Cybersecurity Engineer at BorgWarner

Shanghai, China

Apply Now

Not SpecifiedCompensation

Mid-level (3 to 4 years), Senior (5 to 8 years)Experience Level

Full TimeJob Type

UnknownVisa

Automotive, Powertrain ElectrificationIndustries

Requirements

2+ years of experience in an embedded cybersecurity position or in an embedded systems development, preferably for ASPICE compliant projects
Understanding of multi-core embedded microcontrollers that use HTAs (hardware trust anchors) or HSMs (hardware security modules)
Understanding of cybersecurity specific testing such as penetration and fuzz testing
Passionate and forward-thinking about cybersecurity and the needs of the ever-changing automotive industry
Good understanding of formal risk assessment and management, knowledge of NIST SP-800-30 and ISO IEC 31010
Experience in the automotive or transportation domain
Experience with requirements engineering, ability to navigate through multiple customer specifications as well as published standards and policies (GB 44495, UNECE WP.29 R155 CSMS, R156 SUMS, ISO/SAE 21434)
Ability to work easily with Office software suite and engineering software (prior experience with simulation or analysis tools like Ansys Medini Analyze for instance)
Strong communication and analytical skills
Ability to work independently, take ownership of project deliverables

Responsibilities

Conduct the cybersecurity activities for a given project with a collaborative team that takes into consideration customer specifications, the cybersecurity process and bring their own experience into what is needed
Interface with customer on technical cybersecurity requirements and issues
Create a cybersecurity assurance case per project and the related documentation that provides the argument for the achieved degree of cybersecurity on their project
Perform cybersecurity risk assessments and threat modelling within a product scope
Analyse and determine safety, financial, operational and privacy issues identified in a risk analysis
Where there are safety impacts, work with the Functional Safety (ISO 26262) team to find solutions that do not compromise safety or security
Suggest countermeasures appropriate to the project given the technical constraints or operational limitations
Create and maintain a knowledge database of typical assets, threats and attack paths for our product portfolio to leverage re-use
Create and maintain solutions to manage cybersecurity risks
Drive cybersecurity solution development and provide technical support for hardware/software and test teams
Engage with suppliers to evaluate cybersecurity capabilities and track reported vulnerabilities
Evaluate new tools (Threat Analysis tool, Software Bill of Material tool, etc.)
Follow and contribute to the secure development lifecycle at BorgWarner
Support the roll-out of processes and procedures compliant with latest cybersecurity standards and regulations

Skills

Key technologies and capabilities for this role

Threat ModelingRisk AssessmentAutomotive CybersecuritySecure BootKey ManagementSecure On-Board CommunicationSecure DiagnosticsHardware Trust AnchorsMicrocontroller HSMCybersecurity Assurance

Questions & Answers

Common questions about this position

What experience is required for the Cybersecurity Engineer role?

The role requires 2+ years of experience in an embedded cybersecurity position or in embedded systems development, preferably for automotive applications.

Is this a remote position or does it require office work?

This information is not specified in the job description.

What is the salary or compensation for this position?

This information is not specified in the job description.

What does the team environment look like at BorgWarner for this role?

The Cybersecurity Engineer works within the systems engineering function with a collaborative team, interfacing with customers, development teams, Functional Safety team, and suppliers to develop secure vehicle solutions.

What makes a strong candidate for this Cybersecurity Engineer position?

Strong candidates bring 2+ years of embedded cybersecurity or systems development experience, passion for innovative solutions in safety- and security-critical environments, and the ability to collaborate across teams while following automotive cybersecurity standards.