In-vehicle & Mobility Cybersecurity Engineer

• The ability to not just perform assigned tasks but also to identify potential security issues or areas for improvement.
• Taking full responsibility for the assigned cybersecurity tasks, ensuring quality, meeting deadlines, and following through on commitments.
• Demonstrating the drive to learn new technologies, research solutions, and take on new challenges without constant supervision.
• Clearly articulate technical cybersecurity concepts, findings (e.g. from penetration tests), and recommendations to peers and senior engineers in a concise and understandable manner.
• Actively participating in team discussions, contributing to shared goals, and supporting colleagues to achieve collective cybersecurity objectives.
• A strong desire to stay updated on the latest cybersecurity threats, technologies, and best practices relevant to in-vehicle and mobility systems, actively seeking out knowledge.

Functional/Technical Skills

• Ability to read, understand, and contribute to the analysis of cybersecurity requirements for specific vehicle features or components, translating them into actionable tasks.
• Capability to participate in threat modeling sessions, assisting in identifying potential attack vectors and assessing risks for in-vehicle systems and connected services under guidance.
• Understanding and applying secure development best practices throughout the product lifecycle, including participating in secure design reviews, contributing to secure coding, and supporting security testing efforts.
• Practical experience in executing various security tests such as vulnerability scanning, basic penetration testing, and fuzz testing following defined procedures, and accurately documenting findings.
• Assisting in the identification, analysis, and tracking of vulnerabilities within assigned components, and supporting the development of remediation plans.
• Basic understanding of relevant automotive cybersecurity standards (e.g. ISO/SAE 21434, NIST Cybersecurity Framework) and contributing to their application in technical work.
• Ability to technically implement and integrate cybersecurity features and controls into automotive software and hardware components.
• Solid understanding of in-vehicle communication protocols such as CAN, CAN-FD, Automotive Ethernet, and LIN including their basic security considerations and common attack vectors.
• Understanding of in-vehicle network topologies, communication flows, and the common security mechanisms and challenges associated with them.
• Familiarity with diagnostic protocols (e.g. UDS, SOME/IP) and their role in vehicle diagnostics and potential security implications.
• Knowledge of securing embedded systems and Electronic Control Units, including foundational concepts like secure boot, Hardware Security Modules, and Trusted Execution Environments.
• Hands-on experience with common security testing tools for vulnerability assessment, basic penetration testing, and fuzz testing (e.g. Wireshark, CANoe, basic vulnerability scanners).
• Proficiency in at least one relevant programming or scripting language (e.g. Python, JS) for security analysis, automation of tasks, or developing simple security tools.
• Awareness of cybersecurity concepts related to connected vehicle services, cloud platforms, and Over-the-Air (OTA) updates, particularly as they interact with the vehicle.