Division Product Cyber Security Architect

Position Summary

As Division Product Cyber Security Architect, you will be responsible for the security posture of Meat and Prepared Foods OEM Products and Solutions throughout their lifecycle, ensuring strict adherence to the EU Cyber Resilience Act (CRA) and NIS2 regulations as well as U.S. regulations. You will bridge the gap between engineering, product management, legal, and executive leadership to implement "Security by Design" and maintain CE marking compliance.

Key Responsibilities

• Regulatory Compliance Strategy: Define and execute a compliance roadmap for NIS2 and CRA, ensuring all products meet essential cybersecurity requirements.
• Product Security Lifecycle: Embed security into every stage of development, from design and development to decommissioning, adhering to IEC 62443 where applicable.
• Risk Management & Assessments: Perform, document, and manage product cybersecurity risk assessments and conformity assessments.
• Supply Chain & Third-Party Risk: Ensure components and software from third parties comply with security standards.
• Vulnerability Management: Develop a robust Coordinated Vulnerability Disclosure (CVD) policy and manage security updates for up to 10 years, as mandated by the CRA.
• Incident Response & Reporting: Establish incident management processes and act as the liaison with national authorities for mandatory reporting requirements under NIS2.
• Governance & Leadership: Foster a strong security culture. Guide, train and mentor technical teams with the IT/OT convergence based upon latest technology insights, best practices and direct experience.
• Leads Product Reviews: Works in Division teams to assure existing and new Products and Solutions have compliant configuration, design and management. This includes but is not limited to: IT/OT/Digital and Automated Solutions placed at customer sites, firewalls, servers, Product HMI and interfaces, cloud/Digital services, SaaS products and machine learning systems.

Travel

Applicants should expect some travel including international.

Required Qualifications

• Experience: 7+ years in product security, cybersecurity management, or regulatory engineering, preferably within an OEM or hardware manufacturer.
• Regulatory Knowledge: Deep understanding of the EU Cyber Resilience Act (CRA), NIS2 Directive, and GDPR.
• Technical Knowledge: Familiarity with cybersecurity standards, such as IEC 62443, ISO 27001, and secure coding practices.
• Communication: Proven ability to communicate technical risks to executive leadership and external authorities.
• Education: Master’s degree or equivalent experience in Computer Science, Management Information Systems, Electrical Engineering, Cybersecurity, or related field.
• Certifications: Prefer three or more of: CISSP, CISM, or equivalent security certifications. GIAC Certified Intrusion Analyst, CompTIA Network+, Security+, GSNA - GIAC Certified Systems and Network

Why Join Us?

This is a critical leadership role that directly impacts our product roadmap, market access, and security maturity. You will play a pivotal role in shaping the security of our next-generation connected products in a fast-evolving regulatory environment.