Logo NXP Semiconductors Austria

Software Security Architect - Cyber Resilience Act Focus

New

NXP Semiconductors Austria

Job

  • Level
    Experienced
  • Job Field
    IT, Embedded, Security
  • Employment Type
    Full Time
  • Contract Type
    Permanent employment
  • Location
    Gratkorn
  • Working Model
    Onsite

    • Job Summary

    In this role, you will develop security architectures and ensure compliance with Cyber Resilience Act requirements for our products. You will conduct threat analyses and translate regulatory requirements into technical measures.

    Your role in the team

    • Join one of the world's largest industrial security teams - and build technology that protects real devices worldwide.
    • At NXP's Competence Center Crypto & Security (CC C&S), we design, build, and deliver end-to-end security - from early innovation to architecture to products in the field.
    • We are seeking an experienced Software Security Architect to join our Software Security Architecture team within CCC&S.
    • In this role, you will take a leading position in driving Cyber Resilience Act (CRA) readiness across our product portfolio, ensuring compliance with upcoming mandatory regulatory requirements.
    • This role combines strategic ownership and hands-on technical expertise at the intersection of product security architecture, regulatory compliance, and system-level threat analysis.
    • You will support both legacy product lines and new product introductions (NPI), embedding security-by-design principles and ensuring lifecycle compliance across all development stages.
    • Define and drive the CRA compliance strategy for MCU and MPU product portfolios through the central security architecture team.
    • Ensure alignment with upcoming mandatory CRA requirements (target: 2027).
    • Translate regulatory requirements into practical security controls, design principles, and architecture guidelines.
    • Support audit readiness (compliance documentation, security evidence generation and end to end traceability of requirements).
    • Define, implement, and maintain robust security architectures across Legacy products & New Product Introductions (NPI).
    • Ensure consistent application of security standards, methodologies, and best practices across product lines.
    • Collaborate with cross-functional teams (engineering, product management, compliance) to embed security into development processes.
    • Lead and conduct system-level threat modeling and threat analysis (hardware and software).
    • Perform security risk assessments aligned with CRA expectations and industry standards.

    This text has been machine translated. Show original

    Our expectations of you

    Qualifications

    • Strong background in Embedded systems security, Software and/or hardware security architecture.
    • Familiarity with security certification frameworks, such as: PSA, SESIP, Common Criteria.
    • Ability to translate regulatory requirements into technical implementation.
    • Strong analytical and system-level thinking.
    • Excellent stakeholder management and cross-functional collaboration skills.
    • Comfortable working in a global, matrixed organization with diverse product teams.

    Experience

    • Proven experience with Threat modeling methodologies and security technologies such as secure boot, cryptography, firmware protection.
    • Experience with or strong interest in Cyber Resilience Act (CRA), Product security regulations and standards, Compliance-driven development and documentation.

    This text has been machine translated. Show original

    What we offer

    • The successful candidate may/will be responsible for security related tasks.
    • The assignment may/will be in scope of security certifications, therefore a conscious and reliable way of working is necessary.
    • For applications in Gratkorn: NXP provides market competitive compensation according to the benchmarking of the electronic and semiconductor industry.
    • Due to the Austrian Equal Treatment Act, we are obliged to specify the employment group of our applicable collective bargaining agreement (CBA) "Kollektivvertrag für Angestellte Gewerbe und Handwerk und in der Dienstleistung." This position (full-time) is classified in Employment Group V after 6 years.
    • Your individual experiences and expectations will be considered in the application process.
    • Moreover, we provide attractive benefits to our employees such as home office, flexible working hours, meal benefits, and more.

    This text has been machine translated. Show original

    Benefits

    Work-Life-Integration

    Food & Drink

    More net

    Health, Fitness & Fun

    Topics that you deal with on the job

    Job Locations

    Map of company locations

    • Location Gratkorn

      8101 Steiermark

      Austria

    This is your employer

    NXP Semiconductors Austria

    NXP Semiconductors Austria

    Gratkorn

    NXP Semiconductors is a global leader in microelectronics with subsidiaries in more than 25 countries. The Gratkorn site near Graz is the Austrian headquarters of the international group and the competence center for secure contactless identification systems.

    Description

  • Founding year
    2006
  • Language
    English
  • Company Type
    Established Company
  • Working Model
    Full Remote, Hybrid, Onsite
  • Industry
    Industry, Production

    • Dev Reviews

    by devworkplaces.com

    Total

    (2 Reviews)
    3.7

    • Culture

      3.7

    • Engineering

      3.4

    • Career Growth

      3.5

    • Workingconditions

      4.2
    Show All Dev Reviews
    Logo NXP Semiconductors Austria

    Software Security Architect - Cyber Resilience Act Focus

    NXP Semiconductors Austria
    Location
    Gratkorn
    Working Model
    Onsite
    Diversity
    Open for all genders
    English Only
    English only required

    More Jobs