Automotive Cyber Security Engineer

Role Summary

Building the Future
The automotive industry is constantly changing, and Magna is at the forefront of this revolution.  We are looking for entrepreneurial minds who want to help drive the industry forward with us.   Join us and be a part of that challenge.

The Mechatronics (Closures) Group of Magna is a leading full systems supplier of innovative smart access mechatronics systems to the global automotive industry. Our designs fuse the capabilities of mechanical systems with the intelligence of electronic controls to enable new ways of human machine interfacing with the vehicle. 

Our Mechatronics Engineering Group is looking for an experienced Cyber Security Engineer to join our Mechatronics Electronics Engineering Team.

Job Profile
The Cyber Security engineer leads the Cyber Security activities for serial production programs and provides assistance to the program team in delivering the work products of the security case and in complying with various regulations.
 

Key Responsibilities

• Lead cyber security activities in core or application programs in compliance with ISO 21434, UNECE WP.29, and Magna cyber security development processes in collaboration with the development team. These activities include, but are not limited to:
  • Lead Threat Analysis and Risk Assessment (TARA) in collaboration with other functional engineers, and lead the team for TARA updates
  • Lead Security Concept development
  • Lead Security Requirement development, Security Requirement review, and work closely with functional engineers to ensure the execution of these requirements
  • Guide software engineers in vulnerability analysis (static code analysis, known vulnerability analysis) and support tracking cyber security implementation issues based on the vulnerability analysis
  • Support verification engineer in security verification test and its vulnerability management
  • Lead fuzz testing activities and its vulnerability management
  • Lead penetration testing activities and its vulnerability management
• Provide guidance and support in the incident response team.
  • Support incident response activities as assigned.
  • Support awareness cultivation of incident response in the engineering team 
  • Keep close awareness of cyber security incidents in relative
• Provides guidance and support to the program team in the development of their work products in compliance with ISO 21434 and UNECE WP.29. 
• Supports the Cyber Security program plan in collaboration with the program manager. 
• Provides guidance to the program team in the usage of ME’s cyber security processes, templates, and guidelines as stated in GPEP. Help GPEP process owners in continuous improvement efforts by suggesting constructive feedbacks regarding the processes, templates, and guidelines.
• Supports the SW tools qualification process in support of the program in collaboration with the Quality team. 
• Provides coaching to the program team in the interpretation of the relevant clauses of ISO 21434; solicits support from the Cyber Security manager in this area as necessary. 
• Supports tracking of program’s Cyber Security issues and supports driving their closure. 
• Supports the functional managers with the security reviews of the work products per GPEP and ISO 21434 with functional managers.
• Tracks the program’s cyber security issues and support activities for their closure (vulnerability management). 
• Supports the functional managers with the security reviews of the work products per GPEP and ISO 21434. 
• Supports the cyber security manager in developing the security architecture for product lines and projects during quote. 
• Provides coaching to the program’s suppliers in the area of Cyber Security; solicits support from the functional manager in this area as necessary. 
• Lead assessment of the program status in terms of Cyber Security to the Cyber Security manager. 
• Participates in Phase Reviews and Gate Reviews. 
• Supports communication and exchange of information with the quality engineer. 
• Adherence of all relevant company procedures, process models and systems.  
• Performs detailed work assignments provided by the mentor or team member, by applying established and well defined Cyber Security engineering techniques. 
• Stay abreast of state-of-the-art cyber security technologies, requiring strong self-learning ability.
• Work assignments primarily involve entry level or intermediate work. 
• Performs other duties as necessary in support of business objectives.
   

Key Qualifications/Requirements

Education/Experience 

• Bachelor’s degree in Computer Engineering/Systems Engineering/Electrical Engineering/Computer Science or equivalent (Master’s preferred) 

Technical

• Basic knowledge of ISO 21434 and/or UNECE WP.29 R155 is preferred. 
• Experience with cyber security in embedded systems is preferred; experience in automotive or aerospace industry a plus  
• Background in systems engineering, electrical hardware engineering, or software engineering in the Automotive or Aerospace industry.
• Knowledge of CAN protocol is required. 
• Experience with other communication protocols, such as I2C, SPI, or UART, is a plus.
• Experience with Ethernet is preferred. Knowledge of common protocols, such as TLS, IPsec, or IEEE 802.1x, is a plus.
• Experience with standard security protocols in common connectivity such as WiFi, Bluetooth, or USB is a plus.
• Knowledge of basic cryptography is required.
• Knowledge of firewall or Intrusion Detection and Prevention System is a plus.
• Knowledge of Linux or QNX operating system security is a plus. 
• Experience with failure analysis techniques (FMEA, FTA, …) a plus.
• Reliability engineering knowledge a plus. 
• Comfortable working with technical processes.
• Experience supporting the development of technical processes, procedures, guidelines, and templates a plus. 
• Good communication skills and ability to grasp concepts of other engineers.
• Basic knowledge in structured engineering approach. 
• Basic knowledge in development of portable, reusable and modular solutions in automotive environment. 
• Familiar using a disciplined product development process based on ASPICE or CMMi process model. 
• Working knowledge of configuration management (PTC Integrity), project monitoring and control techniques. 
• Troubleshooting and debugging skills. 
• Familiar with structured problem solving (8D) methods and/or techniques

Computer 

• Working knowledge of MS Office package (especially Excel) 
• Working knowledge of cyber security analysis and engineering tools
• Experience using CAN and LIN based tools such as CANalyzer, CANoe, CANape, neoVI 
• Knowledge of programming language, such as C, Python, or Matlab 

Language 

• Comprehensive knowledge of English (verbal and written) 
• For positions located in non-English speaking locations, knowledge of the local working language is an asset. 
• Excellent knowledge (verbal &written) of local language required.

Travel

• Travel (domestic and international) may be needed  

Abilities 

• Able to work effectively in a global environment. 
• Able to represent technical topics internally and externally. 
• Self-motivation, tenacity, and determination are very useful in this position.
• Must be able to work without supervision.
   

Additional Information

Accommodations for disabilities in relation to the job selection process are available upon request.

Awareness. Unity. Empowerment.

At Magna, we believe that a diverse workforce is critical to our success. That’s why we are proud to be an equal opportunity employer. We hire on the basis of experience and qualifications, and in consideration of job requirements, regardless of, in particular, color, ancestry, religion, gender, origin, sexual orientation, age, citizenship, marital status, disability or gender identity. Magna takes the privacy of your personal information seriously. We discourage you from sending applications via email to comply with GDPR requirements and your local Data Privacy Law.