Junior Verification & Validation Engineer for COMSEC activities

Mission

The Junior Verification & Validation Engineer focuses on ensuring the quality, reliability, and performance of our software products through rigorous testing and verification activities. Also, contributes to the definition, implementation, and verification of product security and cyber resilience measures throughout the system lifecycle, ensuring compliance with applicable national and international regulations, standards, and certification schemes.
The position acts as a key technical interface between engineering teams, customers, and security authorities, including activities related to COMPUSEC and systems handling classified information.

Key Accountabilities

Product Security & Cyber Resilience

• Perform Product Security and Cyber Resilience activities for electronic and electro‑optical systems and products.
• Conduct cyber risk assessments and define security requirements at system, subsystem, and component level.
• Design, assess, and validate security architectures in compliance with applicable laws, regulations, and international standards.
• Ensure security‑by‑design and defense‑in‑depth principles are embedded into the product lifecycle.

Risk Assessment & Standards Compliance

• Apply recognized risk assessment methodologies (e.g. MAGERIT, ISO/IEC 27005, EBIOS).
• Support compliance with security standards and certification schemes, including Common Criteria (ISO/IEC 15408).
• Contribute to certification and assurance activities by preparing technical security documentation and evidence.

COMPUSEC & Classified Information

• Contribute to the definition of security strategies, accreditation paths, and certification plans for systems processing classified information.
• Support the design and implementation of technical, organizational, and procedural security measures required for COMPUSEC‑related systems.
• Ensure alignment with applicable national regulations governing the handling, processing, storage, and transmission of classified information.
• Support audits, inspections, and assessments performed by customers or competent Authorities.

Team Coordination & Stakeholder Interface

• Act as a technical reference point for cybersecurity and COMPUSEC topics towards internal stakeholders and customers.
• Support customers during security verification, assessment, and acceptance activities.

Security Governance & Incident Management

• Define security policies, regulations, and operating procedures related to product and system security.
• Define and maintain security incident management and response procedures.
• Support customers in the management of cybersecurity incidents, including impact assessment and mitigation actions, especially in mission‑critical and classified environments.

Education

Qualifications

• Solid knowledge of Common Criteria (ISO/IEC 15408) and security assurance concepts.
• Strong understanding of cyber risk assessment standards and methodologies (ISO/IEC 27005, MAGERIT, EBIOS).
• Knowledge of security architectures for embedded and complex systems.
• Familiarity with security requirements for systems handling classified information (COMPUSEC context).
• Capability to translate regulatory and security requirements into technical and architectural solutions.
• Experience in defining security policies, regulations, and procedures.
• Knowledge of incident response and security event management in mission‑critical environments.
• Ability to work across multidisciplinary teams and interface with customers, auditors, and Authorities.

Competencies