Cyber Security Expert

Your tasks

Position/ Role: Project Security and Privacy Manager

**Job Type**: Full time

Total Work Experience: 5 - 15 Years; Automotive Security Experience: 3-10 Years

Work Location: Bangalore (Electronics City, Phase II)

Immediate joiners preferred.

Plans and organizes automotive ISO 21434 security related work products for a project.
- Acts as interface to other domains for all Security or Privacy aspects.
- Defines and gets agreement upon the mechanisms/requirements that will help to ensure Security of the product and Privacy of its users.
- Aligns development interface agreement for Security and Privacy with customer and suppliers.
- Prepares and conducts Security Assessments at various stages of Product Life cycle.
- Performs Impact Analysis and Security and Privacy Risk Assessments

Skill set required:

- Knowledge in Automotive Security (ISO 21434, IT security, SW, HW, System) and Data Protection (privacy regulation)
- Knowledge in Automotive Architectural modelling and Requirement Engineering
- Knowledge in Automotive Security & Privacy standard, methods, and approaches
- Knowledge in Automotive technical risk analyses, e.g. TARA, STRIDE, Security FMEA,...
- Good Exposure to Automotive product development project life cycle
- Working knowledge of DOORS, Rhapsody, JIRA, JAZZ, SCM and HEP landscape

The detailed description is as follows:

- The PSPM will plan and organize the security-related aspects and their work products for a specific component project.
- The PSPM will act as the interface to other level PFSMs, system architect, project team and customer for all security or privacy aspects regarding the full chain of effect of dedicated system level.
- The PSPM will define the security and privacy work products, track their status and prepare reports about the maturity and proactively communicate risks to the project manager.
- The PSPM will also care for an adequate training status of the development team to ensure that security and privacy concepts are chosen and implemented according to the state-of-industry-and-art.
- The PSPM is responsible to define and agree upon the mechanism that will help to ensure security of the product and the privacy of its users.
- The PSPM will closely work together with the system architect to support a common understanding within the development team, deriving a system and software security architecture.
- As Cyber Security Production Manager (CySPro) the PSPM discuss, analyze, collaborate, communicate between R&D, production, KMD and OTC backend and define the security relevant content of the product test specification and the Cybersecurity configuration.
- In case the PSPM is allocated as Security and Privacy Maintenance Manager (SPMM), he/she has role to manage and coordinate all SP Maintenance activities throughout all phases of SP Maintenance
- In a security relevant project there might be the need to exchange business critical secret information from the OEM to Continental and within Continental. As Project Secret Information Manager (PSIM) the PSPM will act as trusted contact person for the OEM and take care for appropriate distribution of required business critical information according state-of-the-art IT security standards.
- The PSIM will closely work together with the BU IT Security Advisor.

**Profile**:
B B.E/M. Tech /B. Tech /M. E/ Ph. D (Electrical/Electronics)

**Offer**:
Main Activities
- Consult quote team and estimate costs and effort for security and privacy (S&P) related content
- Align development interface agreement for S&P with customer and suppliers
- Assure adequate tailoring of development process and the relevant S&P activities and work products pending on development scope
- Provide Project S&P Plan and Schedule
- Initiate and plan SEC assessment
- Ensure adequate S&P training of project participants
- Plan and trace work products and their reviews which are part of Security Case
- Align of active monitoring of field and security and privacy community with SPM BU
- Tracking of implementation status and perform the S&P Risk Assessment for each delivery release.
- Interfaces to the customer and supplier for S&P
- Creation and adaptation of system requirements with S&P aspects, including tracing to architecture and S&P goals (if available)
- Creation and adaptation of system architecture with S&P aspects
- Creation and adaptation of the S&P concept with all involved stakeholders (customer, supplier, SLE, SW PM, HW LE, MEC LE, production and quality) which ensures/secures operation of product, including protections against violation of S&P
- Perform Security & Privacy Analysis and Risk Assessments (VARA, PIA)
- Act as OEM contact person for exchange of Secret Information used for development (PSIM)
- Distribute secret information within Continental (PSIM)
- In case allocated support maintenance as SPMM
- The PSPM reports to the SLE, Line Manager and the SPM BU

Allocation of S&P responsibilities within the project:

- Definition o