General information

Job Title
Senior Engineer - Cyber Security
Ref #
Wednesday, March 1, 2023
United Kingdom
Business area
Product Development
Electrical & Controls - Software
Position level
G - Qualified Senior
Working time
Full Time
Contract type
Working pattern
9am - 6pm Monday to Friday

Description & Requirements


No restraints. No limitations. We don’t simply push boundaries. We completely rethink them. McLaren Automotive exists to create breath-taking performance road cars.

With innovation at the core of all we do, every challenge starts with the same question. How can we do it better? This restless spirit runs right through McLaren Automotive. And the search for perfection is evident in everything we do.

Purpose of Role

The Cyber Security Senior Engineer role is located within McLaren Automotive’s Cyber Security team, responsible for development and delivery of Cyber Security across the McLaren Automotive vehicle product range.

This is an opportunity for a Senior Cyber Security Engineer to support analysis, definition, and execution of McLaren’s vehicle security strategy.

Principal Accountabilities

  • Create vehicle security concepts for each program and product feature-set
  • Manage secure key-generation and distribution processes for current and legacy ECUs
  • Ensure secure-by-design deliverables complete at each gateway of the product development process
  • Support TARA activity and delivery for each vehicle program
  • Create technical specifications for security features and support function/system owners across the wider Electronic Systems & Controls department in their implementation of these secure technologies
  • Support planning and execution of penetration test activities for each vehicle program
  • Contribute to incident response process where applicable
  • Support regulatory compliance activities toward standards and regulations including UNECE WP.29 R155 & R156, ISO 21434, ISO 24089, GDPR and PIPL
Knowledge, Skills and Experience

  • Strong knowledge of a relevant cryptographic algorithms and KMS
  • Working knowledge of AES/RSA/ECC/Blowfish
  • Working knowledge of PKI, certificate signing and certificate management
  • Knowledge of coding guidelines for safe and secure application such as MISRA C.
  • Technical security background (netsec, cryptography, authentication, and security protocols)
  • Experience working in a product-oriented or enterprise Cyber Security organisation
  • Experience analysing and managing cyber security risk in line with NIST framework
  • Strong experience of secure communications like SecOC, TLS stacks
  • Experience in embedded C programming and scripting languages
  • Familiar with SDLC processes and methodologies, primarily Agile, DevOps and Waterfall
  • Familiar with vehicle architectures and networking
  • Supplier and project management experience including Jira and Confluence usage
  • Experience of SoC/vSoC environments considered a bonus
  • Experience of Incident response considered a bonus
  • Experience using Cyber Security tools and technologies such as Threat-Intelligence platforms, Digital Twins, Threat monitoring systems, IDPS etc
  • Strong knowledge of pen test methodologies and strategies considered a bonus
  • Strong knowledge of secure-by-design SW development best practises
Personal Attributes

  • Passion for software, electronics, and cybersecurity
  • Self-motivated, pro-active in anticipating & addressing potential problems, willingness to learn and develop
  • Collaborative, working effectively across teams and departments to deliver on time & to quality.
  • Excellent communication skills to enable cross-functional working
  • Ability to focus on complex subject areas and apply approved frameworks and methodologies to support secure-by-design development processes
  • Commitment and resilience to succeed in a high-pressure environment
  • Flexibility to support team-mates and colleagues with program deliverables outside of own role
  • Enthusiasm to embrace change and support creation of new processes as necessary