We are partnering with an American automotive supplier to hire for "Senior Engineer, Product Cybersecurity." Ideal candidate should have experience in a product cybersecurity position or in an embedded systems/software competency with a strong interest in cybersecurity
About the Job
- Forward-thinking about cybersecurity and the needs for the ever-changing automotive industry.
- Plans and implements the cybersecurity activities with a given project with a collaborative team that takes into consideration customer specifications, the cybersecurity process and can bring their own experience into what is needed
- Cybersecurity risk assessments and threat modelling within a product scope and suggests countermeasures appropriate to the project given the technical constraints or operational limitations
- Analyse and determine safety, financial, operational and privacy issues identified in a risk analysis.
- Design and lead the cybersecurity technical solutions as required by the project working with hardware and software teams as needed for the best solutions.Follows and contributes to the secure development lifecycle
- Create a cybersecurity assurance case that provides the argument for the achieved degree of cybersecurity on projects related to cybersecurity
- Drive feature development and provides technical support for hardware and software teams, including, immobilisers/anti-theft devices, Detection Watchdogs manipulation on software or hardware, Secure/ Authenticated/ Trusted Boot methods, Key management best practices within products, SecOC or similar, Secure diagnostics on token-based or other methods, Understanding hardware trust anchors such as microcontroller HSMs, HTAs etc
- Active/Passive Side Channel attacks and countermeasures
- Interfaces with customer on technical cybersecurity issues.
- Follows and keeps up to date with vulnerabilities of our suppliers/customers
- Networks and maintains a high-level of industry knowledge
- Works directly with Cybersecurity Managers to provide cybersecurity support on projects
- Experience in a product cybersecurity position or in an embedded systems/software competency with a strong interest in cybersecurity
- Knowledge of Automotive cybersecurity/Functional Safety standards are strongly advised but not required (e.g.ISO/SAE 21434, WP.29 SUMS & CSMS, ISO26262, NIST)
- Automotive, Aerospace or transportation development experience
- Understanding of public key infrastructure (PKI) in medium to large environments to include key management, digital certificates and digital signatures as these impacts the systems we build.
- Familiarity with automotive network architecture, modules, and protocols (CAN, Flexray etc.) is desired but can be transferrable if there is knowledge of ethernet and or the OSI model.
- Understanding of multi-core embedded microcontrollers that use HTAs (hardware trust anchors).
- Familiarity of module-based architectures such as AUTOSAR.
- Strong communication and analytical skills
- Ability to work independently, take ownership of project deliverables, go above and beyond the task at hand
- Familiarity with Secure Coding practices, processes and methods. This can include some understanding of the dangers of using C, MISRA and CertC if possible.
- Understanding of different types of penetration and fuzz testing and the tools to do this effectively for our products. An idea of which methods to apply in each project is needed.
- Holding cybersecurity certifications such as CISSP, CEH or SANS GMOB/GPEN is advantageous
Feel free to share your resume at geetali.rastogi@cronerstoneglobal partners.com
EA License Number: 19C9859 | Registration Number: R1980793