We are looking for a passionate and proficient Cybersecurity Test Engineer to become a valued member of our team.
We are looking for a passionate and proficient Cybersecurity Test Engineer to become a valued member of our team. You will assume a pivotal role in safeguarding the security and resilience of our software applications, particularly in the automotive sector. Your primary responsibilities will encompass defining, executing, and overseeing penetration tests, with a focus on enhancing the security posture of our software systems prior to release.
Strategic Security Testing: Develop and implement comprehensive security testing strategies, specifically in the areas of Penetration/Cybersecurity and Fuzz Testing, to evaluate the robustness and security of our system and software applications.
In-Depth Analysis: Conduct thorough security threat and risk assessments (testing related TARA) leading to penetration testing and fuzz testing, to identify vulnerabilities and weaknesses within our software systems, ensuring their resilience against cyber threats.
Compliance and Reporting: Prepare detailed technical reports that meticulously document the methodologies, processes, and findings of security assessments, adhering to industry standards and regulatory requirements.
Collaboration: Collaborate closely with cross-functional teams, including System/Software Architects, System Engineers and Software Developers to report and assist in the resolution of security issues. This will also involve working directly with the customers whenever required.
Technology Integration: Stay current with the latest developments in cybersecurity threats, trends, and technologies, and incorporate this knowledge into the testing process to fortify our software against emerging threats.
Methodology Development: Continuously develop and enhance testing methodologies and tools specifically tailored for penetration testing, cybersecurity assessments, and fuzz testing.
Cybersecurity compliance: Follow industry standard cybersecurity framework and regulation (ISO 21434, NHTSA guidelines, UNECE WP.29 R155 and R156)
Bachelor's degree in Computer Science, Cybersecurity, or a related field. Significant on-the-job experience may also be considered.
Extensive experience in Penetration Testing, Cybersecurity concept, and Fuzz Testing.
Strong understanding of automotive communication protocols (CAN, Ethernet, Diagnostics).
Proficiency in using automotive diagnostic tools like Vector CANOE or Intrepid Systems Vehicle Spy.
Proven numerical and analytical skills, especially in identifying security vulnerabilities.
Exceptional communication and teamwork skills to effectively convey security findings and collaborate with development teams.
Strong problem-solving ability and attention to detail.
Familiarity with the automotive industry, particularly Tier 1 Automotive suppliers.
Experience with test automation, scripting, or coding languages (Python, C#, C++, etc.) for security testing.
In-depth knowledge of CAN bus protocol (ISO-11898).
Expertise in Automotive Unified Diagnostic Services (ISO-14229) and Automotive Ethernet, including diagnostic protocols (DOIP ISO-13400).
Experience operating with CMMi and Automotive SPICE process framework.
Experience using software defect tracking and reporting systems such as Azure DevOps for tracking security issues.
Proficiency in using hand tools, soldering, and wiring for security testing purposes.
Certification in software testing, such as ISEB/ISTQB.
Familiarity with Automotive Functional Safety standards (ISO-26262).