CyberSecurity (Penetration Test) Engineer
Auburn Hills, Michigan
Employer: Cognizant Technology Solutions
Industry: Technology & Engineering
Salary: Competitive
Job type: Full-Time
CyberSecurity (Penetration Test) Engineer
Job description
The In-Vehicle Verification/Penetration Test engineer will conduct project management operations for verification/penetration testing activities, by managing Defensive/Offensive security operations to test the security controller as per STLA requirements, and emulate adversary tactics and procedures to test preventative, detective, and response controls on ECUs, Systems, and Applications across all vehicle lines. Use expertise to help influence technology decisions and work as part of a team to create consistent approaches to the offensive security processes and techniques, with the goal of reasonably protecting road users from new cyber-threats arising from fast evolving vehicle functions and features.
This position will monitor and check Vulnerabilities and Threat Intel on Stellantis products during the entire product development lifecycle with a heavy focus on vehicles, ECU's, Systems and Applications.
The core tasks of the Cybersecurity Verification and Penetration Testing Engineer are summarized here:
• Capable of managing verification/ penetration tests across multiple vehicle lines and organizing projects, budgets, tests reports, and schedules; in order to adhere to vehicle time lines.
• Capable of working with relevant teams to obtain vehicles and parts (ECU's and Wiring Harnesses) along with instrumentation and execution of test tools to enable penetration testing activities to occur.
• As defects are identified, perform threat analysis including impact and feasibility to severity of issue related to missing control on vehicle systems, ECU's, System, Applications.
• Enter defects into relevant system for awareness and to trigger timely remediation or acceptance
• Provide clear risk mitigating directives for Connected vehicles, ECUs, systems, and applications
• Respond appropriate to inquiries about penetration testing scope or outcomes.
Requirements
EDUCATION: Bachelors from EE, Cybersecurity or other scientific degrees around software and hardware found in embedded systems, ECU's and Vehicles., Computer Science
• Minimum of 1+ year of related experience (Such as: security research, system exploitation, cybersecurity engineering); Position level will be dependent on level of education, years of experience, knowledge, skills and abilities
TECHNICAL SKILLS required
• Understanding of end to end kill chain and penetration testing methodologies
• Good knowledge of project management
• Good knowledge of Cybersecurity
• Good knowledge of common security patterns (e.g., authentication, authorization, separation of privileges, sandboxing, need to know, separation of duties, ...)
• Knowledge of security protocols (e.g., , TLS, SSH, ...)
• Knowledge of X.509 digital certificate standard and Public Key Infrastructure management.
• Knowledge of symmetric and asymmetric cryptographic algorithms (e.g., AES, RSA, ECC);
• Good knowledge of automotive operating systems (Autosar Classic and Adaptive, QNX, Linux, Android, etc) and middleware
• Basic knowledge of Connected Application integrations (Legato App framework, Automotive Android, QNX)
• Basic knowledge of C/C++, Java, Python, Kotlin or other programming languages Basic knowledge of scripting languages (e.g., jscript, bash, ...)
• Knowledge of automotive and penetration testing tools
TECHNICAL SKILLS Preferred (minimum)
• Basic knowledge of Connected Vehicles including embedded systems, electrical networks, circuits, PCB's and components, ECU's) Basic Knowledge of Linux Distros' (Kali, Ubuntu, Parrot)
• Basic understanding of Android
• Good knowledge of ISO 21434: Road Vehicle - Cybersecurity Engineering.
• Good knowledge of Service Oriented Architecture design pattern and paradigm.
• Good Knowledge of defensive tools e.g. CANoe, Vehicle spy, etc.
SOFT SKILLS
• Ability to work collaboratively in multicultural teams;
• Strong skills in technical writing and presenting;
• Good self-organization and analytical skills;
• Good proficiency in English.
verification C
The Cognizant community:
We are a high caliber team who appreciate and support one another. Our people uphold an energetic, collaborative and inclusive workplace where everyone can thrive.
About us:
Cognizant (Nasdaq-100: CTSH) is one of the world's leading professional services companies, helping organizations modernize technology, reimagine processes and transform experiences so they stay ahead in a fast-changing world.
Our commitment to diversity and inclusion:
Cognizant is an equal opportunity employer that embraces diversity, champions equity and values inclusion. We are dedicated to nurturing a community where everyone feels heard, accepted and welcome. Your application and candidacy will not be considered based on race, color, sex, religion, creed, sexual orientation, gender identity, national origin, disability, genetic information, pregnancy, veteran status or any other protected characteristic as outlined by federal, state or local laws.
Disclaimer:
Compensation information is accurate as of the date of this posting. Cognizant reserves the right to modify this information at any time, subject to applicable law.
Applicants may be required to attend interviews in person or by video conference. In addition, candidates may be required to present their current state or government issued ID during each interview.
Job description
The In-Vehicle Verification/Penetration Test engineer will conduct project management operations for verification/penetration testing activities, by managing Defensive/Offensive security operations to test the security controller as per STLA requirements, and emulate adversary tactics and procedures to test preventative, detective, and response controls on ECUs, Systems, and Applications across all vehicle lines. Use expertise to help influence technology decisions and work as part of a team to create consistent approaches to the offensive security processes and techniques, with the goal of reasonably protecting road users from new cyber-threats arising from fast evolving vehicle functions and features.
This position will monitor and check Vulnerabilities and Threat Intel on Stellantis products during the entire product development lifecycle with a heavy focus on vehicles, ECU's, Systems and Applications.
The core tasks of the Cybersecurity Verification and Penetration Testing Engineer are summarized here:
• Capable of managing verification/ penetration tests across multiple vehicle lines and organizing projects, budgets, tests reports, and schedules; in order to adhere to vehicle time lines.
• Capable of working with relevant teams to obtain vehicles and parts (ECU's and Wiring Harnesses) along with instrumentation and execution of test tools to enable penetration testing activities to occur.
• As defects are identified, perform threat analysis including impact and feasibility to severity of issue related to missing control on vehicle systems, ECU's, System, Applications.
• Enter defects into relevant system for awareness and to trigger timely remediation or acceptance
• Provide clear risk mitigating directives for Connected vehicles, ECUs, systems, and applications
• Respond appropriate to inquiries about penetration testing scope or outcomes.
Requirements
EDUCATION: Bachelors from EE, Cybersecurity or other scientific degrees around software and hardware found in embedded systems, ECU's and Vehicles., Computer Science
• Minimum of 1+ year of related experience (Such as: security research, system exploitation, cybersecurity engineering); Position level will be dependent on level of education, years of experience, knowledge, skills and abilities
TECHNICAL SKILLS required
• Understanding of end to end kill chain and penetration testing methodologies
• Good knowledge of project management
• Good knowledge of Cybersecurity
• Good knowledge of common security patterns (e.g., authentication, authorization, separation of privileges, sandboxing, need to know, separation of duties, ...)
• Knowledge of security protocols (e.g., , TLS, SSH, ...)
• Knowledge of X.509 digital certificate standard and Public Key Infrastructure management.
• Knowledge of symmetric and asymmetric cryptographic algorithms (e.g., AES, RSA, ECC);
• Good knowledge of automotive operating systems (Autosar Classic and Adaptive, QNX, Linux, Android, etc) and middleware
• Basic knowledge of Connected Application integrations (Legato App framework, Automotive Android, QNX)
• Basic knowledge of C/C++, Java, Python, Kotlin or other programming languages Basic knowledge of scripting languages (e.g., jscript, bash, ...)
• Knowledge of automotive and penetration testing tools
TECHNICAL SKILLS Preferred (minimum)
• Basic knowledge of Connected Vehicles including embedded systems, electrical networks, circuits, PCB's and components, ECU's) Basic Knowledge of Linux Distros' (Kali, Ubuntu, Parrot)
• Basic understanding of Android
• Good knowledge of ISO 21434: Road Vehicle - Cybersecurity Engineering.
• Good knowledge of Service Oriented Architecture design pattern and paradigm.
• Good Knowledge of defensive tools e.g. CANoe, Vehicle spy, etc.
SOFT SKILLS
• Ability to work collaboratively in multicultural teams;
• Strong skills in technical writing and presenting;
• Good self-organization and analytical skills;
• Good proficiency in English.
verification C
The Cognizant community:
We are a high caliber team who appreciate and support one another. Our people uphold an energetic, collaborative and inclusive workplace where everyone can thrive.
- Cognizant is a global community with more than 345,000 associates around the world.
- We don't just dream of a better way - we make it happen.
- We take care of our people, clients, company, communities and climate by doing what's right.
- We foster an innovative environment where you can build the career path that's right for you.
About us:
Cognizant (Nasdaq-100: CTSH) is one of the world's leading professional services companies, helping organizations modernize technology, reimagine processes and transform experiences so they stay ahead in a fast-changing world.
Our commitment to diversity and inclusion:
Cognizant is an equal opportunity employer that embraces diversity, champions equity and values inclusion. We are dedicated to nurturing a community where everyone feels heard, accepted and welcome. Your application and candidacy will not be considered based on race, color, sex, religion, creed, sexual orientation, gender identity, national origin, disability, genetic information, pregnancy, veteran status or any other protected characteristic as outlined by federal, state or local laws.
Disclaimer:
Compensation information is accurate as of the date of this posting. Cognizant reserves the right to modify this information at any time, subject to applicable law.
Applicants may be required to attend interviews in person or by video conference. In addition, candidates may be required to present their current state or government issued ID during each interview.
Created: 2024-07-02
Reference: 00059805791
Country: United States
State: Michigan
City: Auburn Hills
Similar jobs:
-
Functional Safety and Cybersecurity Engineer
Flextronics in Farmington Hills, Michigan