#1 Job Board for tech industry in Europe

Product Software Cybersecurity Architect
Security

Product Software Cybersecurity Architect

Type of work
Undetermined
Experience
Mid
Employment Type
B2B
Operating mode
Remote

Tech stack

    C

    regular

    C++

    regular

    Python

    regular

Job description

The Product Software Cybersecurity Architect  is responsible for overseeing cybersecurity in all software related to the product and is the interface between the software and systems teams on cybersecurity issues.

Responsibilities:
• analysis and translation of the product requirements with cybersecurity impact into software requirements
• creating and maintaining the software architecture and detailed design in the part related to cybersecurity aspects
• supporting the Product Systems Cybersecurity Manager in the development of the product’s cybersecurity plans for Systems and Software Development Plan (SSDP), Risk Management Plan, Change Request Management, Incident Response, and Vulnerability Management
• supporting the Product Systems Cybersecurity Architect for Threat Analysis and Risk Assessment for the product and defining mitigations
• supporting the Product Systems Cybersecurity Architect with requirement analysis and customer meetings
• supporting creation and approving the product’s Cybersecurity Concepts document (including architecture, product key/certificate handling concept, manufacturing key provisioning concept, and code signing concepts).
• coordinating cybersecurity issues between product, manufacturing, and testing software.
• consulting for cybersecurity analysis and patching of any open source or third-party software
• supporting the Product Systems Cybersecurity Manager as a liaison to OEM, partner, and third-party software companies for cybersecurity issues
• providing guidance so secure software is developed and unit tested, including static and dynamic code analysis, fuzz testing, and compliance to standards (MISRA C, CERT C, etc).

Requirements:
• Master’s Degree in Computer Engineering, Computer science or comparable
• several years of experience in engineering, designing and developing embedded secure systems
• experience working in the automotive industry
• knowledge of system development and handling of crypto material
• excellent written and verbal communication skills (English is mandatory, German is advantage)
• excellent organization, communication, collaboration and interpersonal skills
• ability to communicate and present complex issues and ideas with precision and clarity, adjusting appropriately for the audience; ability to communicate effectively at all levels of the organization
• good knowledge of device security concepts such as Secure boot (using HSM, SHE etc.), Secure updates, Secure communications (TLS/SSL, MQTT, Firewall etc.) and applied cryptography
• working knowledge of Keys, random number generation, and handling of crypto material
• hands of experience in using software languages (assembly, C, C++, Python)
• experience using JTAG/SCAN/Chip-Whisperer or other direct interaction with test hardware
• good understanding of standards such as ISO/SAE 21434, NIST, FIPS, PKCS etc.
• experience in customer discussions and technical design reviews