Description & Requirements
No restraints. No limitations. We don’t simply push boundaries. We completely rethink them. McLaren Automotive exists to create breath-taking performance road cars.
With innovation at the core of all we do, every challenge starts with the same question. How can we do it better? This restless spirit runs right through McLaren Automotive. And the search for perfection is evident in everything we do.
The Cyber Security Senior Engineer role is located within McLaren Automotive’s Cyber Security team, responsible for development and delivery of Cyber Security across the McLaren Automotive vehicle product range.
This is an opportunity for a Senior Cyber Security Engineer to support analysis, definition, and execution of McLaren’s vehicle security strategy.
- Create vehicle security concepts for each program and product feature-set
- Manage secure key-generation and distribution processes for current and legacy ECUs
- Ensure secure-by-design deliverables complete at each gateway of the product development process
- Support TARA activity and delivery for each vehicle program
- Create technical specifications for security features and support function/system owners across the wider Electronic Systems & Controls department in their implementation of these secure technologies
- Support planning and execution of penetration test activities for each vehicle program
- Contribute to incident response process where applicable
- Support regulatory compliance activities toward standards and regulations including UNECE WP.29 R155 & R156, ISO 21434, ISO 24089, GDPR and PIPL
- Strong knowledge of a relevant cryptographic algorithms and KMS
- Working knowledge of AES/RSA/ECC/Blowfish
- Working knowledge of PKI, certificate signing and certificate management
- Knowledge of coding guidelines for safe and secure application such as MISRA C.
- Technical security background (netsec, cryptography, authentication, and security protocols)
- Experience working in a product-oriented or enterprise Cyber Security organisation
- Experience analysing and managing cyber security risk in line with NIST framework
- Strong experience of secure communications like SecOC, TLS stacks
- Experience in embedded C programming and scripting languages
- Familiar with SDLC processes and methodologies, primarily Agile, DevOps and Waterfall
- Familiar with vehicle architectures and networking
- Supplier and project management experience including Jira and Confluence usage
- Experience of SoC/vSoC environments considered a bonus
- Experience of Incident response considered a bonus
- Experience using Cyber Security tools and technologies such as Threat-Intelligence platforms, Digital Twins, Threat monitoring systems, IDPS etc
- Strong knowledge of pen test methodologies and strategies considered a bonus
- Strong knowledge of secure-by-design SW development best practises
- Passion for software, electronics, and cybersecurity
- Self-motivated, pro-active in anticipating & addressing potential problems, willingness to learn and develop
- Collaborative, working effectively across teams and departments to deliver on time & to quality.
- Excellent communication skills to enable cross-functional working
- Ability to focus on complex subject areas and apply approved frameworks and methodologies to support secure-by-design development processes
- Commitment and resilience to succeed in a high-pressure environment
- Flexibility to support team-mates and colleagues with program deliverables outside of own role
- Enthusiasm to embrace change and support creation of new processes as necessary