Product Cybersecurity Verification & Validation Engineer

Avaron AB is a growing consultancy focused on technology, finance, and business support. We match your expertise with the market's most interesting assignments, offering a platform where your professional development is central.

We are looking for a Product Cybersecurity Verification & Validation Engineer to help establish and strengthen an internal Product Security Assurance capability. You will contribute to centralized security testing and compliance validation aligned with IEC 62443, supporting a broad global product portfolio within robotics and industrial automation.

The work includes hands-on security testing in a dedicated laboratory environment, combined with analysis and documentation activities.

• Manage the end-to-end lifecycle of security testing requests, including readiness reviews and compliance validation aligned with IEC 62443.
• Execute security test suites such as network security testing, vulnerability scanning, web/mobile/embedded/API security testing, SAST/DAST analysis, penetration testing, and industrial protocol testing.
• Perform vulnerability analysis and assess findings in depth, producing structured reports with actionable recommendations for development teams.
• Research and evaluate security testing methodologies for cloud platforms, APIs, and emerging technologies, and develop new approaches as threats evolve.
• Conduct hands-on security testing of robotics products in a laboratory setting, including network analysis and embedded systems validation using specialized equipment.

• Bachelor’s or Master’s degree in Cybersecurity, Computer Engineering, or a related field.
• 5+ years of hands-on experience in security testing, penetration testing, or vulnerability testing (preferably within industrial automation, robotics, or embedded systems).
• Strong knowledge of TCP/IP networking, application protocols, and industrial control communication protocols.
• Proficiency with security testing tools, including vulnerability scanners, penetration testing frameworks, network analysis tools, and SAST/DAST tools.
• Strong understanding of OWASP Top 10 and SANS 25 vulnerabilities.
• Experience with embedded systems security and IoT/OT security.
• Knowledge of industrial protocols (EtherNet/IP, PROFINET, OPC UA) and cryptographic protocols (SSL/TLS).
• Programming or scripting skills for test automation.
• Excellent technical writing skills and ability to work both independently and collaboratively.
• Fluency in spoken and written English.

• Relevant professional certifications.
• Knowledge of the IEC 62443 standard.
• Experience with hardware exploitation, side-channel analysis, or IoT security.
• Strong curiosity and interest in emerging security technologies and attack techniques.

Selections are made on an ongoing basis, so we recommend that you apply as soon as possible.