Automotive Cybersecurity Engineer

Job Overview

• Being one of the most emerging technical domains, Automotive Cybersecurity, technologically challenging opportunity to work. Modern vehicles are all interconnected having network of electronic components carrying real-time safety critical information. The complexity of current automobiles is constantly increasing. But this growing complexity and added functionality is increasingly exposing vehicles to the cyber-attacks. A job focuses on having a real-time track of automotive security environment.
• Here is an opportunity to understand and analyze the current situation of potentially growing cyber threats for vehicle by performing Threat Analysis & Risk Assessment, Vulnerability Analysis for automotive systems, vehicle ECU to bring forth in-depth analysis of threats and vulnerabilities with updated real time analysis.
• To mitigate cyber exploits for automotive systems, develop attack vectors for identified vulnerabilities and perform penetration testing to validate the vulnerabilities.
• Hands-on working experience to resolve intriguing challenges for enabling low level embedded ECU security, design and develop secure bootloaders, deploy Secure Vehicular Communication (SecureVC) and secure on-board communication (SecOC), in a resource constrained vehicular environment.
• Opportunity to work on design and development of HSM-based Security for deploying appropriate security measure in a resource constrained environment.

Responsibilities and Duties

• Experienced embedded security engineer will be responsible for developing and deploying methodologies for vehicular security assessment to analyse real-time security threats, associated risks and vulnerabilities, based on ISO 21434 and UN ECE Norms.
• Experienced embedded Penetration Tester will be responsible for design and development of embedded attack vectors to carry out penetration testing in the vehicle network and ECUs, to validate the vulnerabilities.
• Engineer with relevant knowledge and experience will get to work in designing approaches for automating Cybersecurity Functional testing and FUZZ testing for automotive cybersecurity.
• Engineer with a deep understanding and experience on embedded system, will work in the design and development of Secure Flashing, Secure Bootloader to enable low level embedded security for ECUs.
• A welcome understanding and experience on effective integration of Hardware Trust Anchors (HSM / ICUM) and HSM-based security services for the vehicle Embedded Systems and perform integration testing
• Engineer with sound knowledge of embedded security, cryptography, PKI/TLS will work on developing Secure Vehicular Communication
• Engineer with in-depth knowledge and experience on vehicle network security will work on design and development of CAN Intrusion Detection Systems.
• Responsible for benchmarking, researching industry and non-industry landscapes, and documenting automotive security requirements.
• Experience in Linux, embedded systems, understanding of various h/w boards, microcontrollers, programming in C / C++, Embedded C (focusing on various communication interfaces, low level hardware, sensors, drivers and in-vehicle network). Scripting knowledge on Python / Perl.
• Knowledge of CAN Tools, network tools, sniffing / spoofing tools and various hacking tools especially in the embedded domain.
• Hands on experience on safety and security standards. [V Model, ASPICE Security Norms]
• Ability to analyze and synthesize enormous and complex information flowing in the embedded automotive systems

Qualification

Education level - Degree / PG in engineering (E&TC, Electrical, Automotive, Computers) / MCA Experience – relevant experience of 3 to 6 years

Job Specific skills

• C / C++, Embedded C Programming, Scripting experience in Python / Perl
• Experience in working with Micro-controller, various boards, cross-compilers, debugging the hardware, flashing tools
• Security Assessment of Automotive Systems based on ISO 21434 and UN ECE norms, especially working on Threat Analysis & Risk Assessment, Vulnerability Analysis, Design Mitigations, Cybersecurity Management System (CSMS) etc.
• Experience using CAN tools such as CANAnalyzer, CANoe, VehicleSPY, ValueCAN
• Understanding of AUTOSAR, CAN Protocol, UDS Protocol, In-vehicle network
• Sound understanding of embedded security assessment to analyse real time threats, vulnerabilities
• In-depth understanding of embedded Penetration Testing, various sniffing, spoofing tools, embedded hacking tools, generation of embedded attack vectors.
• Understanding of FUZZ testing, cybersecurity functional testing, integration testing
• HSM-based security services, Security Cryto-functional integration / testing, Authentication, Integrity Check & Secure Communication, Key Management, Security functions like Secure Flashing, Secure access / unlocking
• Understanding of Cybersecurity concepts, Crypto algorithms, Key management, PKI, Secure coding practices
• Experience of hacking tools, their deployment in Embedded Vehicular Environment
• Experience in Automotive Cybersecurity, Automotive ECUs, Secure Bootloaders, Secure Flashing, Autosar Crypto, JTAG, Gateway Module, infotainment system, CAN IDS and Firewall etc. is bonus