Gyala closed a new investment round and accelerates the cyber resilience of critical IT/OT/IoT infrastructures Read

Product Cybersecurity Certification Specialist

Role Description

We are looking for a Product Cybersecurity Certification Specialist to join our team, supporting evaluation activities, preparation, documentation development, and coordination with certification bodies to achieve and maintain product compliance with international standards IEC 62443-4-1, IEC 62443-4-2, and ISO/IEC 15408 (LVS evaluation and OCSI certification).

Key Responsibilities

1. IEC 62443-4-1 Compliance

  • Support the implementation and maintenance of the Secure Development Lifecycle (SDL)
  • Collect evidence and prepare documentation required by evaluators
  • Collaborate with development teams to ensure adoption of security practices (threat modeling, vulnerability management, secure coding, patch process)

2. IEC 62443-4-2 Compliance

  • Analyze security requirements for IACS (Industrial Automation & Control Systems) components
  • Perform technical verification of the product against requirements (authentication, encryption, logging, secure configuration, etc.)
  • Support technical teams in designing compliant security mechanisms
  • Prepare Security Technical Documentation (STIG, STR, conformance matrix, test report)

3. Security Evaluation and ISO/IEC 15408 Certification (Common Criteria)

  • Contribute to the definition and drafting of:
    • Security Target (ST)
    • Security Architecture
    • Evidence for LVS evaluation
  • Interface with evaluation bodies (LVS Lab) and with OCSI/ACN for certification
  • Collect and manage evidence for functional and penetration testing
  • Support GAP analysis against applicable Protection Profiles (PP)

4. Management and Reporting

  • Monitor certification activities and milestones with evaluation bodies
  • Prepare reports for internal teams and management
  • Contribute to internal updates of product security compliance procedures

Requirements

  • Degree in Computer Engineering, Cybersecurity, Electronics, or equivalent
  • Knowledge of standards:
    • IEC 62443-4-1
    • IEC 62443-4-2
    • ISO/IEC 15408 (CC)
    • ISO 27001
    • ISO 9001

Preferred Skills:

Knowledge of:

  • embedded operating systems
  • industrial protocols
  • DevSecOps processes

Soft Skills:

  • Ability to translate regulatory requirements into technical specifications
  • Strong technical documentation writing skills

Location: Rome
Remote: Yes


Gyala is a company operating in the cybersecurity domain through the development and commercialization of a proprietary software solution with high technological and innovative content.

Send your application