Senior Engineer - Product Cybersecurity Location:Novi, MI, USA
Senior Engineer - Product Cybersecurity Location:Novi, MI, USA
Location : TROY, MI
Posted on : 09-08-2023
Job Type : Full Time only
Salary : 100,000 - 200,000
Job Description:
Qualifications:
Knowledge of ISO 21434 is required
Solid background in systems engineering, electrical hardware engineering, or software engineering in the Automotive or Aerospace industry
Strong experience with CAN protocol is required
Experience with Ethernet is required
Knowledge of basic cryptography is required
Comfortable leading work with technical processes
Excellent communication skills; ability to explain technical concepts to other engineers
Working knowledge in structured engineering approach
Working knowledge in development of portable, reusable and modular solutions in an automotive environment
Experience in using a disciplined product development process based on ASPICE or CMMi process model
Experience using configuration management (preferably PTC/MKS), project monitoring and control techniques
Troubleshooting and debugging skills
Knowledge of structured problem solving (8D) methods and/or techniques
4-8 years\' relevant product and or technology experience regarding the Responsibility/ Activities (listed above) for automotive electronics serial development projects (mandatory)
Responsibilities:
The senior product cybersecurity engineer leads the cyber security activities for serial production programs, and provides assistance to the program team in delivering the work products of the security case and in complying with ISO 21434
Lead cyber security activities in core or application programs in compliance with ISO 21434 and Magna cyber security development process in collaboration with the program manager
Lead Threat Analysis and Risk Assessment (TARA) in collaboration with other functional engineers, and lead the team for TARA updates
Lead Security Concept development
Lead Security Requirement development, Security Requirement review, and work closely with functional engineers to ensure the execution of these requirements
Guide software engineers in vulnerability analysis (static code analysis, known vulnerability analysis) and support tracking cyber security implementation issues based on the vulnerability analysis
Support verification engineer in security verification test and its vulnerability management
Lead fuzz testing activities and related vulnerability management
Support penetration testing activities and related vulnerability management
Mentor and coach other cybersecurity engineers within the team
Provide guidance and support in the incident response team
Support incident response activities as assigned
Support awareness cultivation of incident response in the engineering team
Keep close awareness of cyber security incidents in relative industries and report incident when applicable through the incident response process
Provides guidance and support to the program team in the development of their work products per the security case in compliance with ISO 21434
Supports the Cyber Security Manager in the development of the Security Concept with the customer
Develops and owns the cyber security program plan in collaboration with the program manager
Provides guidance to the program team in the usage of ME\'s cyber security processes, templates, and guidelines as stated in GPEP
Help GPEP process owners in continuous improvement efforts by suggesting constructive feedbacks regarding the processes, templates, and guidelines
Supports the SW tools qualification process in support of the program in collaboration with the quality team
Provides coaching to the program team in the interpretation of the relevant clauses of ISO 21434; solicits support from the cyber security manager in this area as necessary
Tracks the program\'s cyber security issues and drives for their closure (vulnerability management)