Santa Clara, USA
94 days ago
Sr. Product Security Engineer

Cybersecurity in markets such as automotive and IoT has become one of the most important drivers for the entire value chain of the industry. Join the Ambarella team and become a champion in the governance of SoC cybersecurity. We are looking for a highly motivated cybersecurity professional to oversee the vulnerability management throughout the lifecycle of all SoC products. Drive the threat analysis and risk assessment (TARA) process with help from domain experts in engineering and production teams. Lead the Product Security Incident Response Team (PSIRT) and play a central role in coordinating vulnerability handling activities both internally and externally. Identify areas of improvements and plan campaign projects to establish and refine cybersecurity policies, processes, and SOPs. A successful candidate will have ample opportunities to expand the scope, take on more responsibilities and make a big difference.  

Responsibilities:

Lead TARA process for new chip development. Maintain the vulnerability report and advisory for all Ambarella SoCs. Lead PSIRT, perform / drive routine vulnerability discovery work. Upon occurrence of a cybersecurity incident, create a cybersecurity incident response plan and act as the project manager to drive it to closure. Participate in cybersecurity product requirement engineering, security architecture and design reviews. Support compliance/certification activities such as ISO21434, SESIP etc.  Produce and maintain documents to establish and/or enhance cybersecurity policy, process, standard, template, and SOPs. Maintain broad understanding of the cybersecurity landscape and state-of-art technology.

Requirements:

Bachelor’s degree (master’s degree is optional). 3-5 year’s related experience in cybersecurity, information security, or related fields. Good analytical skills and attention to details.  Knowledge in cybersecurity standards, tools and technologies, threat modeling and risk assessment etc. Knowledge in automotive cybersecurity, ISO21434, NIST, and J3101 is a plus.  Strong project management experience is a plus. Strong communication and collaboration skills. Proficient in Mandarin Chinese is a plus. Industry recognized cybersecurity certification is a plus. 

Pay range and compensation package:

The base salary range is $155,000 - $176,000. Your base salary will be determined based on your location, experience, and the pay of employees in similar positions. We also offer new hire RSU grants and the opportunity for annual RSU grants, as well as other highly competitive benefits.

Confirm your E-mail: Send Email