In-vehicle & Mobility Cybersecurity Engineer

We are seeking a driven and technically proficient In-Vehicle & Mobility Cybersecurity Engineer to contribute to the security of Ford badged JMC innovative vehicle and mobility solutions. This role is ideal for an engineer with a solid foundation in automotive cybersecurity principles and a hands-on approach to securing complex embedded systems. You will play a key role in implementing security requirements measures and conducting crucial security penetration testing.

1. Apply a strong understanding of automotive communication protocols (e.g. CAN CAN-FD Automotive Ethernet LIN) to analyze and secure the in-vehicle networks.
2. Apply proficiency with diagnostic protocols (e.g. UDS SOME/IP) to ensure secure diagnostic access and functionalities within vehicle systems.
3. Actively participate in the technical implementation of cybersecurity measures for projects ensuring adherence to security requirements and contributing to the successful integration of security features.
4. Assist in the identification analysis and assessment of potential cybersecurity vulnerabilities in vehicle features and components supporting the development of effective mitigation strategies.
5. Contribute to design reviews and architectural discussions by providing security input and ensuring that cybersecurity considerations are integrated early in the development lifecycle.
6. Conduct hands-on security assessments including penetration testing and fuzz testing to identify vulnerabilities in automotive hardware firmware software and communication systems. Document findings and support remediation efforts.
7. Collaborate effectively with Ford Secondees at JMC JMC engineering and product development teams and JMC tier 1 suppliers to integrate cybersecurity requirements and provide technical support.

Education Qualification

Bachelors Degree in Computer Science Software Engineering or Electronics/Electrical Engineering.

Number of Years of Experience

Over 3 years of experience in automotive product cybersecurity including a minimum of 1.5 years specializing in in-vehicle and mobility cybersecurity.

Leadership Skills

• Ability to identify tasks problems or areas for improvement and proactively take action without constant supervision.
• A proactive approach to identifying and resolving technical challenges not just pointing them out but actively seeking solutions.
• Ensuring the thoroughness and accuracy of cybersecurity implementations and analyses which is critical in a security-sensitive field.
• Clearly articulating technical cybersecurity concepts findings and recommendations to cross-functional teams and other stakeholders in a concise and understandable manner.
• A strong desire to stay updated with the latest cybersecurity threats technologies and best practices in the automotive domain.
• Flexibility in adjusting to new technical requirements project priorities or evolving security landscapes.
• A commitment to delivering high-quality secure solutions and adhering to established standards and processes.

Functional/Technical Skills

• Ability to analyze and interpret cybersecurity requirements for automotive components and systems translating them into technical specifications.
• Capability to participate in threat modeling exercises and assist in identifying potential attack vectors and assessing risks for in-vehicle systems and connected services.
• Understanding and applying secure development best practices throughout the product lifecycle contributing to secure coding design reviews and security testing.
• Practical experience in executing various security tests including vulnerability scanning penetration testing fuzz testing and accurately documenting findings.
• Assisting in the identification analysis and tracking of vulnerabilities and supporting the development of remediation plans.
• Basic understanding of relevant automotive cybersecurity standards and regulations (e.g. ISO/SAE 21434 UNECE R155/156 NIST Cybersecurity Framework China GB44495/44496) and applying them in daily work.
• Solid understanding of in-vehicle communication protocols such as CAN CAN-FD Automotive Ethernet and LIN including their basic security considerations.
• Familiarity with diagnostic protocols (e.g. UDS SOME/IP) and their role in vehicle security.
• Knowledge of securing embedded systems and Electronic Control Units including concepts like secure boot Hardware Security Modules and Trusted Execution Environments.
• Basic understanding of cryptographic principles algorithms and how Public Key Infrastructure is used for secure communication and authentication in automotive contexts.
• Hands-on experience with common security testing tools for vulnerability assessment penetration testing and fuzz testing (e.g. Wireshark CANoe specific automotive security tools).
• Proficiency in at least one relevant programming or scripting language (e.g. Python JS) for security analysis tool development or automation.