Address
Form of workJob Description
Mission
The CyberSecurity Engineer develops expertise around Cyber Security in order to feed Group
system standards, methodology and tool strategy. The role of CyberSecurity Engineer is defined for a system or a component project having at least one cybersecurity requirement where the cybersecurity process must be applied and to analyse existing cybersecurity applications, concepts and architecture of platforms. This role is responsible for all technical activities of the cybersecurity process.
Responsibilities
Qualifications
Education
Bachelor's degree in Electrical Engineering/Systems Engineering/Computer Engineering/Computer Science.Preferred Qualification:
The CyberSecurity Engineer develops expertise around Cyber Security in order to feed Group
system standards, methodology and tool strategy. The role of CyberSecurity Engineer is defined for a system or a component project having at least one cybersecurity requirement where the cybersecurity process must be applied and to analyse existing cybersecurity applications, concepts and architecture of platforms. This role is responsible for all technical activities of the cybersecurity process.
Responsibilities
- Tailor and comply with the CyberSecurity product lifecycle process to achieve J3061, UNECE WP29 R155 and R156 and ISO/SAE 21434 compliance according to project and customer requirements.
- Support conversation, elicit Cybersecurity Requirements with customers and internal stakeholders, and assure consistent cyber security requirements understanding.
- Working with customers and internal stakeholders to develop ADAS product Cybersecurity system/architecture requirements.
- Support cybersecurity teams where applicable across supplier, R&D, Manufacturing and Customer OEMs to ensure needs and requirements are known, understood and communicated.
- Ensure all applicable cybersecurity methodologies, processes and guidelines are being followed correctly in the project and that product meets all cyber security requirements for the project from design to production, and until decommissioning.
- Ensure the solution is feasible, does not affect product core functions, testable and fits to customer requirements and in line with standard solutions.
- Create following project working packages following product CyberSecurity methodology:
- [System] CyberSecurity Risk Analysis (SeRA)
- [System] CyberSecurity Concept (SeCo)
- [System] CyberSecurity Tests Execution
- [System] CyberSecurity Incident Management
- [System] CyberSecurity Tests Plan and Preparation
- production cybersecurity requirements (interface with IT/IS teams)
- corrective tasks for post-production incident management
- Coordinate with the Functional CyberSecurity Manager from the project for all the other project CS working packages. Based on the complexity of the project you might be required to fill up the role as cybersecurity manager.
- Carry out technical security analysis as part of cybersecurity solution development.
- Work closely with Product Testing groups to ensure that the Cybersecurity mechanisms are testable in development, production and post production phases and support regular security audits.
- Participate to internal/external Cyber security reviews and Cyber security formal review with the Functional CyberSecurity Assessor (FSeA)
- Participate to monitoring project Cyber security requirements implementation / testing progress / reviews status
- Develop and understand the required product hardware and software component elements from suppliers and work closely with suppliers to understand cybersecurity technology roadmaps. i.e. embedded HW elements for Cybersecurity functions, HTAs, Knowledge of embedded SW elements as part of cybersecurity solutions.
- Participate on demand to automotive internal/external cyber security working groups for the definition of cybersecurity process standards.
Qualifications
Education
Bachelor's degree in Electrical Engineering/Systems Engineering/Computer Engineering/Computer Science.Preferred Qualification:
- Master’s degree in Electrical Engineering/Systems Engineering/Computer Science.
- Currently active cybersecurity certification.
- Experience in Software Quality and process ( e.g., ASPICE, CMMI, IATF16949).
- Systems engineering, architecture or electronic product development experience (understanding of embedded
- architecture, development, design principles).
- Minimum 2+ year’s industry experience.
- Aware of State of Art in Embedded Security with knowledge of Industry Standards, eg. Knowledge of SAE J3061,
- UNECE WP 29 R155 & R156, ISO/SAE AWI 21434.
- Knowledge in embedded cybersecurity
- specification of security controls
- system hardening
- secure coding, including the development of security mechanisms (e.g. firewall, boot sequence, OTA updating, access controls)
- Embedded product knowledge with knowledge of MCU & SoC based systems, ideally, Automotive embedded products.
- Experience in the design of embedded Cybersecurity mechanisms preferred.
- Knowledge of Automotive Vehicle Networks and general electronic automotive products is an advantage but
- Automotive experience is not mandatory.
- International travels: on rare occasions, mainly Germany, Ireland, China, India, Egypt.
