Technical lead for security of vehicle electrical/electronic/software systems.
Primary Duties:
Perform threat modeling and risk assessments for current and forward-model vehicle systems
Assess technology proposals from external suppliers for their potential to meet risk management design objectives
Define security controls for system level design requirements
Coordinate with distributed teams for managing security scope during software development activities
Perform system level verification testing of implemented security controls
Consult with EE system architects to achieve continuous improvement in vehicle security with each future update
Collaborate with non-security professionals for supply chain risk management
Liaise with Enterprise IT Security to align goals and strategy
Maintain professional relationships with security communities in the transportation sector
Develop and deliver awareness training to enhance embedded cyber-security knowledge and skill throughout the company.
Qualifications:
Bachelor's degree in Engineering, Computer Science or equivalent
Proficiency with at least one compiled and one interpreted programming language
Familiarity with a security management framework such at ISO 21434, ISO 27001, NIST CSF, etc.
Ability to work in a highly-distributed, lean, collaborative team environment
Excellent communication and interpersonal skills, good planning/tracking skills
Competency with standard office software (word processing, spreadsheets, presentation tools, etc)
Able to design new processes and resourcefully solve complex technical issues
Determined commitment to reliability, value, quality, and safety in all aspects of work
Willingness to grow continuously, both personally and professionally and a strong results orientation
7 or more years of experience in two or more roles: real-time software development, vehicle electronics and controls, embedded systems design, application security, penetration testing, incident response, or compliance
Ability to travel for scheduled meetings less than 20% to domestic and international locations
Ability to maintain/obtain within 6 months a security certification: CompTIA CAP or CASP, ISC2 CISM or CISSP, GIAC GSLC, EC-Council CCISO.
Additional Valued Attributes:
Knowledge of applied cryptography for provisioning secure hardware
Knowledge of secure development techniques using static and dynamic analysis
Practical experience with security controls for POSIX type operating systems
Familiarity with AGILE software development processes
Familiarity with requirements tracking and software test/validation tools
Proficiency using Requirements Capture, Simulation, Software Configuration, Defect Tracking/Reporting tools.
Awareness of heavy duty commercial truck regulations, especially affecting instrumentation, emissions, safety, On Board Diagnostics, and other areas that impact electrical and electronic design, architecture, and functionality
Experience with structured product development processes
Automotive electronic systems engineering skills including multiplex communication systems (especially CAN/J1939), architecture, and control system design and analysis.
PACCAR is an Equal Opportunity Employer/Protected Veteran/Disability.