Cybersecurity Architect - Embedded Security Mitigations
About the role
As an Architect for Embedded Security Mitigations within the Office of Cybersecurity, you will serve as the primary technical authority for the design, development, and maintenance of production-ready embedded security implementations that will be used across vehicle controllers. This is a high-impact, hands-on role where you will be expected to produce high-quality, production-grade code while providing technical leadership to Embedded Security Engineers (GSR).
Responsibilities
- Standardized Implementation: Architect and implement production-ready security mitigations within Classic AUTOSAR, proactively collaborating with controller teams to gather requirements and technical constraints and drive a unified, standard implementation across platforms.
- Hands-on Code Production: Maintain a high level of hands-on involvement by writing and reviewing complex embedded code in C and C++, ensuring it meets Ford quality, performance, and maintainability expectations.
- Technical Leadership: Partner with and guide Embedded Security Engineers (GSR) to execute technical roadmaps and deliver robust, reusable software components.
- Deliverables & Reuse: Drive creation of reusable deliverables (source libraries, prebuilt artifacts, and test suites) with clear APIs, versioning strategy, and integration guidance for ECU teams.
- Lifecycle Management: Own the full software development lifecycle (SDLC) for mitigation implementations, from initial design through production support, maintenance, and hardening.
- Standards Alignment: Ensure implementations align with ISO/SAE 21434 cybersecurity engineering needs and incorporate diagnostic/security considerations aligned to UDS (ISO 14229-1); demonstrate familiarity with UNECE R155 expectations.
- Workflow: Use GitHub for version control, pull requests, and code reviews.
- Tooling: Experience with at least 2 of the following AUTOSAR implementation/tool ecosystems: Vector, eTAS, Elektrobit.
- Agile Execution: Manage technical debt, feature backlogs, and sprint planning productively within Jira.
- Cross-Functional Collaboration: Coordinate with systems engineering, validation, and platform teams to enable seamless integration of security controls across a diverse set of ECUs.
- Testing / V&V: Collaborate with Verification & Validation teams to develop and execute security focused test plans to ensure robust, secure solutions.
Requirements
- Bachelor’s degree in Electrical Engineering, Computer Science, Computer Engineering, or a related field, or a combination of education and experience.
- 10+ years of technical leadership experience in embedded software development for automotive applications.
- Fluency in both Classic and Adaptive AUTOSAR architecture and integration practices.
- Advanced proficiency in C and C++ for embedded systems with a strong focus on secure coding practices.
- Strong debugging skills and experience with embedded systems debugging tools.
- Working knowledge of Python and Java for automation, tooling, and/or supporting development.
- Working knowledge of UDS (ISO 14229-1) and ISO/SAE 21434.
- Solid understanding of common security vulnerabilities and attack vectors in embedded systems.
- Strong background in automotive cybersecurity regulations, data protection standards, and industry-relevant security protocols (e.g., ISO/SAE 21434, UNECE WP29 R.155/R.156, GDPR, IEEE, IETF, NIST).
- Excellent communication and collaboration skills, with the ability to explain complex security concepts to diverse audiences and work effectively in cross-functional, geographically dispersed teams.
- Demonstrated experience working productively within Jira for task management and project tracking.
Qualifications
- Experience with Hardware Security Modules (HSM) and Secure Hardware Extension (SHE) concepts.
- Familiarity with cryptographic libraries and secure boot-related integration patterns.
- Strong background in GitHub-based workflows, including code review practices and CI/CD integration.
- Ability to mentor junior and mid-level engineers while maintaining high individual technical output.
- Experience building automated test strategies for embedded libraries and publishing prebuilt artifacts through CI.
Skills
- Experience with at least 2 of the following AUTOSAR implementation/tool ecosystems: Vector (DaVinci), ETAS, Elektrobit.
Benefits
Immediate medical, dental, vision and prescription drug coverage
Flexible family care days, paid parental leave, new parent ramp-up programs, subsidized back-up childcare and more
Family building benefits including adoption and surrogacy expense reimbursement, fertility treatments, and more
Vehicle discount program for employees and family members and management leases
Tuition assistance
Established and active employee resource groups
Paid time off for individual and team community service
A generous schedule of paid holidays, including the week between Christmas and New Year’s Day
Paid time off and the option to purchase additional vacation time.