[Skip To Content]

Senior Cybersecurity Engineer - Design

  • 위치
    • Warren, Michigan
  • 일정 Full time
  • 게시됨

설명

Hybrid: This position does not require an employee to be onsite full-time, but the general expectation is that the employee will be onsite a minimum of 3 days each week. 

The Role:

This is an exciting opportunity if you are looking to grow your security skillset and contribute in shaping the future of automotive security innovation. GM is undergoing a major transformation, both in how we operate and in how we will influence the future of transportation. The Senior Cybersecurity Engineer will lead in a progressive technical position responsible for continued execution of GM’s security design and its evolution through technological advancements to ensure GM remains ahead of the adversary. You will define end-to-end security solutions, feature requirements and guide the implementation across internal and external embedded software developers. You will engage with GM IT developers to drive application requirements necessary for enabling vehicle security strategies. In this role, you will be given the opportunity to engage in advanced technology work to evaluate various strategies for consideration in GM’s automotive security roadmap. You will also be given the opportunity to work cross-functionally with many GM business units to enable the success of vehicle development, manufacturing, and serviceability.

What You’ll Do:

  • Lead subject matter expert for end-to-end security for Digital Key System, remote vehicle access and biometrics sub-systems.

  • Lead subject matter expert for various fielded ECUs security strategy.

  • Conduct vulnerability Threat Analysis and Risk Assessment (TARA), and guide remediation strategy.

  • Define SDV (Software Defined Vehicle) ECUs security designs.

  • Develop and maintain detailed security requirements documentation for product specifications to support system design, development, and features evolution.

  • Lead design and implementation reviews of ECU security elements.

  • Review and approve the design of embedded systems from a cybersecurity perspective.

  • Work closely with development teams and penetration test engineers to risk assess and mitigate identified security vulnerabilities.

  • Perform risk assessments on penetration test findings and deviations from cybersecurity requirements.

  • Work with IT, product development teams, service engineering, and manufacturing engineering to gather requirements ensuring future changes are practical and non-disruptive.

  • Grow technical capability and knowledge on the latest cybersecurity features, tools and embedded technologies from a security perspective.

  • Conduct SW scans, lead their analysis, and guide remediation strategy.

  • Document vulnerabilities and mitigation action plans.

  • Occasional Local/Domestic/International travel to other GM facilities and supplier sites up to 5%.

[Additional Description]

Your Skills & Abilities (Required Qualifications)​​:

  • Bachelor’s Degree in Electrical Engineering, Computer Engineering, Computer Science, Systems Engineering or equivalent majors.

  • 5+ years of professional experience with proven technical and professional skills in job-related area required, including embedded controls/software development.

  • Knowledge and experience on working with Blue Tooth, BLE, and UWB technology.

  • General knowledge of microcontroller architectures.

  • Basic understanding of cryptography fundamentals (Encryption, Authentication, Symmetric Cryptography, Asymmetric Cryptography, PKI).

  • Ability to work independently, make decisions and recommendations while taking into account appropriate tradeoffs between conflicting objectives.

  • Strong interpersonal skills with demonstrated ability to participate in diverse/cross-functional teams, as well as educate/coach others on cybersecurity controls in the connected ecosystem ECU space.

  • Ability to handle ambiguity and make recommendations with limited data.

  • Technical writing competency.

 
What Will Give You A Competitive Edge (Preferred Qualifications)​:

  • 2+ years of Cybersecurity experience.

  • Experience with bootloader, embedded security, controller communication, or diagnostics.

  • Knowledge of AUTOSAR standards and methodology.

  • Knowledge and experience with CAN, Ethernet or Bluetooth Low Energy (BLE) communications protocol.

  • Knowledge of microprocessor architectures deployed across the automotive industry.

  • Knowledge and experience with CCC (Car Connectivity Consortium) standards and specifications.

  • Understanding of methods leveraged for digital signature generation and verification.

  • Knowledge of diagnostic services (e.g., ISO 14229).

  • Understanding of automotive security peripherals (i.e., Secured Hardware Extension (SHE) and EVITA Hardware Security Module (HSM)).

  • Experience with Certificate Authorities and cryptography.

  • Experience with and/or knowledge of technologies used to secure embedded systems.

  • Understanding of various Cybersecurity elements deployed to embedded systems.

  • Experience with IT Back Office security.

#LI-SW1

다양성 정보

General Motors는 법적으로 금지된 차별을 배제하는 것은 물론 포용성과 소속감을 진정으로 장려하는 직장이 되기 위해 노력하고 있습니다. 당사는 다양성이 보장되는 환경에서 직원들이 역량을 발휘하고 우리 고객을 위한 더 좋은 제품을 개발할 수 있다고 믿습니다. 따라서 입사에 관심 있는 사람이 있다면 포지션별 주요 업무와 자격을 확인하고 본인이 보유한 기술과 능력에 부합하는 모든 포지션에 적극적으로 지원하기를 장려합니다. 지원자는 채용 과정에서 역할 관련 평가(해당하는 경우) 및/또는 채용 전 스크리닝을 통과해야 합니다.  자세한 정보는 GM 채용 과정 안내를 참고하십시오.

공평한 취업 기회 선언 (미국)

General Motors는 공평한 기회를 제공하는 고용주임을 자부합니다.  자격을 만족하는 지원자는 인종과 피부색, 성별, 성적 지향, 성별 정체성, 국적, 장애, 재향 군인 보호법 적용 여부와 상관없이 채용 후보로서 심사를 받습니다. 

숙소 (미국 및 캐나다)

General Motors는 장애인을 포함한 모든 구직자들에게 취업 기회를 제공합니다. 구직이나 취업 지원에 도움이 되는 합리적인 숙소가 필요한 경우 Careers.Accommodations@GM.com으로 이메일을 보내시거나 800-865-7580으로 전화주십시오. 이메일에, 귀하가 요청하는 특정한 숙소에 대한 설명과 귀하가 지원하는 직무와 채용 요청서 번호를 포함해주세요.