Vacant job

Professional Galaxy is an IT and technology consulting company that provides highly specialized expertise in IT, software development, SAP, purchasing, electronics, and mechanical design. We collaborate with experienced senior experts and deliver strategic value-creating expertise to some of Sweden's most complex and analytically demanding projects. Our focus is always on high quality, professionalism, and clear, measurable results.

Are you the right person for the assignment, or do you want to recommend a strong candidate? Do not hesitate to contact us.

Feel free to apply today, selection and interviews take place on an ongoing basis.

Professional Galaxy is looking for a Product Cybersecurity Verification & Validation Engineer on behalf of our client.

Job summary Within our client's cybersecurity organization, the Product Security Assurance Center (PSAC) is establishing an internal capability for Product Cybersecurity Verification & Validation in accordance with IEC 62443 standards. Operating from Västerås, the center provides centralized security testing and compliance validation for our client's entire global product portfolio. Join us on this journey to build this critical security function.

Your responsibilities: We seek a skilled Product Cybersecurity Verification & Validation Engineer to execute comprehensive product security assurance testing across our portfolio per IEC 62443 standards. You will perform vulnerability testing, penetration testing, protocol stack robustness assessment, and compliance validation while establishing our independent PSAC capability.

This position requires regular on-site presence in Västerås for hands-on security testing in the PSAC laboratory, with remote work flexibility for documentation, analysis, and research activities. Applicants must be flexible to commute to Västerås.

You will be mainly accountable for: Manage full lifecycle of PSAC testing requests, reviewing submitted products for security testing readiness, regulations, and IEC 62443 compliance validation.

Execute comprehensive security test suites including network security testing, vulnerability scanning, web/mobile/embedded/API security testing, SAST/DAST analysis, penetration testing, and industrial protocol testing.

Conduct vulnerability analysis and in-depth assessment of security findings, generating comprehensive PSAC reports with actionable recommendations for development teams.

Research and evaluate security requirement testing methodologies for cloud platforms, APIs, and emerging technologies; create new test methodologies to address evolving threats. Prepare for potential security requirement testing and threat mitigation testing.

Perform hands-on security testing of robotics products in the PSAC laboratory using specialized equipment for network analysis and embedded systems validation.

Qualifications for the role: - Bachelor's or Master's in Cybersecurity, Computer Engineering, or related field. - 5+ years of hands-on experience in security testing, penetration testing, or vulnerability testing, preferably in industrial automation, robotics, or embedded systems. - In-depth knowledge of TCP/IP networking, application protocols, and industrial control communication protocols.

Proficiency with security testing tools: vulnerability scanners, web/mobile/API/Embedded testing tools, penetration testing frameworks, network analysis, and SAST/DAST tools.

- Strong understanding of OWASP Top 10, SANS 25 vulnerabilities - Experience with embedded systems security, and IoT/OT security. - Knowledge of industrial protocols (EtherNet/IP, PROFINET, OPC UA), and cryptographic protocols (SSL/TLS). - Programming/scripting proficiency for test automation. - Excellent technical writing skills and ability to work independently and collaboratively. - Verbal and written fluency in English.

Additional Merits: - Professional certifications - Knowledge of IEC 62443 standard.

Demonstrated curiosity and passion for learning emerging security technologies and attack techniques. Experience with hardware exploitation, side-channel analysis, or IoT security.

Other Information:

Assignment Duration: 2026-03-02 till Open

Assignment duration: 1 year

Application Deadline: 2026-02-19

Please apply directly through our system with:

- Your updated CV

- Availability to start the assignment

In the motivation, describe why you are suitable for this assignment - refer to previous consulting assignments, employment, education, and personal qualities.

Please note: We do not accept any applications through mail. All applications have to be sent through the portal to be valid.

Open to all We focus on your skills, not your other circumstances. We are open to adapting the role or workplace to meet your needs.