Application Guide
How to Apply for Product Security Expert
at Wartsila
🏢 About Wartsila
Wärtsilä is a global leader in innovative technologies and lifecycle solutions for the marine and energy markets, uniquely positioned to drive the transition towards a decarbonized and sustainable future. Working here means contributing to cutting-edge automation and control systems that power critical infrastructure, with a strong commitment to environmental responsibility.
About This Role
As a Product Security Expert, you will be the go-to authority for cybersecurity in engine power plant automation and control systems, directly shaping product features to meet rigorous standards like IEC 62443 and EU CRA. Your work ensures that Wärtsilä's products remain compliant, competitive, and secure, making a tangible impact on global energy sustainability.
💡 A Day in the Life
Your day might start with a review of the latest vulnerability disclosures affecting industrial control systems, then a meeting with the development team to discuss security feature implementation for a new power plant automation release. Later, you could prepare a training session for sales engineers on the EU CRA requirements, followed by a risk assessment of a legacy product against IEC 62443.
🚀 Application Tools
🎯 Who Wartsila Is Looking For
- An experienced professional with a Master's or Bachelor's in CS, EE, IT, or automation engineering, and deep knowledge of OT product security requirements.
- Expertise in cybersecurity standards and legislations such as IEC 62443, NERC CIP, NIS2, and the EU Cyber Resilience Act, with the ability to translate them into actionable development roadmaps.
- Proven experience in product security, vulnerability handling, and implementing security features in an industrial company context.
- Strong communicator with excellent presentation skills, fluent in English, and capable of training diverse stakeholders on complex security topics.
📝 Tips for Applying to Wartsila
Highlight specific experience with IEC 62443 and EU CRA compliance in your resume and cover letter, using concrete examples of how you've implemented these standards.
Emphasize your work on OT/ICS security rather than just IT security, as this role focuses on operational technology in power plants.
Showcase your ability to translate regulatory requirements into product roadmaps by describing a past project where you drove security features from concept to delivery.
Tailor your CV to include keywords like 'vulnerability handling', 'product security', 'automation systems', and 'cyber legislation' to pass ATS filters.
Prepare a brief portfolio or case study of a security implementation you led, demonstrating your hands-on experience with automation control systems.
✉️ What to Emphasize in Your Cover Letter
["Your passion for advancing decarbonization and sustainability through secure technology, aligning with Wärtsilä's mission.", "Specific expertise in IEC 62443 and EU CRA, and how you've applied these standards to industrial automation products.", 'Your ability to bridge the gap between security requirements and product development, ensuring both compliance and market competitiveness.', 'Your experience training and supporting cross-functional teams (sales, engineering, project delivery) on cybersecurity topics.']
Generate Cover Letter →🔍 Research Before Applying
To stand out, make sure you've researched:
- → Familiarize yourself with Wärtsilä's Energy Business and their specific automation and control systems (e.g., Wärtsilä Automation System (WAS) or similar).
- → Read Wärtsilä's latest sustainability report and note their targets for decarbonization and how cybersecurity supports those goals.
- → Review recent news about Wärtsilä's product launches or partnerships in the energy sector to understand their market position.
- → Study the key requirements of the EU Cyber Resilience Act (CRA) and how it applies to industrial control systems.
💬 Prepare for These Interview Topics
Based on this role, you may be asked about:
⚠️ Common Mistakes to Avoid
- Focusing too much on IT security (e.g., network firewalls, endpoint protection) without demonstrating OT/ICS-specific experience.
- Being vague about standards compliance; instead, provide concrete examples of how you've applied IEC 62443 or similar.
- Failing to mention your ability to communicate with non-technical stakeholders, which is critical for this cross-functional role.
📅 Application Timeline
This position is open until filled. However, we recommend applying as soon as possible as roles at mission-driven organizations tend to fill quickly.
Typical hiring timeline:
Application Review
1-2 weeks
Initial Screening
Phone call or written assessment
Interviews
1-2 rounds, usually virtual
Offer
Congratulations!