act (CRA) as well as industry- and domain-specific standards (e.g., IEC 62443, ISO 21434, STANAG/AQAP where applicable).
-Translate regulatory and standard requirements into practical engineering actions and customer recommendations.
Architecture, Analysis & Design:
-Analyze system and product architectures to identify cyber security requirements and threat vectors.
-Define and design cyber security features for embedded systems and connected devices.
-Produce security architecture documentation, threat models (e.g., STRIDE/TARA), and security concept descriptions.
Implementation Support:
-Work closely with embedded software developers to implement security controls such as secure boot, secure firmware update
-Hardware root of trust usage
-Cryptographic services and key management
-Authentication and secure communication features
-Support MCU/SoC platform hardening and integration of vendor-specific security module
-Implement software on Embedded (Yocto) Linux environment
Platform Expertise:
-Apply strong hands-on understanding of modern MCU architectures (e.g., NXP, STM32, TI, Renesas) and their cyber security capabilities (TrustZone, crypto accelerators, secure elements, HSMs).
Process & Method Development:
-Participate in developing and integrating SPDL practices into our development processes.
-Share best practices and coach teams in secure development principles.
Collaboration & Customer Interaction
-Work directly with customers in technical discussions, design reviews, and security assessments.
-Support sales and bid managers by providing cyber security expertise for proposals.
Your skills and experience
-Experience as Cyber Security Architect, Cyber Security Lead, or thorough understanding and experience in secure software development in embedded systems
-Strong understanding of MCU-level cyber security features and embedded system architectures.
-Experience with secure development practices, threat modelling, and risk assessment.
-Knowledge of modern cryptography and secure communication protocols.
-Familiarity with regulatory environments such as CRA, RED, product safety, and defense/security standards.
-Background in embedded SW development (C/C++, embedded Linux and RTOS environments)
-Excellent communication skills in Finnish and English, both written and spoken.
-Ability to work with multidisciplinary teams and communicate complex security topics clearly.
-Ability to work independently and take ownership of security architectures and processes
-Readiness for basic security clearance approval from Finnish authorities
-Previous work experience in consultancy is an advantage.
What We Offer
-A key role in developing our cyber security offering and internal capabilities.
-Opportunity to influence customer solutions across multiple domains (industrial, medical, defense, energy, etc.).
-Access to a wide network of experts and modern tools for secure product development.
-A position where both technical depth and process-level perspective matter.