BlackBerry QNX - Cybersecurity Analyst

Worker Sub-Type:

 Job Description: 

BlackBerry® QNX® is a trusted supplier of safe and secure operating systems, hypervisors, frameworks and development tools, and provides expert support and services for building the world’s most critical embedded systems.   We are the embedded experts. BlackBerry QNX was born in embedded, and provides time-tested and trusted foundation software, including our deterministic microkernel real-time operating system (RTOS), safety-certified products, middleware and security solutions, all purpose-built for embedded systems.  

BlackBerry QNX software is trusted by more than 68% of the Electric Vehicle market by volume, 24 of the top 25 EV manufacturers and is running in more than 235 million vehicles globally.  Our foundation products have been pre-certified to ISO 26262 ASIL D and we offer a broad range of board support packages, professional services, AUTOSAR adaptive support and middleware solutions – from acoustic management, to digital cockpits to advanced driving assistance (ADAS) - to accelerate development and help OEMs meet Start of Production (SOP) dates. Our customers count on us to convert awesome ideas into great products and services. 

Are you the person we are looking for?

The BlackBerry QNX Product Security Operations team is growing. We are looking for a talented Cybersecurity Analyst with an interest in working with advanced embedded software technology to support customers from various industries and to help support world-class secure software products.

Job Duties

• Understand and take ownership of vulnerability reports and communicate details and urgency clearly to stakeholders

• Manage vulnerability disclosure

• Manage product catalog and assess CVEs that get flagged by monitoring systems

• Assess and report on SCA scan results

• Provide product security support to internal and external stakeholders

• Prepare vulnerability assessment reports for customers

• Work with development teams, and project managers to bring security incidents to a conclusion

• Work with cross-functional teams in a fast-paced and dynamic environment

• Propose/implement improvements to security operations processes

Required Skill and Qualifications

• Experience working with or on product security teams.

• Experience with performing vulnerability assessments.

• A functional understanding of how CVEs, CWE and CPEs are used.

Preferred Qualifications

• 2+ years of experience in embedded software development with C/C++/Python

• Basic knowledge of ASPICE, ISO 26262, ISO 21434 and/or UNECE WP.29 R155

Assets

• Excellent written and spoken communication skills

• Self-motivation, tenacity, and determination are instrumental in this position

• Must be able to work without supervision

#LI-SK2

Scheduled Weekly Hours: