Product, data, and intellectual property security are a fundamental need within the automotive industry. It’s a broad topic that reaches into many parts of the organization. Within the Bose Automotive Systems Division, we are searching for a Security Champion that will lead our ongoing adoption and implementation of cybersecurity measures and will coordinate this effort across the enterprise. This role serves as a point of contact between our management teams, Bose’s Information Security team, and our customers to drive and be the communication link on all security activities.
The responsibilities of the Security Champion will include:
Overall ownership of ASD security maturity roadmap
- Lead ASD change management expert as the Cyber Security and Automotive industry evolves and as ASD adopts new industry certifications and vehicle methods (autonomy, electrification, connected, shared).
- ASD subject matter expert in understanding OEM RFQs Cyber Security considerations and requirements – including security policies, standards, processes, and guidance provided by GIS to product engineering organizations for adoption.
- Assess new requirements against our industry standards to determine if requirements are covered by our adopted industry standards or need either remediation or negotiating requirements exceptions.
- Communicate with Customer Teams and Customers on ASD’s response to Customer requests and requirements
- Act as primary point of contact between Global Information Security (GIS) / Security Engineering, for the purposes of communication of security policies, standards, processes and guidance from GIS on newly identified security threats and vulnerabilities, and security industry news that may impact the development community, and the product engineering organization(s) they represent
- Notify GIS through the appropriate process(es) of any event or situation which impacts the security of a Bose product, service offering, or engineering organization
- Notify GIS through the appropriate process(es) of new programs or significant changes in existing programs (so GIS may take appropriate action such as re-assignment of resources)
- Provide security expertise and guidance to product engineering teams during investigation of a vulnerability or incident
- Act as the primary input liaison for new Cyber Security and Data Protection Customer requirements
- Attend security-specific conferences and training seminars as necessary and complete any required security training to meet programs goals and objectives; a Champion is encouraged to complete any recommended training offerings
- Respond within defined Service Level Objectives (SLOs) to requests for information to vulnerability reports or security incident reports from GIS under the Product Security Vulnerability Response / Corporate Incident Response processes
- Ensure that the regular cadence of Cyber Security deliverables (policy reviews, audits, assessments, other regularly occurring deliverables) are adhered to across the ASD enterprise.
The qualities of the ASD Security Champion that are ideal for this role include:
- Hold a Bachelor of Science in Engineering and a minimum of 8 years’ experience in electronics design, software development, mobile applications, or similar positions.
- Senior engineering development and/or leadership experience with automotive electronic modules with a background in hardware or software engineering.
- A respected and strong performing member of a development organization with a proven track record of delivering on commitments
- Strong project management capabilities to lead an exercise or project with distributed resources
- Strong experience and general knowledge in the automotive product development industry
- While prior security experience is recommended but not required, the ability to complete, understand, and put into practice security training and guidance is expected