Senior Engineer - Product Cybersecurity Location:Novi, MI, USA

TROY, MI

100,000 - 200,000

Job Description:

Qualifications:

  • Knowledge of ISO 21434 is required
  • Solid background in systems engineering, electrical hardware engineering, or software engineering in the Automotive or Aerospace industry
  • Strong experience with CAN protocol is required
  • Experience with Ethernet is required
  • Knowledge of basic cryptography is required
  • Comfortable leading work with technical processes
  • Excellent communication skills; ability to explain technical concepts to other engineers
  • Working knowledge in structured engineering approach
  • Working knowledge in development of portable, reusable and modular solutions in an automotive environment
  • Experience in using a disciplined product development process based on ASPICE or CMMi process model
  • Experience using configuration management (preferably PTC/MKS), project monitoring and control techniques
  • Troubleshooting and debugging skills
  • Knowledge of structured problem solving (8D) methods and/or techniques
  • 4-8 years\' relevant product and or technology experience regarding the Responsibility/ Activities (listed above) for automotive electronics serial development projects (mandatory)

Responsibilities:

  • The senior product cybersecurity engineer leads the cyber security activities for serial production programs, and provides assistance to the program team in delivering the work products of the security case and in complying with ISO 21434
  • Lead cyber security activities in core or application programs in compliance with ISO 21434 and Magna cyber security development process in collaboration with the program manager
  • Lead Threat Analysis and Risk Assessment (TARA) in collaboration with other functional engineers, and lead the team for TARA updates
  • Lead Security Concept development
  • Lead Security Requirement development, Security Requirement review, and work closely with functional engineers to ensure the execution of these requirements
  • Guide software engineers in vulnerability analysis (static code analysis, known vulnerability analysis) and support tracking cyber security implementation issues based on the vulnerability analysis
  • Support verification engineer in security verification test and its vulnerability management
  • Lead fuzz testing activities and related vulnerability management
  • Support penetration testing activities and related vulnerability management
  • Mentor and coach other cybersecurity engineers within the team
  • Provide guidance and support in the incident response team
  • Support incident response activities as assigned
  • Support awareness cultivation of incident response in the engineering team
  • Keep close awareness of cyber security incidents in relative industries and report incident when applicable through the incident response process
  • Provides guidance and support to the program team in the development of their work products per the security case in compliance with ISO 21434
  • Supports the Cyber Security Manager in the development of the Security Concept with the customer
  • Develops and owns the cyber security program plan in collaboration with the program manager
  • Provides guidance to the program team in the usage of ME\'s cyber security processes, templates, and guidelines as stated in GPEP
  • Help GPEP process owners in continuous improvement efforts by suggesting constructive feedbacks regarding the processes, templates, and guidelines
  • Supports the SW tools qualification process in support of the program in collaboration with the quality team
  • Provides coaching to the program team in the interpretation of the relevant clauses of ISO 21434; solicits support from the cyber security manager in this area as necessary
  • Tracks the program\'s cyber security issues and drives for their closure (vulnerability management)


Share Profile