You will...
- - Work directly with engineering teams as the main point of contact for product security.
- - Conduct formal TARA (ISO/SAE 21434) to define security requirements for vehicle ECUs and autonomous stacks.
- - Develop data integrity standards for CAN and Automotive Ethernet to block injection and spoofing attacks.
- Perform threat modeling for new infrastructure to identify vulnerabilities in fleet management and diagnostic tools.
- - Specify automated security testing requirements, including protocol fuzzing, for the software build pipeline.
- - Translate high-level security goals into actionable engineering specifications alongside senior architects.
- - Design Hardware Security Module (HSM) integrations to establish a hardware-rooted Chain of Trust.
- - Architect secure boot and OTA update mechanisms using cryptographic signing to prevent unauthorized code execution.
- - Design secure truck-to-cloud interfaces utilizing end-to-end encryption and robust mutual authentication.
Qualifications
- - Minimum of 3 years in cybersecurity, specifically focusing on product security for embedded systems, robotics, or automotive platforms.
- - Proven ability to conduct structured TARA or threat models, particularly using ISO 21434
- - Technical proficiency in CAN bus (J1939) and Automotive Ethernet
- - Working knowledge of automotive security and safety standards, such as UNECE R155 and ISO 26262
- - Proficiency in Python or Go for developing security automation and design validation tools.
- - Familiarity with securing IoT cloud architectures and managing secure data pipelines between edge devices and backends.
Bonus
- - Hands-on experience with PKI, digital signatures, and encryption as applied to Secure Boot, OTA, and hardware-based Roots of Trust
- - Proficiency in C/C++ and/or Rust for auditing embedded firmware
