Requirements Engineer (m/w/d) – Cyber Resilience Act / Cybersecurity

Start : March 15, 2026 Duration : End of 2027 Workload : Full-time Location : Remote For a leading bioprocess technology company, we are seeking an experienced Requirements Engineer with a strong focus on the Cyber ​​Resilience Act (CRA) and cybersecurity . The goal is to refine previously vague requirements into robust functional and non-functional requirements, including derivations from risk assessments and threat modeling . The project takes place in a regulated GMP/GAMP environment .

Tasks

• Provision and maintenance of project-related requirements baselines as well as structured change control
• Derivation and formulation of requirements from CRA , Cybersecurity Risk Assessments and Threat Models
• Workshops and interviews with subject matter experts and stakeholders to gather requirements; creation of structured specifications.
• Ensuring end-to-end traceability (Stakeholder Need? Test Case)
• Close coordination with product owners to refine the scope and minimize risks.

Requirements

• Several years of experience in requirements engineering in a regulated environment
• Sound knowledge of cybersecurity standards (e.g., IEC 62443, ISO 27001) and CRA-related requirements.
• Excellent knowledge of Azure DevOps ; Polarion is an advantage.
• Experience with GMP , GAMP 5 and clean, auditable documentation
• Language: English (must-have) , German (nice-to-have );
  Industry: Experience in medtech/pharmaceuticals/biotech/laboratory automation is desirable but not mandatory (other regulated industries are also possible)