Senior Principal Product Cybersecurity Engineer

Aptiv - Cupertino, CA

posted 4 months ago

Full-time - Senior
Cupertino, CA
Transportation Equipment Manufacturing

About the position

As a Senior Principal Product Cybersecurity Engineer at Aptiv, you will play a pivotal role in advancing automotive cybersecurity solutions. Your primary focus will be on innovating automotive cybersecurity compute platforms through conducting novel research, developing prototype systems, and interfacing with production engineering teams. You will experiment with state-of-the-art technologies and deploy offensive cyber capabilities to test the defensive resiliency of our systems. Your contributions will be crucial in ensuring that vehicles on the roads and the systems they connect to are protected from sophisticated threats, including directed nation-state attacks. In your daily responsibilities, you will perform offensive evaluations against the latest automotive prototype hardware and software security technologies. This includes developing proof-of-concept exploits and persistence agents to simulate adversary capabilities, which will assist your peers in developing detection and response capabilities. You will create implementation strategies for the development of prototypes and demonstrations that showcase cyberattacks against automotive solutions. Additionally, you will propose and execute independent cybersecurity R&D projects to enhance your skillset while furthering Aptiv's technological understanding. You will work collaboratively with team members to record videos of cyber-hardened products and identify open-source technologies to extend their capabilities to target automotive technology stacks. Your role will also involve working with global engineering teams to transition developed technologies to production engineering teams worldwide. You will conduct experiments to test the limits of state-of-the-art software and embedded systems technologies, generating reference implementations that can be utilized across various projects. Furthermore, you will evaluate third-party vendor cybersecurity solutions for their suitability within Aptiv's technology portfolio and author whitepapers or technical documentation that may lead to peer-reviewed publications and presentations at cybersecurity conferences. Your position will require you to stay abreast of offensive and defensive cybersecurity activities in the public and commercial domains, tracking and collaborating with your team to design innovative solutions as appropriate. You will serve as a technical consultant for cybersecurity evaluations and assessments, guiding product teams through the integration of new cybersecurity system designs and validation methodologies. Your ability to dissect larger projects into manageable sub-tasks will be essential in demonstrating incremental progress on a monthly to bi-monthly basis. Lastly, you will be expected to defend your viewpoints by providing compelling information and evidence, ensuring that Aptiv remains at the forefront of automotive cybersecurity innovation.

Responsibilities

  • Perform offensive evaluations against the latest automotive prototype hardware and software security technologies.
  • Develop proof-of-concept exploits and/or persistence agents to simulate adversary capabilities and assist peer innovation team members to develop detection and response capabilities.
  • Create implementation strategies for development of prototypes and demonstrations that showcase cyberattacks against automotive solutions.
  • Propose and execute independent cybersecurity R&D projects to advance personal skillset while furthering Aptiv's technological understanding.
  • Work with team members to record videos of cyber-hardened products.
  • Identify open-source technologies and extend those capabilities to target automotive technology stacks.
  • Work with global engineering teams to transition developed technologies to production engineering teams around the world.
  • Conduct experiments testing the limits of state-of-the-art software and embedded systems technologies to generate reference implementations.
  • Leverage virtualization, simulation, and/or emulation technologies to expedite technology development and testing while maximizing portability to representative automotive platforms.
  • Evaluate 3rd-party vendor cybersecurity solutions for suitability for testing within Aptiv's technology portfolio.
  • Author whitepapers or other technical documentation that may lead to peer-review publications and/or presentations at cybersecurity conferences.
  • Identify and utilize embedded platforms/operating systems to create new solutions that will change how automotive systems are deployed in the future.
  • Train/educate cybersecurity engineering team members around the world.
  • Stay abreast of offensive and defensive cybersecurity activities in the public/commercial domain, tracking and working with the team to design innovative solutions as appropriate.
  • Serve as a technical consultant for cybersecurity evaluations and assessments.
  • Dissect larger/longer projects into sub-tasks that can demonstrate incremental progress on a monthly to bi-monthly basis.
  • Guide product teams through integration of new cybersecurity system designs and validation methodologies.
  • Defend viewpoint by providing compelling information and evidence.

Requirements

  • Bachelor's Degree in Computer Science, Computer Engineering, Electrical Engineering or similar discipline.
  • Ability to work on site in CA, MI or Boston.
  • 6+ years' experience with C, assembly (ARM, MIPS, RISC-V, Intel x86_64, proprietary architectures, etc.), or similar low-level development.
  • 5+ years' experience with host-based virtualization or emulation technologies; conducting offensive cyber research such as vulnerability research and exploit development against embedded systems; and scripting languages like Python in a Linux-like environment.
  • 2+ years' hands-on engineering experience with secure boot and related hardware-based security solutions.
  • Familiarity with embedded systems development and use of cryptography and/or secure communications implementations.
  • 2+ years' experience enabling low-level hardware interfaces such as through kernel development and/or writing device drivers.
  • Experience developing in-vehicle cybersecurity capabilities or solutions.
  • Good organization, communication, collaboration and interpersonal skills.

Nice-to-haves

  • Master's Degree in Computer science, Computer Engineering, Electrical Engineering or similar discipline.
  • 10+ years' experience programming in C and/or assembly.
  • 5+ years' experience developing with or on automotive hardware and architectures.
  • Familiarity with automotive communication systems (CAN, CAN-FD, automotive Ethernet, etc.).
  • Familiarity with automotive middleware solutions such as VxWorks & AUTOSAR and software communications middleware SROS2(DDS).
  • Familiarity with Bluetooth, NFC, UWB, 5G, and/or Wi-Fi communications.
  • Familiarity with version control systems and code review processes.
  • Experience with integrating quantum resilient/post-quantum cryptography in embedded software/middleware stacks.
  • Understanding of circuit schematics, hardware data sheets, and/or logic design.
  • Understanding of program repository management framework like GitHub, GitLab, etc.
  • Experience working as part of a cross-functional team to implement diverse solutions.
  • Experience performing threat modelling and design reviews to assess security implications and requirements for introduction of new technologies.
  • Experience representing technical viewpoints to diverse audiences and in making timely and prudent technical risk decisions.
  • Experience in customer discussions and technical design reviews and supporting cross discipline activities.
  • Familiarity with mobile application development and/or designing solutions for infotainment platforms.
  • High level of oral and written communication skills.
  • Good personality and strong ability for successfully working independently.
  • Interest or experience with bug bounties, capture-the-flag competitions.

Benefits

  • Private health care effective day 1 of employment
  • Life and accident insurance
  • Paid Time Off (Holidays, Vacation, Designated time off, Parental leave)
  • Relocation assistance may be available
  • Learning and development opportunities
  • Discount programs with various manufacturers and retailers
  • Recognition for innovation and excellence
  • Opportunities to give back to the community
  • Tuition Reimbursement
  • Adoption Assistance
  • Fertility Coverage

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service