Dana is a global leader in the supply of highly engineered driveline, sealing, and thermal-management technologies that improve the efficiency and performance of vehicles with both conventional and alternative-energy powertrains. Serving three primary markets - passenger vehicle, commercial truck, and off-highway equipment - Dana provides the world's original-equipment manufacturers and the aftermarket with local product and service support through a network of nearly 100 engineering, manufacturing, and distribution facilities.
This role is responsible for defining Product Cybersecurity Validation strategy, developing test cases and test plans, executing test cases, and working with development teams to address identified issues. Verification and validation are critical steps in product development and the Dana Global Product Cybersecurity team is looking for an SME to help us further strengthen our Cybersecurity Validation practices and execution. This role is an SME in automotive system and component validation with deep domain knowledge in automotive Product Cybersecurity, and will advise the Global Head of Product Cybersecurity on Cybersecurity Validation strategies.
Define Product Cybersecurity testing strategy
Develop Product Cybersecurity testing methodologies
Work closely with Product Cybersecurity, SW and HW engineering teams to understand test requirements
Develop test cases and test plans to ensure coverage of the requirements
Improve and increase test automation
Perform cybersecurity testing from SW, HW, functional, EOL, fuzzing, penetration perspectives
Be the single point of contact person to external penetration testing providers in Product Cybersecurity, supporting the penetration testing needs
Work as an internal red team member to support internal penetration testing needs
Participate in design reviews, requirement reviews, DFMEA, PFMEA
Support root cause analysis of the identified issues
Perform regression testing to ensure issues are fixed
Evaluation and recommend cybersecurity test tools and solutions
Summarize lessons learned and feed back to the design team
Follow ISO/SAE 21434 standard processes and create validation reports
Education and Qualifications
Bachelor of Science in Computer Science, Computer Engineering, Electrical Engineering, or other related fields
Master's degree in computer science, Computer Engineering, Electrical Engineering, or other related fields preferred
7+ years of automotive system and component verification and validation experience
3+ years of Product Cybersecurity experience in automotive, embedded systems, cyber-physical systems, or a relevant industry is highly desired
Experience in HSM, SHE, TPM, hardware security solutions, microcontroller architecture highly desired
SW development, testing, verification, and validation highly desired
Fuzz testing, penetration testing, testing automation, end of line testing highly desired
Secure boot, secure diagnostics, secure access, ECU hardening, OS security, code signing, cryptography, message authentication, vulnerability analysis, SW reflash, reverse engineering highly desired
Experience in automotive test tools such as CANoe, VectorCAST, Lauterbach, PiSnoop, automotive fuzzers, penetration testing tools
Understanding of ISO/SAE 21434, UNR155/156, NIST Cybersecurity Framework highly desired
Experience in automotive communication protocols (e.g., CAN, CAN FD, Ethernet, IP, PLC, etc.) and automotive microcontroller architectures highly desired
Willingness to create order from ambiguity
Creative problem solver
Highly resourceful and efficient
Ability to work within tight design constraints
Flexibility in assisting where needed, when needed technically
Able to make decisions independently with appropriate level of consultation/communication.
Strong communication skills, both oral and written, at all levels
Commitment to the highest standards of ethical behavior in self and others
Commitment to inclusion and diversity
Ability to travel domestically and internationally as required (5% of travel)
Able to effectively interface with other disciplines in the organization to achieve results
We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class.
Unsolicited Resumes from Third-Party Recruiters
Please note that as per Dana policy, we do not accept unsolicited resumes from third-party recruiters unless such recruiters were engaged to provide candidates for a specified opening. Any employment agency, person or entity that submits an unsolicited resume does so with the understanding that Dana will have the right to hire that applicant at its discretion without any fee owed to the submitting employment agency, person or entity.