Glydways is reimagining public transit to enhance mobility and accessibility. As a Cybersecurity Engineer, you will design and maintain security architecture for Operational Technology networks, ensuring robust cybersecurity practices and compliance with automotive standards.
Responsibilities:
- Demonstrated knowledge on Cyber Security Management System (CSMS) compliance certification process
- Must have experience in performing Automotive Cybersecurity Threat Analysis and Risk Assessment (TARA) of an ECU or system both at product and project level
- Demonstrated ability to maintain robust cybersecurity practices aligned with OT and automotive cybersecurity standards and regulations
- Ability to perform security code reviews of source code by following secure coding practices and advise developers on remediating vulnerabilities
- Employ techniques including reverse engineering, fuzzing, and static and/or dynamic analysis
- Experience in managing vulnerability management process (Pen tests) by finding, prioritizing, tracking, remediation and validation of vulnerabilities for each component
- Analyze product/project cybersecurity requirements, technical specifications and develop cybersecurity test cases and test plans
- Advocate, guide and mentor non-security engineers to instill security best practices through secure architecture, design, and development
- Experience in securing Key Management system with certificates needed for components in wayside and vehicle
- Performing internal security audits and coordinate with external security auditors as needed
Requirements:
- Demonstrated knowledge on Cyber Security Management System (CSMS) compliance certification process
- Must have experience in performing Automotive Cybersecurity Threat Analysis and Risk Assessment (TARA) of an ECU or system both at product and project level
- Demonstrated ability to maintain robust cybersecurity practices aligned with OT and automotive cybersecurity standards and regulations
- Ability to perform security code reviews of source code by following secure coding practices and advise developers on remediating vulnerabilities
- Employ techniques including reverse engineering, fuzzing, and static and/or dynamic analysis
- Experience in managing vulnerability management process (Pen tests) by finding, prioritizing, tracking, remediation and validation of vulnerabilities for each component
- Analyze product/project cybersecurity requirements, technical specifications and develop cybersecurity test cases and test plans
- Advocate, guide and mentor non-security engineers to instill security best practices through secure architecture, design, and development
- Experience in securing Key Management system with certificates needed for components in wayside and vehicle
- Performing internal security audits and coordinate with external security auditors as needed
- Bachelor's or master's degree in Computer Science or Cybersecurity or Electrical Engineering or related field with equivalent experience
- Foundational knowledge of the CWE Top 25
- Familiar with Automotive Cybersecurity ISO/SAE 21434, NIST, US data protection CCPA, PCI-DSS, IEC 62443 standards and UNR 155, UNR 156 and WP.29 regulations
- Sound technical knowledge of security engineering, computer and network security, authentication and security protocols for both wired and wireless communication
- Experience with security concepts such as Secure Boot and secure storage
- Strong understanding of securing OT systems in automotive/rail industries is a plus