Cybersecurity Engineer

Meet the team:

The Network Platform team consists of a group of Network, RF,  software and cybersecurity engineers responsible for the end-to-end communication system design for Glydways. The team owns the cybersecurity that is responsible for providing secure, reliable, and diverse V2X communications. We work together with the Software, Vehicle Hardware, and the Autonomy engineering teams to produce cutting edge products that unlock the future of transit systems.  As a cybersecurity engineer in the Network Platform team, you will be responsible for designing, implementing, and maintaining the security architecture for Operational Technology (OT) networks that integrate technologies such as 5G cellular, WiFi, Ultra-wide band, GNSS, automotive Ethernet, and more. 

Roles & Responsibilities:

• Demonstrated knowledge on Cyber Security Management System (CSMS) compliance certification process
• Must have experience in performing Automotive Cybersecurity Threat Analysis and Risk Assessment (TARA) of an ECU or system both at product and project level
• Demonstrated ability to maintain robust cybersecurity practices aligned with OT and automotive cybersecurity standards and regulations 
• Ability to perform security code reviews of source code by following secure coding practices and advise developers on remediating vulnerabilities
• Employ techniques including reverse engineering, fuzzing, and static and/or dynamic analysis
• Experience in managing vulnerability management process (Pen tests) by finding, prioritizing, tracking, remediation and validation of vulnerabilities for each component
• Analyze product/project cybersecurity requirements, technical specifications and develop cybersecurity test cases and test plans
• Advocate, guide and mentor non-security engineers to instill security best practices through secure architecture, design, and development
• Experience in securing Key Management system with certificates needed for components in wayside and vehicle
• Performing internal security audits and coordinate with external security auditors as needed

Knowledge, Skills and Abilities:

• Bachelor's or master's degree in Computer Science or Cybersecurity or Electrical Engineering or related field with equivalent experience
• Foundational knowledge of the CWE Top 25
• Familiar with Automotive Cybersecurity ISO/SAE 21434, NIST, US data protection CCPA, PCI-DSS, IEC 62443 standards  and UNR 155, UNR 156 and WP.29 regulations
• Sound technical knowledge of security engineering, computer and network security, authentication and security protocols for both wired and wireless communication 
• Experience with security concepts such as Secure Boot and secure storage
• Strong understanding of securing OT systems in automotive/rail industries is a plus