Cybersecurity Expert

Vodafone Automotive · Italia, Italia ·

Descrizione dell'offerta

Role purpose: Ensure the TCU is conceived and developed according to a security-by-design approach, fully compliant with automotive cybersecurity standards (ISO 21434, UNECE R155/R156). The role drives security architecture definition, influencing early system and software decisions to safeguard data, communication channels, and the boot path.

Key accountabilities and decision ownership:

  • TARA & Mitigation – Perform and maintain Threat Analysis and Risk Assessment, converting risks into actionable security requirements.
  • Security architecture definition – Configure Secure Boot, integrate HSM, set firewall rules and Secure Storage in close partnership with System and Software Architects.
  • Secure protocol & cryptography integration – Support TLS, IPsec, MACsec; advise on crypto libraries (wolfSSL, PKCS#11) and crypto hardware.
  • Key & trust management – Implement root-of-trust, manage X.509 certificates, authenticated OTA and firmware rollback protection.
  • Documentation & compliance – Author Cybersecurity Concept, Security Case; prepare for audits/certifications (UNECE R155/R156).
  • Security testing & vulnerability management – Lead pen-testing, fuzzing, SBOM-based vulnerability mitigation within a DevSecOps framework.

Core competencies, knowledge and experience:

  • Standards & regulations: Mastery of ISO/SAE 21434, UNECE R155/R156, AUTOSAR Security.
  • Security architectures: Secure Boot, HSM/TPM, Secure Element, key provisioning strategies.
  • Applied cryptography: TLS/IPsec protocols, certificate management, side-channel defenses.
  • HW/SW integration: Close work with Linux, AUTOSAR developers and hardware teams.
  • Security testing: Pen-testing, fuzzing, embedded vulnerability scanning.
  • Soft skills: Clear communication, technical negotiation, cross-functional teamwork.

Must have technical / professional qualifications:

  • Degree in Computer or Electronics Engineering (or equivalent).
  • 8–10 years in embedded/automotive cybersecurity roles.
  • Hands-on expertise with Secure Boot, HSM/TPM, embedded crypto libraries.
  • Fluent English for technical documentation and international audits.
  • Familiarity with DevSecOps processes, SBOM, pen-test and fuzzing tools.
Candidati ora Torna all'elenco

Candidati o Torna Indietro

Candidati ora Torna all'elenco