Automotive Cyber Security Compliance

Job Description

- Experience in threat analysis and risk assessment (TARA) and vulnerability analysis
- Good understanding of cybersecurity requirements of automotive ECUs
- Work experience in requirement management
- Good experience in system requirements writing
- Work experience with cybersecurity processes and automotive /rail standards like ISO 21434, UNECE WP.29, IEC 62443, TS 50701, IEEE 1609.2, GM/T, NIST
- Experience in refining system architecture based on cybersecurity requirements and mitigation methods
- Understanding of cybersecurity lifecycle and understanding of typical cybersecurity activities at various stages
- Understanding of cybersecurity features like secure boot, secure diagnostics, secure communication, secure debug, key management, HSM, Firewall, IDPS, PKI infrastructure etc.
- Familiar with cybersecurity assessment and audit
- Basic understanding of development process, various cybersecurity algorithms and procedures

Desired skills

- Good understanding of automotive product development lifecycle (ASPICE)
- Understanding of vehicle network topology, Interfaces like CAN, Ethernet, Flexray, BT, Wi-Fi, GPS etc.
- system architecture skills using tools like EA
- Good understanding of operating systems, RTOS, and platform software
- Experience in handling OEM cybersecurity processes & customer specifications
- Interface with software Requirement, Design, Development & Testing Teams for various cybersecurity activities

Tools (Added skill set)

- DOORS
- PTC Integrity
- Enterprise Architect (EA)
- Microsoft STRIDE tool
- Isograph Attack Tree Analysis Tools
- Vector CAN tools

2 Automotive Cybersecurity Software Engineers & Leads

Cybersecurity Skills

- Good understanding of ASPICE - SWE.1, SWE.2, SWE.3, SWE.4, SWE.5, and SWE.6
- Experience in implementing of cybersecurity features in AUTOSAR/Non-AUTOSAR environment
- Experience in implementing security features like secure boot, secure diagnostics, secure debug, secure ECU modes, key manger, PKI and certificates, secure on-board communication, HSM/SHE
- Experience in developing High level & Low-level design artefacts with respect cybersecurity software requirements.
- Experience in deriving software requirements from system requirements, their management & traceability
- Deep knowledge on various cybersecurity algorithms and procedures
- Understanding of threat analysis and risk assessment (TARA) and vulnerability analysis.
- Understanding of ISO 21434, UNECE WP.29, IEC 62443, TS 50701, IEEE 1609.2, GM/T, NIST standards
- Understanding of cybersecurity lifecycle and typical cybersecurity requirements at various stages
- Familiar with cybersecurity assessment and audit
- Interface with system engineering, software design & testing teams for various cybersecurity activities

Desired Skills

- Experience in designing various components using EA or any equivalent tool.
- Experience in automotive product development lifecycle (ASPICE)
- System operating modes - state machine design skills
- SW architecture skills using tools like EA
- Experience in various interfaces like CAN, Ethernet, Flexray, BT, Wi-Fi, GPS etc.
- Experience with various operating systems, RTOS and platform software
- Strong experience in software development (C/C++, Assembly), Unit testing and debugging
- Good experience in Python scripting

Tools (Added skill set)

- DOORS
- PTC Integrity
- Enterprise Architect (EA), UML, Rhapsody
- Various IDEs, Compilers, and debuggers
- Static code analyzers (Klocwork, Polyspace, QAC) with CERT /CWE support
- Unit testing tools like Vector CAST, Cantata
- GIT/Gerrit/SVN/Clear Case

3 Automotive Cybersecurity Test Engineers & Leads

Cybersecurity Skills

- Good understanding of ASPICE - SWE.4, SWE.5, SWE.6, SYS.4, SYS.5
- Strong understanding of cybersecurity testing of automotive ECUs
- Experience in developing test scenarios and understanding of use cases for features like secure boot, secure diagnostics, secure debug, PKI infrastructure, HSM, key manager, ECU secure modes, Firewall, Secure on-board communication etc.
- Good work experience with UDS protocol
- Experience in creating test setup, test plans, test cases, procedures, script, test execution and reporting, and analysis of test reports
- Experience with cybersecurity test automation, fuzz testing, penetration testing
- Experience with test automation frameworks
- Experience in test reporting and bug tracking mechanisms
- Understanding of system and software requirements
- Understanding of cybersecurity threats and vulnerabilities
- Development of V&V plan for cybersecurity
- Interface with system engineering, software design and development teams for various cybersecurity activities
- Understanding of cybersecurity lifecycle and standards (ISO 21434, UNECE WP.29, GM/T, NIST)
- Understanding of various cybersecurity algorithms and procedures
- Support incident management scenarios
- Familiar with cybersecurity assessment and audit

Desired Skills

- Good understanding of OEM cybersecurity end to end process and eco system, tools and methods.
- Good understanding of automotive product development lifecycle
- Strong experience in automotive embedded system validation
- Experience in testing various interfaces like CAN/CANFD, Ethernet, Flexray, BT, Wi-Fi, GPS, SPI, Inter Lane Communication etc.
- Good understanding of RTOS, QNX, Linux, Android, various platform software and testing their security features
- Very good experience in CAPL Scripting, Python scripting
- ISTQB certification
- Vector VT / dSPACE test systems
- Vector CANoe, CANape, Vflash
- Functional Validation of Body, Chassis, Powertrain, Infotainment, Telematics
- vTESTstudio / CAPL / Python
- Jenkins, YAML, Ansible playbook

Tools (Additional skill set)

- DOORS, JIRA, PTC Integrity, Jenkins, PowerBI
- NI Test Tools
- Oracle Virtual Box
- VMware
- Kali Linux 2020
- UDE Debugger, I System debugger, Lauterbach