Roles and Responsibilities:
Lead cyber security activities in core or application programs in compliance with ISO 21434, UNECE WP.29, and cyber security development processes in collaboration with the development team. These activities include, but are not limited to:
· Lead Threat Analysis and Risk Assessment (TARA) in collaboration with other functional engineers and lead the team for TARA updates.
· Lead Security Concept development.
· Lead Security Requirement development, Security Requirement review, and work closely with functional engineers to ensure the execution of these requirements.
· Guide software engineers in vulnerability analysis (static code analysis, known vulnerability analysis) and support tracking cyber security implementation issues based on the vulnerability analysis.
· Support verification engineer in security verification test and its vulnerability management.
· Lead fuzz testing activities and vulnerability management.
· Lead penetration testing activities and vulnerability management.
· Provide guidance and support to the incident response team.
· Support incident response activities as assigned.
· Support awareness cultivation of incident response in the engineering team.
· Keep close awareness of cyber security incidents in relative.
· Provides guidance and support to the program team in the development of their work products in compliance with ISO 21434 and UNECE WP.29.
· Supports the Cyber Security program plan in collaboration with the program manager.
Skills Required:
· Basic knowledge of ISO 21434 and/or UNECE WP.29 R155 is preferred.