Automotive Cyber Security Engineer

At Torc, we have always believed that autonomous vehicle technology will transform how we travel, move freight, and do business. 

A leader in autonomous driving since 2007, Torc has spent over a decade commercializing our solutions with experienced partners. Now a part of the Daimler family, we are focused solely on developing software for automated trucks to transform how the world moves freight. 

Join us and catapult your career with the company that helped pioneer autonomous technology, and the first AV software company with the vision to partner directly with a truck manufacturer. You’ll work with an experienced team of people who are committed to creating safer roads and saving lives, and your contributions will have an unequivocal impact on the future of trucking and autonomous technology.

What you'll do:

• Lead cyber security activities for Torc in compliance with ISO 21434, UNECE WP.29, and Torc cyber security development processes in collaboration with external teams
• Lead the Threat Analysis and Risk Assessment (TARA) in collaboration with the functional safety team, and lead the team for TARA updates
• Lead the security concept development
• Lead the security requirements development and requirements review
• Coach teams in implementing the cyber security requirements
• Guide software engineers in vulnerability analysis (static code analysis, known vulnerability analysis) and support tracking cyber security implementation issues based on the vulnerability analysis
• Support verification teams in performing the security verification tests
• Lead fuzz testing activities
• Lead penetration testing activities
• Perform vulnerability management for issues found in testing
• Provide guidance and support for the incident response team
• Support incident response activities as assigned
• Cultivate awareness of incident response in the engineering team
• Grow the cyber security culture
• Maintain the Cyber Security plan
• Align to the Automotive SPICE compliant processes at Torc
• Support the SW cyber security tool qualification process
• Provide training for ISO 21434
• Support tracking of cyber security issues and supports driving their closure
• Track cyber security issues and support activities for their closure (vulnerability management)
• Support the systems team in developing the security architecture for product lines and projects during quote
• Interface with external vendors and suppliers to ensure cyber security compliance
• Support quality engineering team in answering cyber security related questions
• Follow Torc processes and work instructions
• Continually improve by staying up-to-date in cyber security technologies

What you’ll need to Succeed:

• Master's degree in Computer Engineering/ Systems Engineering/ Electrical Engineering/ Computer Science or equivalent and 3 years of relevant experience or a Bachelor's and 6 years of experience
• Basic knowledge of ISO 21434 and/or UNECE WP.29 R155
• Background in systems engineering, electrical hardware engineering, or software engineering in the automotive or aerospace industry
• CAN communication protocol experience is desired
• Knowledge of basic cryptography is required
• Basic knowledge in structured engineering approach
• Familiar using a disciplined product development process based on the Automotive SPICE or CMMi process model
• Working knowledge of configuration management tool, project monitoring and control techniques.
• Troubleshooting and debugging skills.
• Familiar with structured problem solving (8D) methods and/or techniques
• Strong interpersonal skills and oral and written communication skills
• Detail oriented, reliable, and self-motivated
• Ability to work in an environment of ambiguity and ongoing change
• Languages: English (fluent), German (intermediate) preferred, additional language(s) appreciated

Bonus Points!

• Experience with cyber security in embedded systems is preferred; experience in automotive or aerospace industry a plus
• ISO 21434  Certification preferred
• Knowledge of or experience in the application of ISO 26262 (Automotive functional safety) preferred
• Experience with other communication protocols, such as I2C, SPI, or UART, is a plus
• Experience with Ethernet is preferred
• Knowledge of common protocols, such as TLS, IPsec, or IEEE 802.1x, is a plus
• Experience with standard security protocols in common connectivity such as WiFi, Bluetooth, or USB is a plus
• Knowledge of firewall or Intrusion Detection and Prevention System is a plus
• Knowledge of Linux or QNX operating system security is a plus
• Experience with failure analysis techniques (FMEA, FTA, …) a plus
• Reliability engineering knowledge is a plus
• Excellent technical proficiency with products preferred

#IND