Work location: Auburn Hills, Michigan Note: Automotive domain is not mandatory.
*Mandatory Skills * Good Domain knowledge and understanding of Connected vehicle services platform. Strong working experience in Automotive Cybersecurity practices, designs methods and technologies used in embedded systems. Good working experience in Cryptographic algorithms and other security algorithms and protocols. Good working experience in Threat Modelling Analysis. Experience in Embedded Software and Hardware security requirements and techniques. Very good knowledge of identifying embedded software security vulnerabilities and analysis. Good Knowledge in PKI management and industry acceptable security practices. Knowledge of QNX, Android and IOS platforms. Knowledge of HTTP(S), MQTT, CAN, LIN protocols etc. Knowledge of communication protocols and technologies like TCP/IP, Ethernet, Wifi, Bluetooth, 3G, LTE etc. Good understanding of Vehicle Telematics, Vehicle Infotainment systems, Radio Head Unit systems, Telematics Backend and Smartphone Applications. *Job Roles/Responsibilities * * Embedded Security Application Engineer * • Ensure product specific designs adhere to FCA embedded security requirements by interfacing with internal global Uconnect security organizations, internal cyber security organizations and HU and RSE suppliers • Lead component supplier implementation of the embedded security on HU and RSE controllers. Track supplier non-compliance issues with each supplier and drive resolutions to support existing project milestones. • Implement core security specification change requests from initial quote request phase to production implementation • Lead remediation of security vulnerability issues identified during supplier security design reviews and from 3rd party security penetration testing • Identify unique constraints and design alternatives based on product specific hardware and software architectures • Communicate security application technology issues with senior managers and supporting vendors • Communicate necessary changes to core security requirements specifications released by the Uconnect embedded security requirements team • Lead the HU and RSE controller supplier in delivering security architecture & design documentation. • Develop and maintain HU and RSE security threat models. • Review supplier threat modeling and analysis, vulnerability assessment and risk management plans • Establish and manage security work stream and manage Feature Roll Out Plan (FROP) with each supplier to meet HU and RSE development timelines. Provide weekly progress and open issues updates to management review team • Conduct Bi-annual security architecture and design reviews with each HU and RSE supplier. *Global SDP and BIMD Security Engineer: * • Establish global SDP and BIMD security strategies and requirements specifications by interfacing with internal IT organizations, internal cyber security organizations and SDP suppliers from all major regional markets • Lead bi-weekly global SDP and BIMD security architecture discussions • Enhance and update existing global system level security specifications for the SDP and BIMD • Identify regional best practices to utilize for the global security solutions while understanding existing regional security solutions • Identify unique constraints with regional deployments with both embedded and via mobile security architectures • Communicate security application technology issues with senior managers and supporting vendors on bi-weekly basis. • Track open specification compliance issues with each supplier and drive resolutions to support existing development milestones • Create, document and refine the SDP & BIMD security architecture strategies and road maps on 6 month basis • Lead remediation of security vulnerability issues identified during supplier security design reviews and from 3rd party security penetration testing • Provide technical guidance to the Telematics security validation resources to assist in the development of the global SDP and BIMD security DVP&R • Lead the carriers and SDP providers in delivering security architecture & design documentation for regional platforms • Define interface security requirements between SDP and IT backend servers, between the vehicle and backend servers and between backend servers, application frameworks and via-mobile applications. • Develop and maintain SDP security threat models. Apply industry expertise on leading best practices and solutions for SDP security. -- *Regards,* *Hartinder Kaur* *Technical Recruiter* ------------------------------ *E: **hartinder.k...@idctechnologies.com <hartinder.k...@idctechnologies.com>* LinkedIn:https://in.linkedin.com/in/hartinder-tracy-1412994a -- You received this message because you are subscribed to the Google Groups "Hot List" group. To unsubscribe from this group and stop receiving emails from it, send an email to directclienteq+unsubscr...@googlegroups.com. To post to this group, send email to directclienteq@googlegroups.com. Visit this group at https://groups.google.com/group/directclienteq. For more options, visit https://groups.google.com/d/optout.
