该职位来源于猎聘 MAIN RESPONSIBILITIES/主要职责: à Responsible for Security and Privacy Management according to standards like ISO 21434 or comparable. à As the cybersecurity interface to customer, perform the customer requirements analysis, response to customer review. à Negotiate with direct customer contact Cybersecurity Development Interface Agreements (CIA) and identify together with the customer the suitable security protection for the product à Perform Threat Analysis and Risk Assessment (TARA) and perform attack path modelling (ATA) à Create technical cybersecurity concepts for products à Plan all cybersecurity relevant work products and activities in an agile environment and contribute to the success of the project à Execute and/or participate in technical reviews à Cooperation with project manager, engineers, industrial engineering and customer à Continuously improve our cybersecurity expertise. Platform-thinking, reusability, efficiency à Be a member in interdisciplinary teams like PSIRT (Product Security Incident Response Team) MINIMUM POSITION REQUIREMENTS (MUST HAVE)/基本岗位任职条件: à Bachelor Degree in computer science, engineering or comparable à At least 3 years' experience of cybersecurity. à Already performed security threat and risk analysis
à Knowledge in cryptographic primitives and functions, security controls and cybersecurity methodologies à Knowledge in the standard ISO 21434 or comparable cybersecurity standards of other industries à Familiar with regulatory requirements such as R155 and GB44495 and technical security standards and recommendations like from NIST and China à Proficient in security system architecture and design à Basic understanding of Fuzzing and Penetration Testing à Basic understanding of Cybersecurity Monitoring and Vulnerability Scanning à Self-motivated, keen on communication and problem solving, conceptual thinking à Ability to work on your own after introduction phase into our department and company à Experience in the field of embedded engineering, preferred in automotive industry (ECU products) à Excellent English language skill. PREFERRED QUALIFICATIONS (NICE TO HAVE)/优先考虑条件: à SW Engineering experience will be an advantage (flash bootloader, application SW, Autosar) à Experience / Background in security testing, Penetration testing or Fuzz Testing will be an advantage à External training on cybersecurity engineering. (e.g. TÜV) à Certification for Security System Architectures or SW architectures focusing on embedded development à Knowhow of (security) wireless communication standards like Digital car key, BTLE, smart-home, … à Experience in system development and requirements management. à Experience with either multinational project teams or multifunctional projects.