Summary:
The Cybersecurity Engineer is responsible for ongoing cybersecurity assessments of Company products to ensure compliance with applicable cybersecurity standards and technical controls. The role involves advising product managers and engineering teams, creating awareness of cybersecurity standards, and recommending best practices for all products offered or made available to customers.
Responsibilities:
- Conduct ongoing cybersecurity reviews of Company products to determine if Cybersecurity Authorization to Operate (CATO) should be granted based on compliance with Company policies, standards, and technical controls.
- Support engineering teams in conducting threat and risk assessments to identify product threat surfaces and attack vectors.
- Interpret technical cybersecurity concepts and their business implications, explaining them clearly to management and other engineers.
- Drive and support an authoritative technical consultation process on product cybersecurity across the Company's embedded electronics and non-IT networked product portfolio, including connected vehicle security and secure implementation of real-time operating systems.
- Recommend and consult on the design of software controls, hardening measures, and other risk mitigations to minimize attack surface and support cost-effective field maintainability of security controls.
- Support engineering teams in conducting root cause and corrective actions related to cybersecurity weaknesses.
- Create and present training on cybersecurity to different stakeholders (management, leaders, engineers).
- Help define and document security-related procedures.
- Deliver effective project management and technical communications.
Required Skills:
- Good communication skills.
