Our client is Tier-1 Automotive software company with the mission of elevating people's lives by making self-driving cars real. A joint venture between leading Car manufacture corporation and active safety solution corporation from April 2017, a truly modern start-up with high energy, dedication and passion. Client company uses a disruptive, never-seen before business model to produce world-leading competence in key technology areas. Delivering leading advanced driver assistance systems, highly automated driving, and cloud based solutions. We are dedicated to transforming the automotive industry and catapulting into the future of transportation. With over 700 employees worldwide and a high growth rate. The offices locate in Sweden, USA, Germaty, and ChinaRequirements:
We are looking for experienced penetration tester for Automotive, with very good bacground in Elektronical and Electronics systems (Electrical Engineering background) in a car and with OSCP certificates
Systems engineering, architecture or electronic product development experience (understanding of embedded
architecture, development, design principles).
• Minimum 2+ year's industry experience.
• Aware of State of Art in Embedded Security with knowledge of Industry Standards, eg. Knowledge of SAE J3061,
UNECE WP 29 R155 & R156, ISO/SAE AWI 21434.
• Knowledge in embedded cybersecurity
o specification of security controls
o Secure Boot, Secure Programming, Secure Communication, Secure debug.
o Secure coding, including the development of security mechanisms (e.g. firewall, boot sequence, OTA updating,
Main tasks, activities:
- Understanding the different automotive products and having in-depth knowledge about the products.
- Understanding the different automotive cyber security regulations such as J3061, UNECE WP29 R155, ISO/SAE 21434 and ISO 26262.
- Systems engineering, architecture or electronic product development experience (understanding of embedded architecture, development, design principles)
- Embedded product knowledge with knowledge of MCU & SoC based systems, ideally, Automotive embedded products. experience in the design of embedded Cyber Security mechanisms preferred, significant knowledge in software development
- Minimum 6+ years industry experience, minimum 3+ years' experience in security governance, security architecture development and implementation, industry accepted security technologies, and integration of security requirements into architecture components used by systems architects and developers.
- System architecture, including security by design; privacy by design or functional safety by design
- Knowledge of Automotive Vehicle Networks and general electronic automotive products is an advantage
- 5 or 6 hands-on experience in performing penetration testing, functional cyber security testing, Interface testing & fuzz testing.
- Excellent communication skills, both written and verbal, clarity, concision, able to adapt reporting to customer management expectations.Preferences:
- Performing offensive cybersecurity activities in compliance with customer policies and applicable regulation.
- Reviewing internal requirements, Customer requirements and Specifications. Support Design Reviews, internal and with suppliers.
- Collaborating with the Product Line projects by communicating the results of the tests, e.g. identified vulnerabilities, and helping them in bringing the security to the expected level. Follow-up with the project the security fixes until the expected security level is achieved.
- Providing technical expertise to customer stakeholders under the scope of incident management.
- Providing technical reports related to uncovered cybersecurity defects, including the initial assessment as well as the methods, tools and entry points that attackers may use to exploit vulnerabilities or weaknesses.
- Supporting technical architecture and standards assignments.
- Following standardization rules.
- Following the evolution of the state of the art. Create, adapt or improve testing methods to identify new vulnerabilities.
- Perform functional, Interface, fuzz testing activities and its vulnerability management (Recommendations).
- Perform penetration testing (Black, Grey & White Box testing) activities and its vulnerability management (Recommendations).
-Manage the team members and full- fill the expectations of the management.What We OfferExciting Projects:
Come take your place at the forefront of digital transformation! With clients across all industries and sectors, we offer an opportunity to work on market-defining products using the latest technologies.Collaborative Environment:
You can expand your skills by collaborating with a diverse team of highly talented people in an open, laidback environment - or even abroad in one of our global centers or client facilities! Work-Life Balance:
GlobalLogic prioritizes work-life balance, which is why we offer flexible work schedules and opportunities to work from home.Professional Development:
We provide continuing education classes, professional certification and training (technical, soft skills, language, and communication skills) to help you realize your professional goals. Being part of a global organization, there are additional learning opportunities through international knowledge exchanges.Excellent Benefits:
We provide our employees with competitive salaries, health and life insurance, short-term and long-term disability insurance, a matched contribution 401K plan, flexible spending accounts, and PTO and holidaysAbout GlobalLogic
GlobalLogic is a leader in digital engineering. We help brands across the globe design and build innovative products, platforms, and digital experiences for the modern world.
By integrating experience design, complex engineering, and data expertise-we help our clients imagine what's possible, and accelerate their transition into tomorrow's digital businesses.
Headquartered in Silicon Valley, GlobalLogic operates design studios and engineering centers around the world, extending our deep expertise to customers in the automotive, communications, financial services, healthcare and life sciences, manufacturing, media and entertainment, semiconductor, and technology industries.
GlobalLogic is a Hitachi Group Company operating under Hitachi, Ltd. (TSE: 6501) which contributes to a sustainable society with a higher quality of life by driving innovation through data and technology as the Social Innovation Business.