Responsibilities:

Automotive Product Development and Maintenance:

Understand automotive product development and maintenance lifecycle, including hardware, software, validation cycles, tools, and technical infrastructure.

Software Design and Testing:

Experience with software design methodologies and tools is a plus. Knowledge of black box and white box testing, static analysis, dynamic analysis, hardware-in-loop testing, and software-defined radios.

Project Management Methodologies:

Familiarity with Agile-Scrum, V-model, Waterfall model, and other project management methodologies.

Vehicle and ECU Understanding:

Good understanding of vehicle types, E/E architecture, various ECUs, interfaces, and OBD. Collaborate with cross-functional teams to integrate cybersecurity measures.

ASPICE and Quality Management Systems:

Experience with ASPICE-based QMS at Level 3; ASPICE certification or assessment experience is a plus. Understanding of ASPICE implementation and engineering activities at both system and software levels.

Protocols and Software Activities:

Good understanding of CAN protocols, Ethernet, TCP/IP protocol stack components, AUTOSAR, and Linux-based software activities. Experience with automotive embedded interfaces and related protocols.

ISO 26262 and Cybersecurity:

Experience with ISO 26262-based implementations and automotive cybersecurity. Strong experience with automotive cybersecurity per ISO 21434 (WP.29 R155) lifecycle, including maintenance, implementation, and certification of CSMS infrastructure. Ability to interpret organizational cybersecurity audit reports and implement remedial activities.

Cybersecurity Certification and Competency:

Experience in driving cybersecurity certification activities such as CSMS COC and VTA. Experience in cybersecurity competency management, including creating training assets.

Cybersecurity Use Cases:

Understanding of cybersecurity use cases for telematics, head units, gateways, domain controllers, ADAS systems, charging modules, battery management systems, and vehicle control modules. Good understanding of cybersecurity use cases for FOTA, KMS, IDPS, on-board security, remote diagnostics, EOL security, designing, upgrading, and managing tests.

Penetration Testing and Test Execution:

Experience in setting up penetration test systems for ECU/vehicle validation. Experience in developing test plans and executing tests at ECU/vehicle levels. Good understanding of various cybersecurity testing methods, including penetration testing, black/grey box testing, fuzz testing, data security, system states, and operating modes.

Cybersecurity Management Tools and Activities:

Experience with cybersecurity management tools like Ansys Medini. Experience in cybersecurity case management, assessments, and gap implementations. Experience in cybersecurity monitoring, incident response management, and handling cybersecurity issues during post-development, vehicle-level EOL, deployment, and maintenance phases.

IDPS and Key Management Systems:

Good understanding of IDPS implementation requirements and maintenance. Good understanding of key management system functionalities and X.509.