Summary:
The Cybersecurity Engineer is responsible for ongoing cybersecurity assessments of Company products to determine compliance with applicable cybersecurity standards and technical controls. They will advise product managers and engineering teams, create awareness of cybersecurity standards and technical controls, and recommend best practices for satisfying these standards and controls for all products offered or made available to customers.
Responsibilities:
- Conduct ongoing cybersecurity reviews of Company products and determine whether Cybersecurity Authorization to Operate (CATO) should be granted based on compliance with Company policies, standards, and technical controls.
- Support engineering teams responsible for conducting threat and risk assessments to identify product threat surfaces and attack vectors.
- Interpret technical cybersecurity concepts and their business implications and clearly explain these concepts to management and other engineers.
- Drive and support an authoritative technical consultation process on product cybersecurity across the Company's embedded electronics and non-IT networked product portfolio, including connected vehicle security, secure implementation of real-time operating systems, ongoing security support for heavy industrial systems, and web services.
- Recommend and consult on the design of software controls, hardening measures, and other risk mitigations to minimize attack surface and support cost-effective field maintainability of security controls.
- Support engineering teams responsible for conducting root cause and corrective actions related to cybersecurity weaknesses.
- Create and present training on cybersecurity to different stakeholders (management/leader/engineer).
- Help to define and document security-related procedures.
- Deliver effective project management and technical communications.
Required Skills:
- Good communication skills
#AditiConsulting
# 26-03466
