General information

Job Title

Senior Engineer - Cyber Security

Ref #

29524

Date

Wednesday, March 1, 2023

Country

United Kingdom

Location

Woking

Business area

Product Development

Department

Electrical & Controls - Software

Position level

G - Qualified Senior

Working time

Full Time

Contract type

Permanent

Working pattern

9am - 6pm Monday to Friday

Description & Requirements

Background

No restraints. No limitations. We don’t simply push boundaries. We completely rethink them. McLaren Automotive exists to create breath-taking performance road cars.

With innovation at the core of all we do, every challenge starts with the same question. How can we do it better? This restless spirit runs right through McLaren Automotive. And the search for perfection is evident in everything we do.

Purpose of Role

The Cyber Security Senior Engineer role is located within McLaren Automotive’s Cyber Security team, responsible for development and delivery of Cyber Security across the McLaren Automotive vehicle product range.

This is an opportunity for a Senior Cyber Security Engineer to support analysis, definition, and execution of McLaren’s vehicle security strategy.

Principal Accountabilities

Create vehicle security concepts for each program and product feature-set
Manage secure key-generation and distribution processes for current and legacy ECUs
Ensure secure-by-design deliverables complete at each gateway of the product development process
Support TARA activity and delivery for each vehicle program
Create technical specifications for security features and support function/system owners across the wider Electronic Systems & Controls department in their implementation of these secure technologies
Support planning and execution of penetration test activities for each vehicle program
Contribute to incident response process where applicable
Support regulatory compliance activities toward standards and regulations including UNECE WP.29 R155 & R156, ISO 21434, ISO 24089, GDPR and PIPL

Knowledge, Skills and Experience

Strong knowledge of a relevant cryptographic algorithms and KMS
Working knowledge of AES/RSA/ECC/Blowfish
Working knowledge of PKI, certificate signing and certificate management
Knowledge of coding guidelines for safe and secure application such as MISRA C.
Technical security background (netsec, cryptography, authentication, and security protocols)
Experience working in a product-oriented or enterprise Cyber Security organisation
Experience analysing and managing cyber security risk in line with NIST framework
Strong experience of secure communications like SecOC, TLS stacks
Experience in embedded C programming and scripting languages
Familiar with SDLC processes and methodologies, primarily Agile, DevOps and Waterfall
Familiar with vehicle architectures and networking
Supplier and project management experience including Jira and Confluence usage
Experience of SoC/vSoC environments considered a bonus
Experience of Incident response considered a bonus
Experience using Cyber Security tools and technologies such as Threat-Intelligence platforms, Digital Twins, Threat monitoring systems, IDPS etc
Strong knowledge of pen test methodologies and strategies considered a bonus
Strong knowledge of secure-by-design SW development best practises

Personal Attributes

Passion for software, electronics, and cybersecurity
Self-motivated, pro-active in anticipating & addressing potential problems, willingness to learn and develop
Collaborative, working effectively across teams and departments to deliver on time & to quality.
Excellent communication skills to enable cross-functional working
Ability to focus on complex subject areas and apply approved frameworks and methodologies to support secure-by-design development processes
Commitment and resilience to succeed in a high-pressure environment
Flexibility to support team-mates and colleagues with program deliverables outside of own role
Enthusiasm to embrace change and support creation of new processes as necessary

< Back to job list