Cyber Security Expert (Automotive domian)

  • Full-time
  • Leadership Level: Leading Self
  • Legal Entity: Continental Autonomous Mobility India Private Limited (1013)
  • Working Time: Full Time
  • Job Flexibility: Hybrid Job

Company Description

Continental develops pioneering technologies and services for sustainable and connected mobility of people and their goods. Founded in 1871, the technology company offers safe, efficient, intelligent and affordable solutions for vehicles, machines, traffic and transportation. In 2022, Continental generated sales of €39.4 billion and currently employs around 200,000 people in 57 countries and markets.

The Automotive group sector comprises technologies for passive safety, brake, chassis, motion and motion control systems. Innovative solutions for assisted and automated driving, display and operating technologies, as well as audio and camera solutions for the vehicle interior, are also part of the portfolio, as is intelligent information and communication technology for the mobility services of fleet operators and commercial vehicle manufacturers. Comprehensive activities relating to connectivity technologies, vehicle electronics and high-performance computers round off the range of products and services.

Job Description

Position/ Role: Project Security and Privacy Manager

Job Type: Full time

Total Work Experience: 5 – 15 Years; Automotive Security Experience: 3-10 Years

Work Location: Bangalore (Electronics City, Phase II)

Immediate joiners preferred.

Plans and organizes automotive ISO 21434 security related work products for a project.

  • Acts as interface to other domains for all Security or Privacy aspects.
  • Defines and gets agreement upon the mechanisms/requirements that will help to ensure Security of the product and Privacy of its users.
  • Aligns development interface agreement for Security and Privacy with customer and suppliers.
  • Prepares and conducts Security Assessments at various stages of Product Life cycle.
  • Performs Impact Analysis and Security and Privacy Risk Assessments

Skill set required:

  1. Knowledge in Automotive Security (ISO 21434, IT security, SW, HW, System) and Data Protection (privacy regulation)
  2. Knowledge in Automotive Architectural modelling and Requirement Engineering
  3. Knowledge in Automotive Security & Privacy standard, methods, and approaches
  4. Knowledge in Automotive technical risk analyses, e.g. TARA, STRIDE, Security FMEA, ... 
  5. Good Exposure to Automotive product development project life cycle
  6. Working knowledge of DOORS, Rhapsody, JIRA, JAZZ, SCM and HEP landscape

The detailed description is as follows:

  1. The PSPM will plan and organize the security-related aspects and their work products for a specific component project.
  2. The PSPM will act as the interface to other level PFSMs, system architect, project team and customer for all security or privacy aspects regarding the full chain of effect of dedicated system level.
  3. The PSPM will define the security and privacy work products, track their status and prepare reports about the maturity and proactively communicate risks to the project manager.
  4. The PSPM will also care for an adequate training status of the development team to ensure that security and privacy concepts are chosen and implemented according to the state-of-industry-and-art.
  5. The PSPM is responsible to define and agree upon the mechanism that will help to ensure security of the product and the privacy of its users.
  6. The PSPM will closely work together with the system architect to support a common understanding within the development team, deriving a system and software security architecture.
  7. As Cyber Security Production Manager (CySPro) the PSPM discuss, analyze, collaborate, communicate between R&D, production, KMD and OTC backend and define the security relevant content of the product test specification and the Cybersecurity configuration.
  8. In case the PSPM is allocated as Security and Privacy Maintenance Manager (SPMM), he/she has role to manage and coordinate all SP Maintenance activities throughout all phases of SP Maintenance
  9. In a security relevant project there might be the need to exchange business critical secret information from the OEM to Continental and within Continental. As Project Secret Information Manager (PSIM) the PSPM will act as trusted contact person for the OEM and take care for appropriate distribution of required business critical information according state-of-the-art IT security standards.
  10. The PSIM will closely work together with the BU IT Security Advisor.

    Qualifications

    B B.E/M. Tech /B. Tech /M. E/ Ph. D (Electrical/Electronics)

    Additional Information

    Main Activities

    • Consult quote team and estimate costs and effort for security and privacy (S&P) related content
    • Align development interface agreement for S&P with customer and suppliers
    • Assure adequate tailoring of development process and the relevant S&P activities and work products pending on development scope
    • Provide Project S&P Plan and Schedule
    • Initiate and plan SEC assessment
    • Ensure adequate S&P training of project participants
    • Ensure the application of measures for the avoidance of systematic errors
    • Plan and trace work products and their reviews which are part of Security Case
    • Align of active monitoring of field and security and privacy community with SPM BU
    • Tracking of implementation status and perform the S&P Risk Assessment for each delivery release.
    • Interfaces to the customer and supplier for S&P
    • Creation and adaptation of system requirements with S&P aspects, including tracing to architecture and S&P goals (if available)
    • Creation and adaptation of system architecture with S&P aspects
    • Creation and adaptation of the S&P concept with all involved stakeholders (customer, supplier, SLE, SW PM, HW LE, MEC LE, production and quality) which ensures/secures operation of product, including protections against violation of S&P
    • Perform Security & Privacy Analysis and Risk Assessments (VARA, PIA)
    • Responsible to collect, document (e.g. in Doors) and analysis (delta-analysis) of the Security relevant requirements from all quotes and application projects of one dedicated OEM (Lead-PSPM)
    • Generic assessment of non-functional OEM requirements independent of application scope (Lead-PSPM)
    • Act as OEM contact person for exchange of Secret Information used for development (PSIM)
    • Distribute secret information within Continental (PSIM)
    • In case allocated support maintenance as SPMM
    • The PSPM reports to the SLE, Line Manager and the SPM BU

     

    Allocation of S&P responsibilities within the project:

    • Definition of S&P responsibilities for entire system and subsystems and detailed (if necessary: delegation or grouping of activities) in cooperation with the SLE.
    • Discuss all project related S&P issues internally and with the customer.
    • Initiation of escalation in case of unsatisfactory assessment results.

    Ready to drive with Continental? Take the first step and fill in the online application.

    Privacy PolicyImprint