• Private Medicover medical care for the employee and their family
  • Co-financing for the sport card Multisport
  • Possibility to join the PZU insurance
  • Flexible working hours
  • Salary adequate to skills and experience
  • Co-financing for holidays
  • Hard and soft training, language courses

  • 2+ years of experience in an embedded cybersecurity position or 4+ years in an embedded systems development, preferably for ASPICE compliant projects
  • Understanding of multi-core embedded microcontrollers that use HTAs (hardware trust anchors) or HSMs (hardware security modules)
  • Understanding of cybersecurity specific testing such as penetration and fuzz testing
  • Passionate and forward-thinking about cybersecurity and the needs of the ever-changing automotive industry
  • Good understanding of formal risk assessment and management, knowledge of NIST SP-800-30 and ISO IEC 31010
  • Experience in the automotive or transportation domain
  • Experience with requirements engineering, ability to navigate through multiple customer specifications as well as published standards and policies (UNECE WP.29 R155 CSMS, R156 SUMS, ISO/SAE 21434)
  • Familiarity with cryptography and cybersecurity concepts such as defense in depth, access control models, memory protection, secure boot, Secure Coding, public key infrastructure (PKI)
  • Ability to work easily with Office software suite and engineering software (prior experience with simulation or analysis tools like Ansys Medini Analyze for instance)
  • Strong communication and analytical skills
  • Ability to work independently, take ownership of project deliverables, go above and beyond the task at hand
  • Fluency in English is required. German and/or French would be an advantage
  • Willingness to travel occasionally, both domestically and internationally

Responsibilities

  • Conduct the cybersecurity activities for a given project with a collaborative team that takes into consideration customer specifications, the cybersecurity process and bring their own experience into what is needed
  • Interface with customer on technical cybersecurity requirements and issues
  • Create a cybersecurity assurance case per project and the related documentation that provides the argument for the achieved degree of cybersecurity on their project
  • Perform cybersecurity risk assessments and threat modelling within a product scope
  • Analyse and determine safety, financial, operational and privacy issues identified in a risk analysis
  • Where there are safety impacts, work with the Functional Safety (ISO 26262) team to find solutions that do not compromise safety or security
  • Suggest countermeasures appropriate to the project given the technical constraints or operational limitations
  • Create and maintain a knowledge database of typical assets, threats and attack paths for our product portfolio to leverage re-use
  • Create and maintain solutions to manage cybersecurity risks
  • Drive cybersecurity solution development and provide technical support for hardware and software teams
  • Engage with suppliers to evaluate cybersecurity capabilities and track reported vulnerabilities
  • Evaluate new tools (Threat Analysis tool, Software Bill of Material tool, etc.)
  • Network and maintain a high-level of industry knowledge (e.g. participation in Auto-ISAC events, SAE workshops)
  • Support the roll-out of processes and procedures compliant with latest cybersecurity standards and regulations
  • Assist in training and raising awareness, organizing events

Jesteśmy Devire – firmą rekrutacyjną, której celem jest łączenie świetnych ludzi ze świetnymi pracodawcami.

Niezależnie czy rozglądasz się za nową pracą na stałe czy projektem w formie współpracy B2B – możesz polegać na naszym wsparciu na każdym kroku.

Współpracujemy z pracodawcami z terenu całej Polski i realizujemy rekrutacje we wszystkich kluczowych obszarach technologicznych.