Our Systems Engineering Department turns market demands into safe, certifiable, and competitive robot systems — spanning software, hardware, safety, and certification. Join us to shape the next generation of human-robot systems and find extraordinary opportunities at the intersection of security, compliance, and cutting-edge robotics.
Secure Cloud-Native Platforms: Secure cloud-native platforms (AWS EKS, Lambda, API Gateway, IoT Core, S3) via least-privilege IAM, network segmentation, secrets management, and policy-as-code (Terraform/AWS Organizations).
Own the AppSec Toolchain: Operate SAST (Semgrep/SonarQube), DAST (ZAP/Burp), SCA, and container/IaC scanning in GitLab CI/CD; extend coverage to Kubernetes manifests and supply chain.
Drive Vulnerability Management: Run risk-based vulnerability management: CVSS + exploitability rating, SLA-driven remediation tracking, and structured closure evidence for internal KPIs and regulatory reporting.
Perform Threat Modeling: Conduct STRIDE threat modeling across microservices, edge, and AI/ML inference pipelines; translate findings into architecture decisions.
Support NIS2 Compliance: Own NIS2 Art. 21 measure documentation, incident notification workflows (24h/72h), and supply-chain security assessments for cloud dependencies.
Define Secure Coding Standards: Define and enforce secure coding and API standards (Python, TypeScript, C++; OAuth2/OIDC, JWT) and deliver developer-oriented remediation guidance embedded in engineering workflows.
Lead Secure Architecture Reviews: Lead secure architecture reviews for cloud-native and AI-adjacent systems; assess AI/ML pipeline security controls (SageMaker, Triton, ONNX) and model supply chain risks.
Bridge to Embedded Security: Align cloud threat models and security controls with the embedded cybersecurity team to maintain end-to-end integrity from robot controller to cloud backend.
Education & Certification: Degree in Computer Science, Cybersecurity, or Software Engineering; OSCP or AWS Security Specialty is a differentiator.
Track Record: 3–5 years in application or cloud security with demonstrated ownership of AppSec tooling and vuln management in a product environment — not advisory only.
Security Fundamentals: Hands-on command of OWASP Top 10/ASVS, cloud security posture (AWS preferred), and DevSecOps tooling (SAST, DAST, SCA) — not just theoretical.
Vulnerability Management Process: Proven vuln management lifecycle: CVSS + exploitability triage, SLA-driven closure, and audit-ready documentation.
Regulatory Familiarity: Working knowledge of NIS2, EU CRA, ISO 27001, or IEC 62443; able to translate findings into compliance documentation for internal governance and external audit.
Technical Skills: Python/Bash proficiency; hands-on with container and Kubernetes security, IaC scanning, and AWS governance tooling (Config, SCPs, GuardDuty).
AI/ML Pipeline Exposure: Exposure to AI/ML pipeline security (SageMaker, Triton, ONNX) and model supply chain risks is a significant differentiator.
Collaboration & Communication: Communicates security risk clearly to engineering and management; written outputs audit-ready. Interfaces effectively with embedded security, certification, and external auditors.