About The Position
As today’s cars contain advanced hardware and software platforms that can connect to the outside world, securing the vehicle requires much more than securing each of the modules in the car – it requires new concepts that look at the vehicle’s entire architecture. Together with the world’s leading car manufacturer, we manage the connected car security concept development and system architecture – designing the car of the future.
We are an international, growing cyber security company looking for creative and proactive individuals to develop security concepts and system architecture for the automotive industry
- Conducting architectural security reviews and cyber risk analysis for specific modules and/or entire systems or solutions from concept phase.
- Providing security engineering support of production and non-production environments.
- Support the implementation of state-of-the-art security controls in collaboration with top engineers from leading car manufacturer and its Tiers/suppliers
- Advise on security best practices of provisioning, installation, configuration, operation and maintenance of cloud instances, vehicular IT systems, hardware, software and other infrastructure related to AWS cloud environment
- Support in security requirements gathering, analyzing, designing, developing, testing, maintaining and building platforms on AWS
- Development of high-level and low-level mitigations and security requirements.
- Develop and support the implementation of security concepts according to the requested Risk assessment in the general architecture.
- Performing Web services security assessments (e.g. RESTful API)
- Contribute in code review/analysis.
- Developing test scripts and procedures
- Technical Knowledge of Amazon Web Services (AWS), Cloud Infrastructure, Computing and Security Services.
- Experience deploying applications using AWS services, such as CloudFormation, EC2, Docker, S3 buckets
- Experience with Auto-scaling groups, Lambda functions, ActiveMQ, Elastic Cache
- Identifying system vulnerabilities and securing AWS environments.
- Technical experience with Risk Assessment, Data Protection, Privacy, Cloud Security, SDLC Security, Security Configuration, Data Loss Prevention.
- Strong understanding of OWASP Top 10 attacks and Cyber Attacks on web applications and network level.
- Strong understanding of DevOps, Continuous Integration and Continuous delivery pipelines and implementations.
- Strong understanding of Scaled Agile (SAFe) way of working.
- Knowledge of Linux and scripting (e.g. Python, Bash/Shell, etc).
- Strong understanding different telecommunications technologies and protocols.
- Experience with industry best practices of securing networks, servers, and applications.
- Experience with industry/regulatory requirements and frameworks: NIST CSF, NIST 800-53, SAE j3061
- Knowledge with ISO21434
- Fluent English skills
- Willingness to travel abroad and within Germany
- AWS Certification.
- CompTIA CySA+/CCSP/CISSP/CISA
- Experience in the automotive industry
- Experience with embedded systems (research or development)
- Experience across diverse programming languages
- Startup working atmosphere with an international and dynamic team
- Flexible working hours and working under your own initiative
- Flat hierarchies and creative leeway
- Close cooperation with the R&D department of the world’s leading car manufacturer
- Unique career development opportunities