Cyber Security Lead/Manager

Nature of Experience:

(in years):

• Engineering candidate shall have 3 to 5 years of experience in ISO/SAE 21434, WP.29, UNECE R155 and R156.

• Knowledge of security methodology and terminology

Behavioral Competencies:

• Candidate shall have innovative and out of box thinking

• Candidate shall have positive attitude and team player

• Candidate shall adapt to work environment

• Ready to travel for Plant location in case of need basis

• Candidate shall be capable of handling ad-hoc requests from different departments and Suppliers

• Efficient grasping and to work in challenging environment

Functional Competencies:

Expert Knowledge in the below specified areas:

• Automotive cyber security regulations and standards such as UNECE R155, ISO/SAE 21434 and ASPICE for cyber security.

• Shall support and provide expert knowledge in the analysis of Cybersecurity requirements from the customer.

• Work inline with the OEM, Supplier and Internal Project team in preparation of the Cyber Security Development Plan.

• Shall be expert in Threat analysis and risk assessment (TARA), Threat modelling.

• Shall be expert in Technical Security concept and Software Security concept requirement analysis and Implementation based on the micro controller(Secure-On board communication, Secure debug, Secure Log, Secure Coding, Secure boot, Secure Access, Secure Update and Interface protection etc. )

• Shall Support within verification of Cybersecurity concepts (DOORS or Requirement management tool)

• Support to production side to ensure that Cybersecurity concepts achieved through production

• Good understanding of HSM, cryptographic libraries, True Random number generator, Signing (ECDSA, RSA).

• Good understanding on Automotive OS, ARM Trusted Firmware.

• Good Knowledge in Crypto terminologies like encryption (AES, ECC), signing (ECDSA, RSA), Hash (SHA-256).

• Efficient collaboration with Project Management, Quality Department and Functional Safety Management.

• Efficient Management of Cybersecurity Vulnerabilities Cyber Security Incident Responses during and after SOP.

• Shall be accountable for the documentation in the project to achieve cyber security compliance such as cyber security plan, cyber security case.

• Support for the Penetration testing and Fuzz testing activities.

• Shall be responsible for cyber security vulnerabilities, cyber security incident responses during and after SOP

• Shall Support Third party, Internal audits and assessments of cyber security work products and processes.

• Shall be responsible for the Peer review and quality of the work products.