[LTA-T&ID] PRINCIPAL / SENIOR / EXECUTIVE CYBERSECURITY ENGINEER, AV CYBERSECURITY

Posted 20 Days Ago
Be an Early Applicant
Singapore, SGP
In-Office
Senior level
Agency • Information Technology • Professional Services
The Role
Build and lead AV cybersecurity assurance: define regulatory CSMS requirements, assess developers using TARA/R155/ISO21434, set OTA update expectations per R156, establish monitoring and incident response, and secure CAM products via DevSecOps, automated testing, and security architecture reviews. Senior hires will own assurance end-to-end and mentor the team.
Summary Generated by Built In

[What the role is]

PRINCIPAL / SENIOR / EXECUTIVE CYBERSECURITY ENGINEER, AV CYBERSECURITY

[What you will be working on]

Centre for Autonomous Mobility (CAM) leads Singapore’s national effort to deploy autonomous vehicles (AVs) at scale. As AVs move onto public roads, their cybersecurity becomes a matter of public safety: a compromised vehicle is not just a data breach but a physical risk. You will be part of the cybersecurity team responsible for developing the cybersecurity assurance regime for AVs, to ensure autonomous vehicles are deployed safely and securely in Singapore. You will drive to grow into AV cybersecurity. You will help build the function from the ground up  assuring the cybersecurity of AVs themselves, and securing the systems CAM builds to oversee them.

Your responsibilities:

● Drive the development of the regulatory framework for AVs, such as establishing requirements for a Cyber Security Management System (CSMS) that covers the vehicle’s lifecycle — development, production and deployment.

● Assess AV developers’ cybersecurity submissions against our assurance criteria, applying Threat Analysis and Risk Assessment (TARA) and the R155 Annex 5 threats and controls, as well as standards such as ISO/SAE 21434.

● Define expectations for secure over-the-air software updates in line with the intent of UN R156 (a Software Update Management System), and for managing cyber risk across the AV supply chain.

● Establish monitoring, detection and incident response requirements for AVs, including analysing threats, vulnerabilities and mitigations to contribute to collective knowledge for the AV ecosystem.

● Maintain the policies, standards and playbooks for AV cybersecurity, and support engagement with local partners and international fora (e.g. UNECE WP.29 / GRVA).

Help secure CAM’s digital products / DevSecOps (secondary)

The other part of the team’s remit is making sure the systems CAM builds to regulate and monitor AVs — such as the Autonomous Vehicle Monitoring System — are themselves secure by design.

● Work with the Systems team to build security into the software development lifecycle, from design through CI/CD to production.

● Conduct security architecture and design reviews and risk assessments of CAM’s systems, and provide and implement remediation recommendations.

● Support security reviews of application code and architecture, and help design secure-by-default components.

● Set up automated security testing — SAST/DAST, dependency and secrets scanning, and infrastructure-as-code checks — in the delivery pipeline.

● Assist with breach detection and incident response for these products.

Help build the function

● As you grow into the role, you will naturally spot gaps and suggest tools, processes and improvements as the team and its remit grow.

● Evaluate emerging security technologies and recommend tools and approaches for the team to adopt.

● Provide security advice to CAM project teams on design and architecture decisions, and help build a security-minded culture across CAM, working alongside engineers, AV developers and agency partners.

For more senior hire, you will:

Own and drive the AV cybersecurity assurance framework end to end, and set the assurance criteria AV developers must meet.Lead assessments of AV developers’ cybersecurity management systems and act as a technical authority in deployment-approval decisions on cybersecurity assurance adequacy.Help establish security architecture governance and compliance with relevant frameworks.Lead cybersecurity incident response for the AV fleet and our products, and define the team’s tooling, standards and processes.Mentor junior engineers and help grow the team.

[What we are looking for]

● Knowledge preferably in Computer Science, Cybersecurity or a related field

● Thinks analytically about risk — can reason about threats, weigh trade-offs, and understand the limits of a cybersecurity control on safety outcomes.

● Eager to learn vehicle regulations — genuinely interested in standards and frameworks like R155, and able to pick them up quickly.

● Communicates clearly — can explain security issues to both technical and non-technical people.

● Takes initiative and cares about the public good — this is new ground, so you will help shape the standards rather than inherit them.

● Familiarity with automotive / vehicle cybersecurity standards and regulation — UN R155 and R156, ISO/SAE 21434, CSMS and TARA — or a track record of picking up new regulatory frameworks quickly.

● Exposure to automotive, operational-technology (OT) or embedded / safety-critical systems security, including security architecture of cloud-native applications and/or OT systems.

● Hands-on DevSecOps experience: secure SDLC, CI/CD pipeline security, cloud security (e.g. AWS), and SAST/DAST tooling.

● Hands-on experience with security tools such as SIEM, WAF, IPS, privileged access management (PAM), or data loss prevention (DLP).

● Professional accreditations such as CISSP, CISM, CRISC, GICSP, GCIH or OSCP.

● A strong interest in autonomous vehicles, emerging mobility technology and overall vehicular safety.

Skills Required

  • Degree in Computer Science, Cybersecurity or related field
  • Analytical risk reasoning and threat assessment skills
  • Knowledge of vehicle cybersecurity regulations and standards (UN R155, UN R156, ISO/SAE 21434, CSMS, TARA)
  • Familiarity with automotive, OT or embedded / safety-critical systems security
  • Hands-on DevSecOps experience: secure SDLC, CI/CD pipeline security, cloud security (e.g., AWS)
  • Experience with application security tooling: SAST, DAST, dependency and secrets scanning, IaC checks
  • Experience with security operational tools: SIEM, WAF, IPS, PAM, DLP
  • Professional accreditations such as CISSP, CISM, CRISC, GICSP, GCIH or OSCP
  • Clear communication skills to explain security to technical and non-technical stakeholders
  • Interest in autonomous vehicles and vehicular safety
  • Ability to lead assessments, incident response, define tooling/standards and mentor junior engineers (senior hires)
Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company

What We Do

The Singapore Economic Development Board (EDB) is a government agency responsible for strategies that enhance Singapore’s position as a global centre for business, innovation, and talent. It undertakes investment promotion and industry development.

Similar Jobs

Citadel Logo Citadel

Machine Learning Researcher - PhD Graduate (Asia)

Information Technology • Software • Financial Services • Big Data Analytics
In-Office or Remote
2 Locations
4000 Employees

Citadel Logo Citadel

Quantitative Researcher

Information Technology • Software • Financial Services • Big Data Analytics
In-Office or Remote
3 Locations
4000 Employees
300K-350K Annually

Wise Logo Wise

Asia Product Compliance & Risk Lead

Fintech • Mobile • Payments • Software • Financial Services
Hybrid
Singapore, SGP
9000 Employees
227K-295K Annually

CoreWeave Logo CoreWeave

Talent Acquisition Coordinator (Contract)

Cloud • Information Technology • Machine Learning
In-Office
Singapore, SGP
1450 Employees

Similar Companies Hiring

Scrunch  Thumbnail
Artificial Intelligence • Information Technology • Marketing Tech • Software • SEO
Salt Lake City, Utah
Standard Template Labs Thumbnail
Artificial Intelligence • Information Technology • Software
New York, NY
25 Employees
Golden Pet Brands Thumbnail
Digital Media • eCommerce • Information Technology • Marketing Tech • Pet • Retail • Social Media
El Segundo, California
178 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account