Pen Test Technical Lead Manager- V2

This role would suit someone who has who has 5 years or more experience of hands-on Automotive ECU and Vehicle Penetration Testing is looking for the first move into a management role.

• Lead and build an Automotive Certified Forensic Penetration Test Lab
• Compliance of JLR products with Cybersecurity Penetration Test Processes, Standards and Requirements throughout the Product Engineering Lifecycle
• Build and Run a Certified Forensic Penetration Test Lab to enable Incident Response, Bug Bounty Exercises and comprehensive retest of ECUs and Vehicles in Production.
• Develop Cutting Edge Penetration Test Methodologies and Vulnerability Testing to be flowed into the 1LoD Penetration Test Team, the Hardware in the Loop, (HiLs), and the Vehicle in the Loop, (ViLs) test rigs.
• Governance and Assurance of the 1LoD Penetration Testing Squad within Product Engineering in line with Regulations and Vehicle Type Approval.
• Review of Penetration Test Results report of high/critical risks identified via the risk governance board.
• Monitor and measure company compliance with its Security Penetration Policies and Procedures as well as worldwide standards and laws to ensure organizational compliance.
• Undertake any other work as directed by their line manager in connection with their job as may be requested
• JLR Product Engineering
• Other IT and JLR functions

Essential:

• Proven hands-on Penetration Testing experience and track record of delivery in a field relevant to the role, e.g In-Vehicle Network, (CAN, FLexray, Automotive Ethernet etc.), embedded systems security, threats and attacks within Infotainment, Telematics, Power Train etc.
• Experience of Security Assessment and Penetration Testing Tools within Vehicle Electrical Architecture and external interfaces such as Bluetooth, WiFi, Mobile Communications, etc.
• Experience in developing user-friendly and automated Penetration Testing Methodologies, Tools and Frameworks.
• Proven experience of Vehicle Diagnostics debug interfaces knowledge (i.e. UDS ISO 14229, ASM XCP).
• Experience working with JTAG via multiple types of debuggers e.g. Jlink.
• Low-level Embedded Systems and Electronics experience strongly desirable.
• Ability to plan and execute ECU level & vehicle level Penetration Tests.
• Technical understanding of Automotive cyber security controls at both ECU and Vehicle level.
• An ability to think analytically, rigorously and creatively with a commitment to quality and outstanding results.

Desirable:

• Qualified to degree level in a relevant discipline, or equivalent experience.
• Knowledge of ASpice, ISO21434, R155, R156, R157.
• Previous experience of Autosar Architecture, RTE integration and SecOC.
• Experience working in an agile environment.