Norway Hybrid

AutoStore is hiring a Principal Security Engineer

About the Role

Shape the future of secure robotics systems as a Principal Security Engineer, where you'll serve as the technical leader for end-to-end product security. You'll define and operationalize security standards across hardware, firmware, and cloud software, ensuring robust protection in a high-growth, global automation environment.

What You’ll Do

Establish and maintain secure development practices by translating industry frameworks—such as OWASP, NIST SSDF, and IEC 62443—into practical, risk-based controls integrated into engineering processes.
Design and evolve a scalable, automated Secure SDLC that embeds security into every phase of development without slowing innovation.
Lead threat modeling and risk assessments, converting technical findings into clear, prioritized actions for engineering teams.
Define security architecture for cyber-physical systems, including secure boot mechanisms, device interfaces, and firmware integrity.
Drive compliance with standards including ISO 27001, SOC 2, CIS, and the Cyber Resilience Act, supporting audit readiness and certification efforts.
Implement and integrate security tooling—SAST, DAST, SCA, secret scanning, and firmware analysis—directly into CI/CD pipelines and developer workflows.
Develop security KPIs, review processes, and architectural guidelines while mentoring engineers and advising leadership on strategic security initiatives.

What We’re Looking For

Minimum of 10 years in technical security engineering with a focus on product security strategy.
Proven experience influencing security posture in product-centric organizations.
Experience engaging with executives, auditors, and external partners on security and compliance topics.
Hands-on familiarity with SOC 2, IEC 62443, ISO 27001, or similar compliance frameworks.
Ability to align security requirements with engineering speed and business goals.
Bachelor’s degree in Computer Science, Engineering, Robotics, or a related field.

Preferred Background

Experience in hardware security, robotics, or cyber-physical systems.

Work Environment

This role operates in a hybrid model with locations in Norway and the US, offering flexibility within a structured, collaborative framework. You'll join a stable, rapidly growing multinational that values innovation, inclusion, and employee well-being.

Benefits

One hour per week of paid time for physical activity
Comprehensive health insurance
Generous pension plan
Supportive, international culture that values diverse perspectives
Career development opportunities within a high-growth organization

Required Skills

OWASP ASVSOWASP SAMMNIST SSDFIEC 62443SASTDASTSCASecret scanningFirmware analysisCI/CD integrationProduct security strategySOC 2 complianceISO 27001Security posture improvementExecutive communication OWASP ASVSNIST SSDFIEC 62443ISO 27001SOC 2SASTCyber Resilience ActCISProduct SecurityComplianceSecurity StrategyRisk Management

Landing international contracts?

Invoice globally with an EU company

GloPay creates an Estonian partnership for you automatically. Your clients get proper invoices, you keep 95% of payments. Setup takes 5 minutes, works in 100+ currencies.

EU-registered company for compliance

Multi-currency invoicing & payments

Expense tracking & tax reports

Money in your bank in 1 business day

Start invoicing free

5% per invoice • No subscriptions

About company

AutoStore™ is a global technology company that uses advanced software to automate and orchestrate order fulfillment through robotics. The company’s systems are deployed in nearly 60 countries, helping brands achieve faster order delivery with minimal environmental impact by optimizing speed, efficiency, and floor space usage.

All jobs at AutoStore Visit website

Job Details

Category security

Posted a month ago