Expert, Automotive Security

Job Purpose:

Automotive Security Engineer, Architect or Expert is accountable to deliver Vehicle programs in compliance with relevant automotive cybersecurity regulations and standards, including interactions with internal and external stakeholders.

Key Accountabilities:

Key Responsibilities, including but not limited to:

• Automotive Cybersecurity Architecture: Design and implement robust automotive cybersecurity architectures for automotive systems, ensuring the integrity, confidentiality, and availability of critical vehicle functions.
• Threat Analysis and Risk Assessment: Conduct thorough threat analyses to identify potential cybersecurity risks in vehicle components and systems. Perform risk assessments and develop strategies to mitigate vulnerabilities.
• Security Testing: Plan and execute cybersecurity testing, including penetration testing, vulnerability assessments, and code reviews. Collaborate with cross-functional teams to address and remediate identified vulnerabilities.
• Secure Communication Protocols: Develop and implement secure communication protocols for in-vehicle networks, ensuring the protection of sensitive data and preventing unauthorized access.
• Incident Response: Establish and maintain incident response plans for cybersecurity incidents. Investigate and analyze security incidents and implement corrective actions to prevent future occurrences.
• Compliance and Standards: Stay abreast of industry cybersecurity standards and regulations. Ensure that automotive systems comply with relevant cybersecurity standards and work towards obtaining certifications.
• Collaboration: Collaborate with software engineers, system architects, and other stakeholders to integrate cybersecurity measures into the entire vehicle development lifecycle.
• Documentation: Ensure clear and effective documentation management and retention to demonstrate compliance to relevant cybersecurity standards.
• Reviews and reporting: Review engineering design against cybersecurity requirements and advise modifications/solutions for non-compliant items.
• Training and knowledge sharing: Develop training programs and materials to raise awareness of cybersecurity best practices among team members. Provide guidance on secure coding practices and cybersecurity principles.

Qualifications, Experience, Skills & Competencies:

Education:

• Master of science in Electrical/Computer Science Engineering or other related field, and/or equivalent post-graduate qualification from a recognized university.

Skills & Competencies:

• Thorough understanding (breadth and depth) of automotive cybersecurity products development in compliance with standards and regulations.
• Strong communication and conflict resolution skills.
• Problem solving with positive mindset.
• Strong understanding of automotive cybersecurity principles, protocols, and standards.
• Experience with threat modelling, risk assessment, and vulnerability analysis.
• Proficiency in programming languages such as C, C++, or Python.
• Familiarity with in-vehicle network protocols (CAN, Ethernet, etc.).
• Knowledge of secure coding practices and software security best practices.
• Excellent problem-solving and analytical skills.
• Effective communication and collaboration skills.
• Pragmatic attitude to compliance without falling into the strict application by the book.
• Strong work ethics and professional attitude.
• Automotive industry certifications such as Automotive SPICE, ISO 21434, UNECE regulation R155are a plus.

Minimum Experience:

• 5 10 years relevant experience in automotive domain, including at least 5 years in cybersecurity.