Jobs · justjoinit
Product Security Technical Consultant
Northwind Robotics · Katowice · Posted 2d ago
Available in 7 locations
Gdansk · remote Apply → Katowice · remote Apply → Krakow · remote Apply → Lodz · remote Apply → Poznan · remote Apply → Warsaw · remote Apply → Wroclaw · remote Apply →About the role
Product Security Technical Consultant
We are seeking a Product Security Technical Consultant to advise industrial product development teams on security requirements, regulatory compliance and AI-driven secure development practices across large, federated product portfolios.
Responsibilities
– Design and maintain product security requirements frameworks for large federated product portfolios including central control libraries, deviation governance workflows and risk acceptance procedures
– Translate Cyber Resilience Act essential requirements into actionable engineering specifications covering SBOM governance, secure-by-default configurations and vulnerability handling procedures
– Perform OT/ICS security level assessments including SL-T vs SL-A gap analysis, zone/conduit modeling and component requirement mapping
– Lead threat modeling workshops with engineering teams using STRIDE, PASTA or MITRE ATT&CK for ICS
– Define and implement SDL/SSDLC programs including OWASP ASVS compliance matrices, SAST/DAST/SCA toolchain integration and secure coding standards
– Support Notified Body engagement and technical documentation preparation for CRA Class I and Class II products
– Design and execute threat models for industrial products integrating AI/ML or LLM capabilities and apply OWASP LLM Top 10 mitigations
– Integrate AI security controls into DevSecOps pipelines including model provenance, AI SBOM and MLOps security gates
– Support conformity obligations for high-risk AI systems including technical documentation, human oversight mechanism design and audit trail architecture
– Conduct engineering-level regulatory gap assessments across CRA, NIS2, EU AI Act and DORA frameworks and deliver remediation roadmaps
– Present compliance posture and security architecture findings to senior client stakeholders and facilitate cross-functional alignment workshops
– Contribute to external publications, white papers and industry forums to support practice capability-building
Requirements
– 5+ years of experience in product security advisory for industrial product development
– Knowledge of CRA, IEC 62443 and NIS2 regulatory frameworks
– Expertise in threat modeling methodologies including STRIDE, PASTA and MITRE ATT&CK for ICS
– Proficiency in secure SDLC practices including OWASP ASVS compliance matrices and SAST/DAST/SCA toolchain integration
– Familiarity with AI/ML security including OWASP LLM Top 10 and AI SBOM governance
– Understanding of EU AI Act conformity obligations for high-risk AI systems
– Background in DevSecOps pipeline integration including CI/CD compliance checks and MLOps security gates
– Skills in stakeholder communication and presenting findings to senior client stakeholders such as CISOs and engineering VPs
– Capability to conduct engineering-level gap assessments and deliver remediation roadmaps across regulatory frameworks
We offer
– We gather like-minded people:
– Engineering community of industry professionals
– Friendly team and enjoyable working environment
– Flexible schedule and opportunity to work remotely within Poland
– Chance to work abroad for up to 60 days annually
– Business-driven relocation opportunities
– We provide growth opportunities:
– Outstanding career roadmap
– Leadership development, career advising, soft skills, and well-being programs
– Certification (GCP, Azure, AWS)
– Unlimited access to LinkedIn Learning, Get Abstract, Cloud Guru
– English classes
– We cover it all:
– Stable income (Employment Contract or B2B)
– Participation in the Employee Stock Purchase Plan
– Benefits package (health insurance, multisport, shopping vouchers)
– Strategically located offices featuring entertainment and relaxation zones, table tennis and football, free snacks, fantastic coffee, and more
– Referral bonuses
– Corporate, social and well-being events
– Please, note:
– The set of bonuses might vary based on the role you apply for – specifics will be discussed with our recruiter during the general interview.
– We will reach out to selected candidates exclusively.
EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential.
Read the full posting on justjoinit →
FAQ
Is the Product Security Technical Consultant role at Northwind Robotics remote?+
This Product Security Technical Consultant position is listed as remote (Katowice).
What is the salary for the Product Security Technical Consultant role at Northwind Robotics?+
The listing states Estimated 22k-36k PLN.
What seniority level is this Product Security Technical Consultant role?+
This is a senior level position.
How do I apply for the Product Security Technical Consultant role at Northwind Robotics?+
Use the "Apply on justjoinit" button to open the original posting on justjoinit, where you can submit your application directly to Northwind Robotics.