LOCATION: SINGAPORE
Automotive Cyber Security R&D Engineer (Senior Principal / Principal Engineer)
Position Description – Security Analyst / Researcher/ White Hat.
COMPANY OVERVIEW:
Our client is one of the leading mobility companies who is committed to play an active and role in the transformation of future mobility. They will continue and further enhance its investment in the focused areas of vehicular interior cabin electrification & integration, vehicular intelligence & security and vehicular internet & connectivity.
PRIMARY DUTIES & RESPONSIBILITIES:
Lead and engage the security related research activities with Academic organizations.
Lead and participate in automotive security related international/industrial standard organizations.
Propose and initiate automotive security technology project and activities aligning with department level roadmap.
Focus on searching, experimenting and deploying cutting-edge security solutions to achieve enterprise level strategies.
Guide and support the elicitation and analysis of security requirements for platforms and OEM projects.
Aid in documenting the security interfaces, security interconnections, and the trust relationship between system components and external systems.
Research on Fuzzing as well as Penetration Testing techniques and develop customised Penetration Testing and Vulnerability Assessment on communication, electronics and embedded OS of Automotive E/E products.
Engage in code review.
QUALIFICATION:
Bachelor's degree (and above) in Information Security, Engineering, Computer Science or related field.
Deep knowledge in applying C, C++, JAVA or other scripting for different embedded system development.
Knowledge of security engineering (building secure systems), Operating Systems and network security, common attack patterns and exploitation techniques。
Knowledge of system security analysis techniques such as threat modelling, attack trees etc.
Excellent written and verbal communication skills。
Experience with embedded systems will be added advantage。
Experience with Automotive industrial protocols will be added advantage。
PREFERRED SKILLS AND EXPERIENCE:
Knowledge with Security Engineering and Assurance methodologies e.g. fuzzing, static and dynamic code analysis。
Knowledge with common attack patterns and exploitation techniques. Ability to write fully functional exploits for common vulnerabilities such as simple stack overflow, cross-site scripting, or SQL injection。
Experience in using standard Security Assessment and Penetration Testing tools such as Burp Suite, Metasploit, IDA Pro etc.
Data Science techniques such as clustering, anomaly detection, and machine learning leveraging data analysis tools such as Splunk, MapReduce, SQL, R, MatLab etc.