Job
Description
Job Title : JD-TARA Risk Analysis Engineer Group: SecOps BU : CARIAD Business Unit - India Location : Whitefield, Bangalore Experience: 6 to 8 years About CARIAD (Car, I Am Digital) CARIAD is an automotive software company that bundles together Volkswagen Groups software competencies and further expands them, building upon a heritage of bringing automotive innovation to everyone. CARIAD is building a unified technology and software platform, including a vehicle OS, vehicle cloud platform and a new unified architecture for all of Volkswagen Group s brands. The brand profile can be found on its website - https://cariad.technology CARIAD India operates under a brand licensing agreement with Germany-based CARIAD SE. So, here s a chance to innovate and transform automotive mobility! Youll join a team of 360 skilled experts and developers at CARIAD India and around 6,000 CARIDIANs globally, who bring with them a wealth of experience and knowledge. The areas of work involve the development of platform components such as firmware, boot loaders, AUTOSAR, Linux/QNX BSP, Service oriented architecture-based middleware components. To explore an exciting progressive career at CARIAD India: Visit us at: www.embitel.com Follow us at LinkedIn: https: / / www.linkedin.com / company / 268681 / Job Roles Responsibilities: Primary Skills: Having 6-8 years of hands-on experience, working as a Threat Analysis and Risk Assessments engineer in automotive Cyber Security in the Application and Infrastructure/Cloud space Must have : Experience with automotive cybersecurity standards - ISO21434, SAE J3061, WP.29, R155/R156 Performed Threat Analysis and Risk Assessments (TARAs), and attack tree analysis Overall hands-on experience with threat analysis in embedded software systems within the automotive industry Identifying and evaluating potential risks related to automotive cybersecurity, analyzing their potential impact, and proposing mitigation strategies. Ensure teams and suppliers are correctly following Cyber Security processes, ensuring compliance with regulations and standards such as UNECE.R155 or ISO21434 Develop and maintain documentation related to security procedures and risk assessment Review Software applications for potential security vulnerabilities by conducting application security reviews i.e. Secure Design review, Threat Modelling Perform vulnerability analysis, vulnerability management including risk treatment decision regarding the specific topic, communicate with various stakeholders including management at all levels and vendors Good understanding of high integrity systems, and secure software and / or hardware design principles, in an embedded environment.
