MCPNew: now works with Claude & AI assistants
codvo-team

codvo-team

CRA Lead – Secure Software Development

Company

codvo-team

Role

CRA Lead – Secure Software Development

Location

Hyderabad, Telangana, India

Job type

Full-time

Found on Mokaru

1 week ago

Share this job

Salary

Not disclosed by employer

Job description

CRA Lead – Secure Software Development Reports To: CRA Practice Lead Department: Cyber Resilience & Compliance Engineering

About Us

At Codvo, we are committed to building scalable, future-ready data platforms that power business impact. We believe in a culture of innovation, collaboration, and growth, where engineers can experiment, learn, and thrive. Join us to be part of a team that solves complex data challenges with creativity and cutting-edge technology.

About the Role We are seeking a CRA Lead to establish and scale a cross-platform, cross-technology development and testing practices aligned with the EU Cyber Resilience Act (CRA). This role will focus on enabling secure-by-design software development, continuous compliance testing, and codebase certification across a wide range of technologies, platforms, and deployment models (cloud, edge, embedded, on-prem).

Key Responsibilities Practice Leadership

  • Execute the vision, strategy, and operating model for a CRA-aligned secure development and certification practice.
  • Build and lead a high-performing team across secure development, compliance testing, and DevSecOps.
  • Collaborate with product, legal, and security teams to interpret CRA requirements and embed them into engineering workflows. Secure Development & Architecture
  • Establish secure-by-design principles across diverse technology stacks (e.g., web, mobile, embedded, cloud-native, edge).
  • Drive adoption of secure SDLC practices including threat modeling, secure architecture reviews, and secure coding standards.
  • Ensure integration of security controls across heterogeneous environments and third-party components. Compliance & Certification
  • Operationalize CRA-aligned testing and documentation processes across all software delivery pipelines.
  • Lead the implementation of automated compliance checks, SBOM generation, and vulnerability management.
  • Ensure traceability, audit readiness, and conformity assessment support for CRA and related regulations (e.g., NIS2, ISO 27001). Tooling & Automation
  • Implement a technology-agnostic toolchain for secure development, testing, and compliance automation.
  • Integrate security and compliance tooling into CI/CD pipelines across multiple platforms and languages.
  • Promote reuse of security patterns, templates, and automation assets across teams. Stakeholder Engagement
  • Act as the technical authority on CRA compliance for internal teams, partners, and clients.
  • Support pre-sales, solutioning, and proposal development for CRA-related services.
  • Represent the practice in regulatory, industry, and standards forums. Required Skills & Experience
  • 7-10 years of experience in software engineering, cybersecurity, or compliance, with at least 2 years in a lead/senior role.
  • Proven experience in secure software development across multiple platforms (e.g., cloud, mobile, embedded, edge).
  • Good understanding of cybersecurity regulations including CRA, NIS2, and global standards
  • Hands-on experience with secure SDLC, DevSecOps, and software composition analysis (SCA) tools.
  • Familiarity with SBOM standards (e.g., SPDX, CycloneDX) and vulnerability disclosure processes.
  • Excellent communication, leadership, and stakeholder management skills. Preferred Qualifications
  • Bachelor’s or Master’s degree in Computer Science, Cybersecurity, or related field.
  • Experience working in regulated industries (e.g., MedTech, Industrial, Automotive, Fintech).
  • Exposure to open-source governance, third-party risk management, and secure supply chain practices. Why Join Us?
  • Lead a pioneering practice at the intersection of cybersecurity, compliance, and software engineering.
  • Work on high-impact projects across industries and platforms.
  • Collaborate with a world-class team across AI, Edge, Cloud, and IoT domains.
  • Be part of a mission to build resilient, compliant, and trustworthy digital systems.
Resume ExampleCover Letter Example