Senior Principal Cybersecurity Engineer
Aptiv · Troy, MI · Yesterday
Information TechnologyFull-time
Responsibilities
- Research and develop production-ready cybersecurity capabilities
- Develop, enhance and customize security capabilities, tooling and instrumentation
- Communicate security research findings to production engineering teams around the world, ensuring integration into platforms and products
- Collaborate with open-source organizations to ensure quality of our open-source cybersecurity stack, including making quality and feature improvements
- Conduct experiments to test the limits of state-of-the-art technologies to uncover weaknesses and vulnerabilities
- Translate research findings into patents, blog posts, and conference publications
- Maintain an up-to-date awareness of offensive and defensive cybersecurity activities in the public/commercial domain and working to accelerate cyber operations as appropriate
- Break down long-term efforts into discrete tasks that demonstrate incremental progress
- Guide product teams through integration of new cybersecurity system designs and testing methodologies
- Defend research viewpoints to senior and executive leadership by providing compelling information and evidence
Requirements
- 5+ years’ experience in cybersecurity engineering, development of cryptographic libraries/protocol stacks, vulnerability research, or reverse engineering
- 5+ years’ experience with C, assembly (ARM, MIPS, RISC-V, Intel x86_64, proprietary architectures, etc.), or similar low-level/embedded development
- 3+ years’ experience with: 1) host-based virtualization (VMware workstation, QEMU-KVM, Xen, etc.) and emulation technologies (QEMU, Simics, etc.); 2) conducting offensive cyber research such as vulnerability research and exploit development against embedded systems; 3) scripting languages like Python in a Linux-like environment; and 4) debugging embedded systems (JTAG, UART, proprietary debugging environment, etc)
- Familiarity with embedded systems development and use of cryptography and/or communications implementations
- Good organization, communication, collaboration and interpersonal skills
- A go-getter that is passionate to learn about new security vulnerabilities and develop assessment automation solutions
- Interest and/or experience with bug bounties, capture-the-flag competitions, etc.
- Experience proposing and executing independent research and development tasks and writing conference-level technical reports
- Familiarity with version control systems and code review processes
Qualifications
- Master’s Degree in Computer Science, Computer Engineering, Electrical Engineering or similar discipline
- 2+ years’ experience developing with automotive hardware and architectures (e.g., TriCore™)
- 2+ years’ experience developing for FPGAs such as Xilinx, NXP, etc. and using their associated tool suites such as Vivado, etc.
- Familiarity with automotive communication systems (CAN, CAN-FD, automotive Ethernet, etc.)
- Familiarity with automotive operating systems such as SROS2 and software communications middleware DDS
- Familiarity with Bluetooth, NFC, and/or Wi-Fi implementations and communications
- General understand circuit schematics, hardware data sheets, and/or logic design
- Experience working as part of a cross-functional team to implement diverse solutions
- Experience performing threat modelling and design reviews to assess security implications and requirements for introduction of new technologies
- Experience representing technical viewpoints to diverse audiences and in making timely and prudent technical risk decisions
- Experience in customer discussions and technical design reviews and supporting cross discipline activities
- High level of oral and written communication skills
- Ability to communicate and present complex issues and ideas with precision and clarity, adjusting appropriately for the audience; ability to communicate effectively up to the Vice President level
Benefits
- Private health care effective day 1 of employment
- Life and accident insurance
- Paid Time Off (Holidays, Vacation, Designated time off, Parental leave)
- Learning and development opportunities
- Discount programs with various manufacturers and retailers
- Recognition for innovation and excellence
- Tuition Reimbursement
- Adoption Assistance
- Fertility Coverage