Product Cybersecurity Engineer at The Judge Group Inc. in Wyoming, Minnesota

Posted in Other 12 days ago.




Job Description:

Location: Wyoming, MN

Salary: $30.00 USD Hourly - $35.00 USD Hourly

Description: Our client is currently seeking a Product Cybersecurity Engineer



Qualifications & Requirements:


  • TOP SKILLS/REQUIREMENTS:


    Understanding of cybersecurity architecture, controls, and programming

    Experience conducting Threat Analysis and Risk Assessment (TARA)

    Experience with Itemis Secure (or similar) to perform (TARAs)


    ESSENTIAL DUTIES & RESPONSIBLITIES


    Support the Chief Cybersecurity Engineer in developing, communicating, and implementing client's enterprise-wide product cybersecurity strategy & roadmap

    Provide guidance to stakeholders (product owners, development teams, system engineers) on security concerns and recommended controls

    Execute threat analysis and risk assessment (TARA) on vehicle, feature, system and component levels and mitigate identified risks by defining appropriate cybersecurity controls to the risks

    Develop, refine, and review cybersecurity requirements and gain approval from Chief Cybersecurity Engineer

    Perform design reviews over internal and external cybersecurity solutions and mitigate cybersecurity weaknesses or vulnerabilities throughout of product life cycle

    Define in-vehicle cybersecurity architectures, develop cybersecurity controls, e.g., secure boot, secure reprogramming, security access, IDS/IPS, etc. and secure vehicle to back-office communication interfaces

    Manage and provide guidance on key management system and internal use of PKI, support supplier usage of client PKI system, collaborate with the KMS vendor to resolve issues quickly

    Collaborate with Ride Command team to ensure a robust overall connected ecosystem cybersecurity from a product, app, web, and cloud standpoint

    Support triage and prioritization of vulnerabilities identified during verification and validation phases, e.g., static code analysis, OSS vulnerability scanning, fuzz testing, penetration testing

    Support institutionalization of ISO/SAE 21434 processes across client and produce ISO/SAE 21434 compliant work products

    Support regulatory compliance such as UNR 155, CRA, Radio Equipment Directive

    Support supply chain integrity and security initiatives to secure client's supply chain, e.g., HBOM, SBOM, etc.

    Promote cybersecurity culture by providing cybersecurity training to team members on a regular basis

    Additionally, you may:


    Support internal and external connected device penetration testing execution

    Support cybersecurity validation engineer in root cause analysis

    Participate in and support Auto-ISAC working group

    Investigate new cybersecurity technologies and recommend appropriate technologies to adopt in vehicles

    Analyze connected vehicles related cybersecurity intelligence and share with broader team

    Adopt product cybersecurity industry best practices for continuous improvement

    SKILLS & KNOWLEDGE

    Minimum Qualifications:


    Bachelor's degree in computer science, computer engineering, software engineering, electrical engineering, IT security or other relevant domains

    3+ years of experience in automotive cybersecurity, embedded system security, IoT security, cyber-physical system security, or a combination of these areas

    Experience with securing wireless communication protocols, e.g., cellular, Wi-Fi, Bluetooth, BLE, satellite communications, RF, etc.

    Experience with setting up and managing KMS, PKI, CA, certificate/key generation, distribution, storage, renewal, revocation, etc.

    Experience with conducting threat analysis and risk assessment

    Experience with developing cybersecurity goals and requirement specifications

    Experience with designing cybersecurity controls, such as secure boot, secure reprogramming, security access, security gateway, IDS, IPS, security hardening, etc.

    Experience with SELinux, App Armor, Hypervisor, TEE, HSM, etc.

    A self-starter with minimum supervision

    Excellent written and verbal communication skills

    Preferred Qualifications:


    Advanced degree in cybersecurity

    10+ years of experience in automotive product cybersecurity

    Experience with symmetric and asymmetric cryptography, digital signature, hash, message authentication, encryption, key exchange

    Experience with developing telematics, infotainment, or other connected ECUs

    Experience with implementing and executing ISO/SAE 21434 processes

    Understanding of cybersecurity regulations, standards and best practices, e.g., UNR 155, CRA, Radio Equipment Directive, Machinery Regulation, ISO/SAE 21434, NIST/NHTSA/Auto-ISAC best practices, etc.

    Experience with CAN, CAN-FD, J1939, Ethernet, USB, SPI, UART, JTAG, etc.

    Understanding of embedded RTOS and Linux based operating systems

    Experience with reporting, managing, and closing security issues in tools such as Jira

    Experience with at least one modern software programming language (C, C++, C#, Python, Java, etc.)
    Experience with Itemis Secure to perform TARAs



Contact: bpant@judge.com


This job and many more are available through The Judge Group. Find us on the web at www.judge.com
More jobs in Other
Other
less than a minute ago
Technical Support Specialist-BILINGUAL FRENCH-CANADIAN

Snapon
Richfield, Ohio
Other
less than a minute ago
Community based, Mental Health Clinician - $8000 Sign on Bonus!

Inspire Diagnostics
Braintree, Massachusetts
Other
less than a minute ago
CBH Outpatient Clinician

Inspire Diagnostics
Quincy, Massachusetts

  • About
  • disABLEDperson, Inc. is a 501(c)3 non-profit organization whose mission is to reduce the high unemployment rate of individuals with disabilities.
  • "We are simply here to serve."
© 1999 - 2024 Disabled Person, Inc. | Terms and Privacy Policy