Automotive Cybersecurity Experts – JD(1006)

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn

Tech Wynk IT Solutions is looking for Automotive Cybersecurity Experts for an MNC client in Bangalore.

Job Description

We are looking for Automotive Cybersecurity Engineers with 5-8 years of development experience

Department: Cybersecurity
Project Location(s): Bangalore, Bucharest, Timișoara

Must Have Skills

  • Experience in the Automotive industry is a must with experience in ISO standard DIS 21434 (Road Vehicles – Cybersecurity)
  • Cover cybersecurity software design and development.
    • Cooperate with system and software architects and cybersecurity leaders in requirement developments.
    • Defining following for Automotive ECUs: Cybersecurity Goals, Cybersecurity Concepts, System Cybersecurity requirements & architecture, Different methods of cybersecurity Assessment Methods
  • Standards and Compliance coverage – Source code Audit
    • CVSS 3.x evaluation of vulnerabilities and risk assessment of attacks.
    • CVE/CWE validation
    • OWASP Top-10
    • CERT C
  • The Cybersecurity Source Code Audit should include, but not be limited to, the following use cases
    • Review Source Code for Cybersecurity Vulnerabilities
    • Review Source Code for weaknesses according to the CVE/CWE database, CERT secure coding standards, OWASP Top 10, and similar.
    • Validation of all cryptographic functionality and related algorithms, such as encryption and hashing functions, as well as random number generators regarding implementation weaknesses and misconfigurations; usage of obsolete or proprietary algorithms, weak keys, initialization vectors, and similar.
    • Check Source Code for outdated versions and known vulnerabilities of services and libraries using the following technologies SAST, DAST, IAST
  • Experience in Automotive Penetration testing
    • ECU code dump and reverse engineering
    • Upload and run to ECU of non-authentic code
    • Extraction of security and cryptographic Keys
    • The resilience of access regulation functionalities
    • Diagnostic stack
    • JTAG and SWD ports
    • Resilience to brute force, swamping, spoofing, and fuzzing attacks through all following interfaces CAN
    • Resilience to attacks through CAN aimed to Tamper calibration data, Data exfiltration
    • HW module = HSM / HW-root-of-trust, enhanced Secure Hardware Extension (eSHE)
    • Connection to ECUs resources by means of protocols and interfaces, with particular focus on XCP, Serial interfaces, USB interfaces, Ethernet interfaces
How to Apply?

Call us on the below number to get more details and to apply for the requirement.

or Email us on

Find out how we can grow your business