Embedded System Cyber-Security Engineer Job

Position Summary:

Technical lead for security of vehicle electrical/electronic/software systems.

Primary Duties:

• Perform threat modeling and risk assessments for current and forward-model vehicle systems
• Assess technology proposals from external suppliers for their potential to meet risk management design objectives
• Define security controls for system level design requirements
• Coordinate with distributed teams for managing security scope during software development activities
• Perform system level verification testing of implemented security controls
• Consult with EE system architects to achieve continuous improvement  in vehicle security with each future update
• Collaborate with non-security professionals for supply chain risk management
• Liaise with Enterprise IT Security to align goals and strategy
• Maintain professional relationships with security communities in the transportation sector
• Develop and deliver awareness training to enhance embedded cyber-security knowledge and skill throughout the company.

Qualifications:

• Bachelor’s degree in Engineering, Computer Science or equivalent
• Proficiency with at least one compiled and one interpreted programming language
• Familiarity with a security management framework such at ISO 21434, ISO 27001, NIST CSF, etc.
• Ability to work in a highly-distributed, lean, collaborative team environment
• Excellent communication and interpersonal skills, good planning/tracking skills
• Competency with standard office software (word processing, spreadsheets, presentation tools, etc)
• Able to design new processes and resourcefully solve complex technical issues
• Determined commitment to reliability, value, quality, and safety in all aspects of work
• Willingness to grow continuously, both personally and professionally and a strong results orientation
• 7 or more years of experience in two or more roles: real-time software development, vehicle electronics and controls, embedded systems design, application security, penetration testing, incident response, or compliance
• Ability to travel for scheduled meetings less than 20% to domestic and international locations
• Ability to maintain/obtain within 6 months a security certification: CompTIA CAP or CASP, ISC² CISM or CISSP, GIAC GSLC, EC-Council CCISO.

Additional Valued Attributes:

• Knowledge of applied cryptography for provisioning secure hardware
• Knowledge of secure development techniques using static and dynamic analysis
• Practical experience with security controls for POSIX type operating systems
• Experience managing vulnerability disclosure programs
• Familiarity with AGILE software development processes
• Familiarity with requirements tracking and software test/validation tools
• Proficiency using Requirements Capture, Simulation, Software Configuration, Defect Tracking/Reporting tools.
• Awareness of heavy duty commercial truck regulations, especially affecting instrumentation, emissions, safety, On Board Diagnostics, and other areas that impact electrical and electronic design, architecture, and functionality
• Experience with structured product development processes
• Automotive electronic systems engineering skills including multiplex communication systems (especially CAN/J1939), architecture, and control system design and analysis.

PACCAR is an Equal Opportunity Employer/Protected Veteran/Disability.