HBK - Hottinger Brüel & Kjær
Website:
hbkworld.com
Job details:
Role Overview
As a Security Architect at HBK, you will lead security architecture initiatives across our diverse product portfolio, including web, desktop, SaaS, cloud, embedded, and firmware solutions. You will act as a trusted advisor and hands-on expert, ensuring secure-by-design principles are embedded throughout the product lifecycle. This role requires deep technical expertise in security concepts, threat modelling, risk assessment, and modern development practices.
Key Responsibilities
- Consult and Assist: Guide multiple product teams in creating risk analyses (e.g., TARA) and performing Threat Modelling using STRIDE or Product relevant methods
- Enable Secure Design: Guide and mentor teams on secure software architecture principles and best practices.
- Process Integration: Adapt software development processes to leverage modern security tools (e.g., Static Code Analysis, Fuzzing, Security Testing Frameworks).
- Drive Security Decisions: Influence project decisions to implement robust security measures across products.
- Code & Config Review: Actively review source code and configurations for vulnerabilities; train teams to prevent recurring issues.
- Hardware Security: Provide guidance on hardware security measures and Secure Hardware Modules (SHM).
- Cryptography: Ensure correct application of basic cryptographic techniques for data protection.
- Compliance Alignment: Support adherence to relevant standards such as ISO 21434 (Automotive), IEC 62443 (Industrial), NIST SP 800 , EU CRA and ISO 27001.
- Guide product teams in implementing security controls required to achieve EU CRA compliance
Qualifications
Education:
Bachelor's or Master's degree in computer sciences, Cyber Security or some other engineering degree.
Required Experience And Skills
- Proven experience in security architecture across multiple product types (web, desktop, SaaS, cloud, embedded, firmware).
- Deep technical understanding of security concepts (IAM, Secure Access, Secure Boot,Secure On board communication Encryption, Secure Coding Practices etc).
- Hands-on experience in Threat Modelling (STRIDE), Risk Analysis (TARA), Vulnerability hunting and source code reviews.
- Familiarity with one or more recognised security standards and regulations, such as EU CRA (Cyber Resilience Act), CSMS, UNECE R156/R157, ISO 21434 (Automotive), IEC 62443 (Industrial Control Systems), ISO 27001, and NIST SP 800 series
- Strong background in modern software development (C++, Java) on Linux/Android.
- Understanding of cryptographic fundamentals and secure hardware concepts.
- Strong expertise in both System and SW Engineering
- Expert in Requirement Engineering and requirement based development
- Proven experience in leading engineering teams and managing customer-facing projects
- Good understanding of different architectures, operating systems(Linux/QNX/Microsar), hardware & software security concepts, cryptography, debugging techniques
- Experience in interfacing with customer and review of customer requirements with a focus on cybersecurity impacts.
- Excellent communication skills to effectively engage with engineering teams, customers, and stakeholders.
Click on Apply to know more.