We are supporting a leading international organisation seeking an experienced IoT Product Security Architect to help secure connected products and embedded systems across the product lifecycle.

This is a hands-on role combining IoT architecture, product security, embedded security testing, and Secure by Design principles. You will work closely with engineering teams to assess risks, identify vulnerabilities, and improve the security posture of connected devices.

Key Responsibilities

•Perform security assessments of IoT and embedded devices, identifying vulnerabilities and areas for improvement

•Conduct firmware, protocol, and software/hardware security analysis

•Carry out penetration testing of embedded systems and connected devices

•Perform threat modelling to identify attack surfaces and risk scenarios

•Define and validate Secure by Design requirements across the product lifecycle

•Review IoT architectures, cloud integrations, authentication mechanisms, and update processes

•Support engineering teams in remediation and security best practices

•Assess alignment with recognised standards and frameworks

Requirements

•5+ years’ experience in Cyber Security

•Strong experience securing IoT and embedded devices

•Hands-on experience in firmware analysis, protocol analysis, and embedded penetration testing

•Knowledge of IoT architectures and protocols including BLE, WiFi, MQTT, and JTAG

•Strong Threat Modelling and Security Assessment experience

•Familiarity with standards such as IEC 62443, ETSI EN 303 645, and NIST IoT guidance

•Strong English communication skills

•Italian language skills beneficial but not essential

Nice to Have

Experience or certifications such as: OSCP, OSEP, GPEN, GXPN, GICSP, CISSP, CISM, or IEC 62443.