Cyber Security Systems Eng (Detroit, MI)

| Detroit, MI
Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
* The Cybersecurity System Engineer is responsible for overseeing cybersecurity in all software and hardware, related to the product. The Cybersecurity system engineer is the interface between the software/hardware and systems teams on cybersecurity issues. The cybersecurity system engineer works with the product and core teams in translating the product requirements with cybersecurity impacts into the software/hardware requirements and architecture.

This role would be filled by an individual with a Software/embedded background and, depending on the size or organization of the project, the person may fill other roles. When cybersecurity assignments are divided throughout the team, the cybersecurity system engineer oversees the work done by the different Software/embedded Engineers. The cybersecurity system engineer is also the interface for cybersecurity between the software's/hardware product, manufacturing, and testing teams. Responsible for cybersecurity activities and communicating cybersecurity risks during Software/Hardware Requirements Analysis, Software Architecture, Software Detailed Design, Software Construction, Software Integration Test, Software Testing, and Product Release.
  • Responsible for the cybersecurity plans in the Software Architecture Document (SAD), and Software Design Document and.
  • Supports the Product Systems Cybersecurity Manager in the development of the product's cybersecurity plans for Systems and Software Development Plan (SSDP), Risk Management Plan, Change Request Management, Incident Response, and Vulnerability Management.
  • Supports the Product Systems Cybersecurity Architect for Threat Analysis and Risk Assessment for the product and defining mitigations.
  • Supports the Product Systems Cybersecurity Architect with requirement analysis and customer meetings.
  • Supports and approves the product's Cybersecurity Concepts document (including architecture, product key/certificate handling concept, manufacturing key provisioning concept, and code signing concepts).
  • Coordinates cybersecurity issues between product, manufacturing, and testing software.
  • Consulted for cybersecurity analysis and patching of any open source or third-p arty software.
  • Supports the Product Systems Cybersecurity Manager as a liaison to OEM, partner, and third-party software companies for cybersecurity issues. On complex products, the liaison responsibility can be delegated per interface and the interface engineer reports to the Product Software Cybersecurity Architect.
  • Provides guidance so secure software is developed and unit tested, including static and dynamic code analysis, fuzz testing, and compliance to standards (MISRA C, CERT C, etc).
Background:
  • Bachelor's Degree in Computer Science, Computer Engineering, Electrical Engineering or similar discipline
  • 10+ years' experience with C, assembly (MIPS, RISC-V, Intel x86_64, proprietary architectures, etc.), and/or similar low-level development
  • 6+ years' experience with: 1) host-based virtualization (VMware workstation, QEMU-KVM, Xen, etc.) and/or emulation technologies (QEMU, Simics, etc.); 2) scripting languages like Python; 3) developing in Linux or Unix environments; and 4) leading & conducting offensive cyber researcher such as vulnerability research and exploit development against embedded systems
  • Strong knowledge of embedded systems development including networking, cryptography, and resource management and experience designing customizations to those platforms
  • Experience designing solutions that meet or exceed automotive-relevant cybersecurity standards/regulations such as ASPICE, R155/R156, and/or the upcoming ISO 21434
  • Experience leveraging hardware security module (HSM), secure hardware extension (SHE), ARM Trust Zone, trusted execution environment (TEE), and/or similar security technologies
  • Strong understanding of cyber risk and cyber intelligence and capable of informing leadership of cybersecurity developments and potential issues from business partnerships/engagements
  • Ability to communicate and present complex issues and ideas with precision and clarity, adjusting appropriately for the audience; ability to communicate effectively up to the Senior Vice President/C-level
  • Good personality and strong ability for successfully working independently primarily in a remote setting while coordinating technical tasks and objectives via collaboration software
  • Interest and/or experience with bug bounties, capture-the-flag competitions, etc.
  • Outstanding organization, communication, collaboration and interpersonal skills plus experience building consensus among technical team members
Preferred:
  • Master's Degree in Computer science, Computer Engineering, Electrical Engineering or similar discipline
  • 11+ years' experience programming in C and/or assembly
  • 5+ years' experience developing with automotive hardware and architectures (e.g., TriCore™)
  • 5+ years' experience developing for FPGAs such as Xilinx, NXP, etc. and using their associated tool suites such as Vivado, etc.
  • One or more relevant cybersecurity certifications such as CISSP, GDSA, etc.
  • Developing systems utilizing automotive communication systems (CAN, CAN-FD, automotive Ethernet, etc.)
  • Developing solutions using automotive operating systems such as SROS2 and software communications middleware DDS
  • Familiarity with Bluetooth, NFC, and/or Wi-Fi implementations and communications
  • Have knowledge of hardware description languages (Verilog, VHDL, etc.)
  • Understand circuit schematics, hardware data sheets, logic design and review/suggest PCB layout improvements to enhance security
  • Experience designing software/hardware interfaces such as device drivers and board support packages (BSPs)
  • Experience deploying AUTOSAR-compliant embedded platforms
  • Experience directing cross-functional teams to implement comprehensive cyber resilient solutions
  • Experience performing threat modelling and design reviews to assess security implications and requirements for introduction of new technologies
  • Experience representing technical viewpoints to diverse audiences and in making timely and prudent technical risk decisions
  • Experience in customer discussions and technical design reviews and supporting cross discipline activities
  • Experience conducting code reviews and usage of version control systems
  • Experience with investigations and forensics activities and interfacing with members of a security operations center (SOC) and/or red team
  • Outstanding communication skills; strong critical thinking and analytical skills
  • Experience with traditional network designs (e.g., IPv4, Ethernet, etc.) and the ability to translate that experience to future secure vehicle networks
  • A go-getter that is passionate to learn about new security vulnerabilities and develop cybersecurity solutions
Privacy Notice - Active Candidates: https://www.aptiv.com/privacy-notice-active-candidates

Aptiv is an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, sex, gender identity, sexual orientation, disability status, protected veteran status or any other characteristic protected by law.
More Information on APTIV
APTIV operates in the Automotive industry. The company is located in Boston, MA, Troy, MI and Kokomo, IN. APTIV was founded in 2022. It has 17787 total employees. It offers perks and benefits such as Flexible Spending Account (FSA), Disability Insurance, Dental Benefits, Vision Benefits, Health Insurance Benefits and Life Insurance. To see all 63 open jobs at APTIV, click here.
Read Full Job Description
Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Similar Jobs

Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Save jobView APTIV's full profileFind similar jobs