General information

Job Title
Cyber Security Senior Engineer
Ref #
10162
Date
Friday, June 10, 2022
Country
United Kingdom
Location
Woking
Business area
Product Development
Department
Electrical & Controls - Vehicle Engineering
Position level
Qualified Senior
Working time
Full Time
Contract type
Permanent
Working pattern
9am - 6pm Monday to Friday

Description & Requirements

Background

No restraints. No limitations. We don’t simply push boundaries. We completely rethink them. McLaren Automotive exists to create breath-taking performance road cars.

With innovation at the core of all we do, every challenge starts with the same question. How can we do it better? This restless spirit runs right through McLaren Automotive. And the search for perfection is evident in everything we do.

Purpose of Role

The Cyber Security Senior Engineer role is located within McLaren Automotive’s Connected Services team, responsible for development and delivery of Connected Services and Cyber Security across the McLaren vehicle product range.

This is an opportunity for a Cyber Security engineer to support analysis, definition and execution of McLaren’s vehicle security strategy.

Principal Accountabilities
  • Create vehicle security concepts for each program and product feature-set
  • Define cross-product line vehicle security policies and processes
  • Ensure secure-by-design deliverables complete at each gateway of the product development process
  • Lead TARA activity and delivery for each vehicle program, including both on and offboard interfaces and systems.
  • Create technical specifications for security features and support function/system owners across the wider Electronics department in their implementation of these secure technologies
  • Plan and execute pen test activities for each vehicle program, including planning and completion of any follow-up actions to address vulnerabilities
  • Manage secure key-generation and distribution processes for current and legacy ECUs
  • Contribute to incident response process where applicable
  • Support regulatory compliance activities toward standards and regulations including UNECE WP.29 R155 & R156, ISO 21434, ISO 24089, GDPR and PIPL
Knowledge, Skills and Experience
  • Experience working in a product-oriented or enterprise Cyber Security organisation
  • Experience analysing and managing cyber security risk in line with NIST framework
  • Experience of SoC/vSoC environments considered a bonus
  • Experience of Incident response considered a bonus
  • Experience using Cyber Security tools and technologies such as Threat-Intelligence platforms, Digital Twins, Threat monitoring systems, IDPS etc
  • Strong knowledge of pen test methodologies and strategies
  • Strong knowledge of secure-by-design SW development best practises
  • Familiar with SDLC processes and methodologies, primarily Agile, DevOps and Waterfall
  • Familiar with vehicle architectures and networking
  • Supplier and project management experience including Jira and Confluence usage
Personal Attributes
  • Excellent communication skills to enable cross-functional working
  • Strong team-working to support delivery of challenging projects
  • Ability to focus on complex subject areas and apply approved frameworks and methodologies to support secure-by-design development processes
  • Commitment and resilience to succeed in a high-pressure environment
  • Flexibility to support team-mates and colleagues with program deliverables outside of own role
  • Enthusiasm to embrace change and support creation of new processes as necessary