JOB DESCRIPTION

• Focus on onboard modules hardware, firmware, software, embedded OS and in-vehicle network security
• Provide cybersecurity technical services/activities include but not limited to developing cybersecurity specifications, performing threat analysis and risk assessment, performing penetration testing, and providing recommendations/best practices for vulnerability remediation.
• Act as cybersecurity SME in in-vehicle connected modules/ECUs (e.g. SYNC+/APMI, ECG, TCU)

• Conduct Core Engineering Review with Tier1 suppliers to identify potential security gaps/risks.
• Perform Threat and Risk assessment based on the product design and work with Tier1 suppliers in remediating security risks.
• Perform Penetration Testing against the pre-production product and identify any security vulnerabilities.
• Provide recommendations/best practices in remediating security vulnerability.
• Lead Ford Cybersecurity delivery for CA/JMC engineered Ford vehicles

• In-vehicle Cybersecurity experience in terms of writing cybersecurity specifications, performing threat analysis and risk assessment, conducting penetration testing.
• Familiar with Linux and QNX systems, such as: SELINUX permission configuration, iptables, file system.
• Familiar with the implementation of common encryption and decryption algorithms, and understand the mechanisms and principles of security modules such as Hardware Security Module, Secure Hardware Extension, and TEE.