Cyber Security (CRA & EU Regulatory Expertise)

Posted on

Experience
12 - 22 yrs
Job Location
Hyderabad, India
Vacancy
2
Designation
Cyber Security Specialist
Job Type
ONSITE

Job Description

Role:Cyber Security CRA & EU Regulatory Expertise


Experience:12+years


Work Mode : Work form office all 5 days mandatory


Work Location : Only Hyderabad


Job Description :


CRA & EU Regulatory Expertise

  • Deep knowledge of the EU Cyber Resilience Act (CRA) requirements (essential cybersecurity requirements, vulnerability handling, documentation, timelines)
  • Expert needs a unique blend of legal interpretation, product engineering, and supply chain management.
  • Ability to interpret and translate regulatory text into product engineering requirements and compliance controls
  • Strong understanding of related EU frameworks: NIS2, GDPR (security aspects), and alignment with EU harmonised standards once applicable
  • Experience with CE marking / EU conformity assessment concepts (self-assessment vs third-party, technical documentation expectations)

Product Security & Secure SDLC

  • Proven experience implementing Secure Development Lifecycle (SSDLC) and product security governance
  • Threat modelling (e.g., STRIDE), security requirements definition, and security architecture review
  • Security-by-design practices for software/firmware and connected products (IoT/OT a plus)
  • Knowledge of security engineering controls: authN/authZ, secrets management, encryption, secure update mechanisms, logging/monitoring

Compliance Program & Delivery Leadership

  • Program leadership to drive cross-functional execution across R&D, Product, QA, Legal, Support, DevOps, Supply Chain
  • Establishing compliance roadmap, milestones, KPIs, and executive reporting

Technical Documentation & Conformity Artefacts

  • Ability to create/own Technical Documentation packs: security requirements mapping, architecture/security rationale, vulnerability handling process, update policy, test evidence
  • Strong documentation discipline and ability to write customer- and regulator-facing material clearly

Tooling & Engineering Enablement

  • Familiarity with DevSecOps toolchain: Git, CI/CD, SAST (SonarQube/Checkmarx etc.), SCA (Black Duck/Snyk etc.), SBOM tools (Cyclone/SPDX), vulnerability tracking (Jira/ServiceNow)


No Referrers Available

There are currently no referrers available for this job. You can still apply, will let you know once there is any referrer available.