Cyber Security Engineer Location Troy, MI Direct / Long Term
Job Description:
Qualifications
- Must be a team player, highly motivated, must demonstratea high degree of confidentiality, discretion, integrity, and professionalism inall aspects of the job
- Ability to set and manage priorities judiciously
- Excellent written and oral communication skills
- Strong negotiating skills
- Excellent interpersonal skills
- Ability to present ideas in business-friendly anduser-friendly language
- Exceptionally self-motivated and directed
- Superior analytical, evaluative, and problem-solvingabilities
- Ability to motivate in a team-oriented, collaborativeenvironment
- University degree in the field of Cyber Security, RiskManagement or comparable work experience
- 5 years’ experience managing and/or directing a securitygoverning function
- 5 years’ experience working in the automotive industry
- Proven experience in planning and executing security riskmanagement
- Planning, organizing, and developing automotive CyberSecurity (ISO21434)
- Excellent knowledge of information security industrystandards (ISO/IEC27001) NIST Cyber Security Framework
- Considerable knowledge of IT cyber security tools andstandards
- Considerable knowledge of business theory, businessprocesses, management, budgeting, and business office operations
- Substantial exposure to data processing, hardwareplatforms, enterprise software applications, and outsourced systems
- Experience with systems design and development frombusiness requirements analysis through to day-to-day management
- Excellent understanding of project management principles
- Demonstrated ability to apply Risk Management in solvingsecurity challenges
- In-depth knowledge of applicable laws and regulations asthey relate to security
- Understanding of ANSI, SAE, QS-9000 and otherindustry/customer related standards
- Must be able to travel internationally on an occasionalbasis
Responsibilities
- The Cyber Security Risk Management role is to providevision and leadership for developing and supporting Cyber Security RiskManagement initiatives to protect Magna Corporate information assets, as theyare stored, processed or transported by means of an Information System
- They will work closely with the Director InformationSecurity and the Manager Cyber Security Architecture to align with corporaterequirements
- This individual is also responsible for directing thedevelopment and administration of the Cyber Security Risk Management policy,and related activities, and standards
- Define cybersecurity risk management on vehicle levelwith damage scenarios, relevant stakeholders, impact categories andrelated products
- Develop, specify and check security requirements
- Identify potential risks
- Analyze potential risks and evaluate risks
- Derive cybersecurity goals and requirements from theoutcomes of risk evaluation and assessment
- Ensure consistency between the risk assessment,cybersecurity goals and cybersecurity requirements
- Communicate agreed cybersecurity goals and cybersecurityrequirements to all affected parties
- Define risk treatment option
- Refine the details of the architectural design based oncybersecurity goals and cybersecurity requirements
- Allocate the cybersecurity requirements to one or moreelements of the architectural design
- Monitor risks and develop a risk treatment verificationand integration strategy
- When relevant changes to risks are identified, initiateand follow up appropriate corrective action
- Set up Cybersecurity Management System as required perISO/SAE 21434
- Ensure the effective implementation of cybersecurityacross the vehicle life-cycle with managers and developers
- Coordinate relevant documents/work products to fulfillthe ISO standard
- Plan and track all Cybersecurity activities according tothe defined project processes
- Stay connected and up to date on newest cybersecuritythreats and vulnerabilities
- Define cyber security requirements for production andmaintenance phase of vehicle
- Required Responsible for working in compliance with the provisionsof the Health and Safety Act as well as any rules orstandards