Lead the creation of functional and technical security requirements and concepts for vehicle systems.
Propose and implement system-level security concepts in collaboration with the system manager.
Develop security strategies and contribute to hardware and software security architecture design.
Participate in Agile development processes and extend practices to include functional safety.
Ensure project compliance with ISO 21434, demonstrate risk mitigation across the product lifecycle, and ensure adherence to ICTS standards.
Provide security coaching and coordination for customers and suppliers.
Conduct research in one or more areas: OS security, AD security, embedded system security, on-board/off-board network security, fuzzing, penetration testing, privacy protection, ECU protection, etc.
Requirements
University degree in Engineering or a related field.
Minimum 3 years of experience in network structure, penetration testing, SDLC, or other security engineering work (processes, requirements, architecture, design, testing).
Strong spoken and written English communication skills.
Knowledge of security standards: ISO 21434, WP.29 CSMS; familiarity with ISO 9001, ISO 27001, ISO 31000, GDPR, A-SPICE is a plus.
Practical experience with security analysis methods: TARA, STRIDE, HEAVENS.
Understanding of vehicle network protocols: CAN, LIN, FlexRay, Ethernet is preferred.
Familiarity with OS security: Android, Linux, QNX, AUTOSAR preferred.
Knowledge of software security: development, reverse engineering, vulnerability management preferred.
Experience with security products: IDPS, firewall, HSM/TPM/TrustZone is preferred.
Understanding of encryption protocols: PKI, TLS, IPSec, etc.
Hands-on experience with penetration testing and fuzzing.
Exposure to embedded development and functional safety is a plus.
Professional certifications such as CISSP, participation in CTF competitions, experience submitting vulnerabilities to mainstream platforms, or SRC experience is highly advantageous.
