Product Cybersecurity Engineer - Intermediate - 9667

Onward Search

$80K — $121K *

clock More than 8w ago

compensation-icon

Less than 5 years of experience

bookmark empty
report an issue with job

Job Description

Job Title: Product Cybersecurity Engineer - Intermediate - 9667
Location: Windsor, Ontario
Remote
(although if they can come to CTC in Auburn Hills, MI area on an advanced planned / pre-scheduled basis that would be great!)

Pay Range:

Description:

The Cybersecurity engineer will design cybersecurity measures and define cybersecurity specifications for organization's Vehicle systems, ECU's and Applications to reasonably protect road users from new cyber-threats arising from fast evolving vehicle functions and features.

This position will monitor and check the compliance of cybersecurity controls implemented in the organization's products during the entire product development lifecycle.

This position will support suppliers to better understand and implement the organization's cybersecurity requirements.

The core tasks of the Cybersecurity Engineer are summarized here:
• Perform threat analysis including impact and feasibility to identify gaps in cybersecurity controls for vehicle systems, ECU's and Applications
• Capable of conceptualizing, defining, designing and implementing security systems and architectures
• Elicit cybersecurity requirements to provide system requirements in order to satisfy customers aligned with regulations and corporate cybersecurity policy.
• Review the supplier design and implementation to ensure that security controls are reasonably planned for implementation according to the organization's requirements.
• Understand and interact with key stakeholders to ensure the consistent application of policies and standards across all technology projects, systems and services
• Provide clear risk mitigating directives for Connected vehicles, systems, and applications
• Respond to supplier inquiries about requirements and compliance to them
• Performing assessments and analyzing threats and attacks
• Work with DRE's and Application owners to mitigate risk and submit change requests

Requirements:
*Drivers license is a must have with a clean driving record.
If a company vehicle is available for demo/testing purposes and there is a business need, we will provide it.
• Bachelors from EE, Math, Computer Science , Cybersecurity or other scientific degrees with 3 years of experience around software /firmware development and/ or ECU development within the automotive industry
• Minimum of 3 years of cybersecurity related experience (e.g., security research, system exploitation, cybersecurity engineering)
• Professional security certifications are desirable, such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Certified Automotive Security Engineer (CASE) , or other similar cybersecurity related certifications

TECHNICAL SKILLS (required)
• Good knowledge of X.509 digital certificate standard and Public Key Infrastructure (PKI) management
• Good Knowledge of symmetric and asymmetric cryptographic algorithms (e.g., AES, RSA, ECC) and certificate-base d identity
• Good knowledge of common security patterns (e.g., authentication, authorization, separation of privileges, sandboxing, need to know, separation of duties)
• Good knowledge ofsecurity protocols (e.g., TLS, SSH)
• Good knowledge of software vulnerability assessment of ECU firmware and Android apps
• Good knowledge of performing cybersecurity Threat and Risk Analysis (TARA) (e.g., STRIDE) for vehicle system ( e.g. , CAN bus , ethernet, Electronic Control Units (ECU), and ECU firmware and application s )
• Good knowledge of Connected Vehicle Cybersecurity
• Good knowledge of certificate-based identity
• Good Basic knowledge of automotive operating systems (e.g., AutoSAR Classic and Adaptive, QNX, Linux, Android) and middleware
• Basic knowledge of Connected Application integrations (Legato App framework, Automotive Android, QNX)
• Basic knowledge of programming in a high-level language (e.g., C/C++, Java, Python, Kotlin)
• Basic Good knowledge of programming in a scripting language (e.g., jscript, bash)
• Go od knowledge of writing clear, well-formed cybersecurity requirements

TECHNICAL SKILLS (preferred)
• Basic knowledge of security software scanning tools (e.g., Fortify by Opentext)
• Basic knowledge of Connected Vehicle experience
• Basic knowledge of vehicle application/firmware update operations over-the-air (OTA)
• Good knowledge of ISO 21434: Road Vehicle - - Cybersecurity Engineering
• Basic know ledge of ISO 15118 -2 - Vehicle-to-Grid Communication Interface (Plug-and-Charge onboard electric vehicle payment service )
• Good knowledge of Service Oriented Architecture design pattern and paradigm
• Basic knowledge of DOORS requirements tool , Jira issue tracking tool

COMMUNICATION SKILLS (required)
• Ability to communicate using online collaboration tools in multicultural teams
• Good self-organization and analytical skills
• Strong skills in technical writing and presenting
• Good Strong verbal and written proficiency in English

Additional Information / Must Have's:

a. Deep understanding of Cybersecurity controls applicable to Embedded Systems and Electronic Control Units (ECU's)
b. Threat and Risk Assessment awareness or experience (Risk = Impact X Feasibility) where Impacts are viewed from the view of the Road User on Safety, Operational, Financial and Privacy.
c. Awareness/ability to understand vulnerabilities in SW and HW for how these affect the vehicle in Design phase and Post-Production Phase.
d. Independent thinker and doer. Self-motivated to identify issues and find ways to solve them within the group (solutions are typically an activity for the group to address).

Spectrum = Concept à Requirements à Design à Build à Production Launch à Operations

Please let me know if you have questions. I know this is not an easy search, so I am willing to analyze the amount of training I need to give before the person will be fully effective (stand-alone).
Automotive or "Internet of Things" Engineers that are experienced in Requirements, and Design
Ideally, the person will have strong Cyber experience, but maybe we can train them in this area (if the candidate is interested).

About Onward Technologies Inc

Learn More About Onward Technologies Inc
Onward Technologies is an Indian multinational engineering and IT services company headquartered in Mumbai, India. Onward is a Public Limited Company listed on Bombay Stock Exchange and National Stock Exchange of India Limited. It is an ISO certified organization from TUV-NORD for ISO-9001:2015 and ISO-27001:2013.

Onward has its delivery centers located at Mumbai, Pune, Chennai, Bengaluru & Hyderabad. Sales offices in North America are located in Chicago, Detroit, Cleveland and Toronto. In Europe they have offices in London, Frankfurt and Amsterdam.
stats icon
Total value of jobs:
$26,388,972
stats icon
Total Jobs:
183
stats icon
Average Pay:
$99,581

More Jobs at Onward Technologies Inc

$90K — $120K *

1w ago

• Less than 5 years exp

Information Technology

In-Person

$80K — $110K *

1w ago

• Less than 5 years exp

Information Technology

In-Person

$80K — $110K *

2w ago

• Less than 5 years exp

Information Technology

In-Person

$75K — $95K *

2w ago

• Less than 5 years exp

Information Technology

In-Person

$75K — $95K *

2w ago

• Less than 5 years exp

Information Technology

In-Person

Find similar Cyber Security Engineer jobs: