Responsibilities
- Support the Stream’s management team with cybersecurity management competence as a speaking partner.
- On delegation by PO/PM, perform PCSMS activities and drive the cybersecurity activities on end user function respective system, component.
- Technical contribution (along with product cybersecurity engineer) to perform and updating cybersecurity deliverables such as TARA, cybersecurity concept and cybersecurity specification development.
- Represent the Stream in all cybersecurity community of practice (e.g., PCS Clinic) as active member.
- Represent the Stream in type approval procedure (new and extension) & provide needed evidence to central team to provide document needed for technical services. (Contents in needed documents e.g., InfoDoc).
- Domain responsible for cybersecurity culture, planning and reporting.
- Develop and follow up cybersecurity plan for project according to scope and delivery.
- Request Verification Review (VR) from appropriate reviewer including XF team where higher independence is required.
- Request cybersecurity validation from the penetration testers.
Required Skills
- Knowledge of embedded and/or automotive systems.
- Knowledge of cybersecurity engineering best practices, standards, and regulation (i.e., ISO/SAE 21434, SAE J3061, ISO 27001/27002, UNECE R155).
- Knowledge and practical experience with common cybersecurity controls e.g., secure boot, security onboard and offboard communication, hardware security module.
- Knowledge and experience in cybersecurity threat analysis and risk assessment process and techniques.
- Strong problem-solving skills to analyse cybersecurity issues and requirements.
- Technical Knowledge related to the product(s) that the Stream is responsible for.
- Domain knowledge related to the Stream with regards to exposed interfaces, threat scenarios, vulnerabilities, conventional functionality, and cybersecurity mechanisms.
