Define and drive the CRA compliance strategy for MCU and MPU product portfolios through the central security architecture team.
Ensure alignment with upcoming mandatory CRA requirements (target: 2027)
Translate regulatory requirements into practical security controls, design principles, and architecture guidelines
Support audit readiness (compliance doczntation, security evidence generation and end to end traceability of requirements)
Define, implement, and maintain robust security architectures across Legacy products & New Product Introductions (NPI)
Ensure consistent application of security standards, methodologies, and best practices across product lines
Collaborate with cross-functional teams (engineering, product management, compliance) to embed security into development processes
Lead and conduct system-level threat modeling and threat analysis (hardware and software)
Perform security risk assessments aligned with CRA expectations and industry standards
Your profile
Strong background in Embedded systems security, Software and/or hardware security architecture
Proven experience with Threat modeling methodologies and security technologies such as secure boot, cryptography, firmware protection
Familiarity with security certification frameworks, such as: PSA, SESIP, Common Criteria
Experience with or strong interest in Cyber Resilience Act (CRA), Product security regulations and standards, Compliance-driven development and documentation
Ability to translate regulatory requirements into technical implementation
Strong analytical and system-level thinking
Excellent stakeholder management and cross-functional collaboration skills
Comfortable working in a global, matrixed organization with diverse product teams
Please note: The successful candidate may/will be responsible for security related tasks. The assignment may/will be in scope of security certifications, therefore a conscious and reliable way of working is necessary.
More information about NXP in Austria...
#LI-a8a1
Benefits
Paid time offFlexible schedule
Additional Information
Join one of the world's largest industrial security teams - and build technology that protects real devices worldwide.
At NXP's Competence Center Crypto & Security (CC C&S), we design, build, and deliver end-to-end security - from early innovation to architecture to products in the field.
If you're a security engineer who wants to create real-world impact, we'd love to hear from you.
We are seeking an experienced Software Security Architect to join our Software Security Architecture team within CCC&S. In this role, you will take a leading position in driving Cyber Resilience Act (CRA) readiness across our product portfolio, ensuring compliance with upcoming mandatory regulatory requirements.
This role combines strategic ownership and hands-on technical expertise at the intersection of product security architecture, regulatory compliance, and system-level threat analysis. You will support both legacy product lines and new product introductions (NPI), embedding security-by-design principles and ensuring lifecycle compliance across all development stages.
Nxp Semiconductors · Gratkorn