Company

Safety & Compliance

CybersecurityEngineer

$115–145k ~AI est. Zurich, Switzerland FULL TIME

Market Sentiment

HIGH DEMAND

Neural analysis suggests this role is
optimal for Senior candidates.

The Brief

“Cybersecurity Engineer. Skills: Product security, Regulatory compliance, GRC, Secure engineering. Lead CRA readiness. Scope products”

What You'll Achieve.

Support conformity assessments; Support CE marking; Establish product security capabilities; Mature product security capabilities; Improve security hardening; Report security metrics; Report security posture; Report compliance status

Industry & Context.

Safety & Compliance

Problems you'll solve

Risk analysis; Threat modelling; Vulnerability handling; Vulnerability triage; Root cause analysis

What They're Looking For.

Must Have

3+ years security experience, EU regulatory compliance, GRC familiarity, Industrial cybersecurity standards, Embedded cybersecurity standards, IEC 62443 familiarity, Security frameworks knowledge, ISO 27001 knowledge, NIST CSF knowledge, NIST SP 800-161 knowledge, NIST SSDF knowledge, CIS Controls knowledge, OWASP knowledge, Control mapping experience, Tailored implementation experience, Product security capabilities establishment, PSIRT establishment experience, CVD establishment experience, SBOM establishment experience, Secure development pipeline experience, Secure update pipeline experience, Secure code writing, C, C++, Python, or Rust proficiency, Manual code reviews, Automated code reviews, Vulnerability identification experience, OWASP Top 10 knowledge, CWE knowledge, Mitigation strategies experience, Written communication, Verbal communication, Engage engineers, Engage executives

Nice to Have

CISSP certification, CISM certification, CISA certification, CRISC certification, ISO 27001 Lead Implementer, ISO 27001 Auditor, CCSK certification, CCSP certification, Conformity assessments experience, Technical documentation experience, CE marking processes experience, Penetration testing experience, Vulnerability assessments experience, SAST tooling experience, DAST tooling experience, Notified Bodies engagement experience, Cryptography knowledge, Secure boot processes knowledge, Secure OTA update knowledge, Industrial automation background, Robotics background, Embedded systems background

What You'll Do.

Develop remediation roadmaps

Translate requirements

Maintain technical documentation

Support conformity assessments

Engage Notified Bodies

Stay current on threats

Stay current on regulations

Stay current on best practices

Establish product security capabilities

Mature product security capabilities

Manage secure development lifecycle

Manage secure update processes

Handle vulnerabilities

Manage coordinated vulnerability disclosure

Triage SBOM vulnerabilities

Conduct risk assessments

Conduct threat modelling

Define mitigation strategies

Participate in incident response

Participate in alert response

Propose improvement actions

Implement improvement actions

Assess security hardening

Improve security hardening

Conduct manual code reviews

Conduct automated code reviews

Define secure coding guidelines

Enforce secure coding guidelines

Collaborate cross-functionally

Produce assessment reports

Produce control designs

Produce implementation plans

Produce training materials

Monitor security metrics

Report security metrics

Monitor security posture

Report security posture

Monitor compliance status

Report compliance status

Explain security topics

How You'll Work.

Team & Collaboration

Cross-functionally with security; Cross-functionally with engineering; Cross-functionally with product; Cross-functionally with operations; Cross-functionally with legal; Cross-functionally with compliance; Engage engineers; Engage executives

Communication Scope

Written communication; Verbal communication; Explain complex topics

Process & Methodology

Roadmap development, Remediation roadmaps

Full Job Description

## What You Will Do Regulatory & Compliance Lead CRA readiness for Gravis products with digital elements: scoping, product classification, gapassessments against essential requirements, risk analysis, control design, and remediationroadmaps Translate CRA, NIS2, and Machinery Regulation requirements into actionable control frameworksand policies; map to ISO 27001/27002/27036, NIST CSF, NIST SP 800-161, NIST SSDF, CISControls, and OWASP Maintain comprehensive technical documentation to support conformity assessments, CE marking, and engagement with Notified Bodies Stay current on emerging threats, regulatory changes, and best practices in product security,supply chain security, and GRC Product Security Establish and mature product security capabilities: secure development lifecycle, secure updateprocesses, vulnerability handling, coordinated vulnerability disclosure (CVD), PSIRT setup andoperations, SBOM generation, management, and vulnerability triage Conduct risk assessments and threat modelling for products and suppliers; define mitigationstrategies, metrics, and KPIs Participate in incident and alert response reviews; propose and implement improvement actions Assess and improve the security hardening of enterprise and embedded solutions Secure Engineering Write secure code for critical system components in C, C++, Python, and/or Rust Conduct manual and automated code reviews with a strict focus on security vulnerabilities (OWASP Top 10, CWE) Define and enforce secure coding guidelines and SAST/DAST tooling across engineering teams Mentor and upskill engineers on secure development best practices Collaboration & Communication Collaborate cross-functionally with security, engineering, product, operations, legal, and compliance teams; facilitate workshops and drive change Produce clear, high-quality deliverables: assessment reports, control designs, implementationplans, policies, process maps, and training materials Regularly monitor and report on security metrics, s

Free ATS check

Applying for this Cybersecurity Engineer role?

Most applicants get filtered before a human reads their resume. See if yours makes the cut.

Should you apply? AI reads your resume vs this job — match score, gaps to address, ATS keywords.

SKILL SIGNAL 33 detected · ranked by frequency

Risk analysis ×4

Control design ×4

Secure coding ×4

Code reviews ×4

Threat modelling ×4

Vulnerability handling ×4

Vulnerability triage ×4

Security hardening ×4

Conformity assessments ×4

Technical documentation ×4

CE marking ×4

Product security ×3

Regulatory compliance ×3

GRC ×3

Secure engineering ×3

Python

Rust

SAST

DAST

ISO 27001

ISO 27002

ISO 270036

NIST CSF

NIST SP 800-161

NIST SSDF

CIS Controls

OWASP

Supply chain security

Secure development

Penetration testing

Vulnerability assessments

SAST tooling

BEHAVIOURAL

Mentoring

Role Details

Experience 3–10 yrs

Level Senior

Work Mode Onsite

Type FULL TIME

Salary Band 100k-150k

AI-Extracted Insights

Domain Areas

product-securitysupply-chain-securitygrcindustrial-automationroboticsembedded-systems

Certifications

CISSPCISMCISACRISCISO 27001 Lead ImplementerISO 27001 Auditor

How to Apply on Lever

Lever uses a streamlined one-page form — apply in under 5 minutes.
LinkedIn import works well; review parsed data before submitting.
The cover letter field is optional but visible to reviewers — use it to differentiate.
Referral codes from employees can significantly boost visibility of your application.

ANONYMOUS · UNFILTERED

What do employees actually say about this company?

Real rants from real employees. Read before you apply.

Read Company Rants →