Sr. In-vehicle & Mobility Cybersecurity Engineer

We are seeking a highly skilled and experienced Senior In-Vehicle & Mobility Cybersecurity Engineer to drive the security architecture for our next-generation vehicle access and connectivity solutions. This pivotal role focuses on securing cutting-edge automotive digital key technologies, including Phone As A Key (PaaK) and NFC. The ideal candidate will possess deep technical mastery in wireless communication, secure vehicle access protocols, and in-vehicle network architectures, coupled with robust hands-on experience in security testing and design. The ideal candidate will be a recognized expert who can proactively identify and mitigate complex cybersecurity risks.

• Serve as a Subject Matter Expert in Classic Bluetooth and Bluetooth Low Energy (BLE) communication and authentication mechanisms. This includes providing in-depth guidance on their security vulnerabilities, effective countermeasures, and how to conduct advanced fuzz testing to uncover potential weaknesses in these protocols.
• Possess a deep understanding of automotive Phone As A Key (PAAK) architectures and solutions, including the integration and security implications of digital NFC keys.
• Expertly analyze and secure how automotive Digital Key solutions interact with mobile applications and backend Telematics Cloud Services, ensuring end-to-end security for these critical functionalities.
• Demonstrate expert-level knowledge of in-vehicle communication protocols such as CAN, CAN-FD, Automotive Ethernet, and LIN, including their specific security vulnerabilities and the design and implementation of robust countermeasures.
• Lead and perform hands-on penetration testing specifically targeting Phone As A Key (PAAK) solutions, identifying vulnerabilities, and guiding remediation efforts.
• Apply practical experience with Public Key Infrastructure (PKI) to design and secure advanced cryptographic solutions for in-vehicle communication, secure firmware/software over-the-air (OTA) updates, and sensitive data protection.
• Contribute significantly to the security design and architecture of new vehicle features, ensuring security is built-in from the ground up, especially for wireless and access-related systems.
• Proactively identify, analyze, and assess potential cybersecurity vulnerabilities in new and existing vehicle features, proposing and driving the implementation of effective mitigation strategies.

Collaborate closely with Ford PD, EVD and external tier1 suppliers to ensure comprehensive security integration and address complex interdependencies.

• Bachelor’s Degree in Computer Science, Software Engineering or Electronics/Electrical Engineering.
• Over 4 years of experience in automotive product cybersecurity, including a minimum of 2 years specializing in in-vehicle and mobility cybersecurity.
• Providing critical security input and direction on system architectures, ensuring that secure design principles are integrated from the outset for complex features like Phone As A Key and connected services.
• Actively researching, evaluating, and driving the adoption of new cybersecurity technologies, tools, and methodologies (e.g. advanced fuzzing techniques, new PKI implementations) within the team and across projects.
• Guiding technical decisions by effectively weighing cybersecurity risks against business objectives, development timelines, and cost, especially in complex, interconnected systems.
• Ability to define and articulate a clear technical cybersecurity vision for their areas of expertise (e.g. wireless access, in-vehicle networks), anticipating future threats and guiding the development of robust, forward-looking security architectures.
• Proactively guiding and developing less experienced engineers in their specialized domains (Bluetooth security, PAAK, network protocol analysis, penetration testing), sharing deep technical knowledge and best practices.
• Taking ownership and leading the cybersecurity aspects of complex projects (like PAAK implementation), ensuring security requirements are met, technical challenges are overcome, and security testing is comprehensive.
• Leading the diagnosis of complex security vulnerabilities and driving the implementation of effective, scalable remediation strategies.
• Effectively collaborating with and influencing diverse stakeholders (e.g. hardware engineers, software developers, product owners, cloud architects) to integrate cybersecurity requirements and solutions seamlessly into product development.
• Lead and conduct advanced threat modeling (e.g. STRIDE, Attack Trees, HEAVENS) specifically for PAAK solutions, digital NFC keys, Bluetooth/BLE stacks, and their interaction with in-vehicle networks and cloud services.
• Expertise in identifying complex attack surfaces, vectors, and potential vulnerabilities across hardware, software, and communication layers, providing comprehensive risk assessments and mitigation strategies.
• Lead and perform hands-on penetration testing against Phone As A Key (PAAK) solutions, including associated mobile apps, in-vehicle ECUs, and backend cloud integrations.
• Drive the integration of security activities and best practices throughout the entire product development lifecycle for wireless access and connectivity features, from concept to deployment.
• Lead the identification, analysis, prioritization, and management of critical vulnerabilities discovered in wireless communication, PAAK, and in-vehicle network components, driving timely and effective remediation efforts.
• Deep understanding and practical application of relevant automotive cybersecurity standards (e.g. ISO/SAE 21434, NIST Cybersecurity Framework) and industry best practices to ensure compliance for vehicle access and connectivity features.
• Subject Matter Expert in Classic Bluetooth and Bluetooth Low Energy (BLE), including their specifications, authentication mechanisms (e.g. Secure Simple Pairing, LE Secure Connections), and common vulnerabilities.
• Expertise in performing fuzz testing against Bluetooth/BLE stacks and implementations using specialized tools and techniques.
• Expertise in digital NFC key technologies, their security properties, and integration into vehicle systems.
• Expert in in-vehicle communication protocols such as CAN, CAN-FD, Automotive Ethernet, and LIN, including their security vulnerabilities (e.g. spoofing, jamming, DoS) and corresponding countermeasures (e.g. MAC, encryption, secure diagnostics).
• Strong understanding of security principles for cloud-based telematics services, secure API design, and mobile application security best practices as they relate to vehicle access and control.