What you’ll do:

The Senior Cybersecurity Engineer will be part of a global team of security experts driving ‘Security by Design’ philosophy in Eaton product, solutions & services.

Senior Cybersecurity Engineer will be part of a global team of Cybersecurity experts driving ‘Security by Design’ philosophy in Eaton product and solutions.

He/she will be responsible for:

• Performing Vulnerability Assessment & Penetration Testing on existing and upcoming Eaton products, solutions & services spanning a wide range of technologies including Automotive ECUs, Gateway Devices, IoT devices, systems & solutions, web applications, mobile applications, thick clients, wireless devices, embedded systems deployed across industries such as eMobility, vehicle and aerospace systems.

• Driving Threat Modeling and Risk Assessment (TARA) exercise with product teams early in the design and development phase to identify applicable cybersecurity requirements across a variety of Mobility related products, systems & solutions.

• Driving certifications of Eaton and Eaton brand labeled products under schemes like ISO 21434, UN ECE R155, R156, IEC 62443, UL 2900 and other emerging standards.

• Providing hands-on guidance to product engineering / development teams as they implement complex cybersecurity features and requirements in their products & fix the issues discovered through Vulnerability assessment & Penetration testing.

• Building tools and automation frameworks around security to achieve Eaton-scale impact.

• Evangelizing and providing technical security trainings to software developers and test engineers across the organization and evangelizing the importance of cybersecurity in other functions like sales, services and product & project management.

• Monitoring evolving threat landscape, cybersecurity technologies, standards, frameworks and drive continuous improvement in Eaton’s cybersecurity requirements, frameworks and processes.

• Support Cybersecurity Project management & OpEX processes to help drive efficiencies, optimizations & continuous improvements in CCoE's various processes & engagements.

Qualifications:

• Bachelor’s or master’s degree in Computer Science, Electronics Engineering, Electrical Engineering.

• 5+ years of relevant experience in Product cybersecurity

• Bachelor’s or master’s degree in Computer Science, Electronics Engineering, Electrical Engineering, Automotive Engineering.

• 5+ years of relevant experience in Embedded/Automotive product cybersecurity.

• Familiarity with AutoSAR Framework and ISO 21434 standards.

• Ability to work in and with diverse & multi-cultural and geographically dispersed teams

• Ability to collaborate across multi-disciplinary teams (legal, IT, product management, project management)

• Ability to present to various levels of engineering and business leadership globally.

• Be a technical mentor to other members of the team and beyond

• Good to have experience in embedded system software secure architecture (e.g. TrustZone, OpenSSL, OP-TEE, Crypto engines)

• Familiarity with device security concepts such as Secure boot (using HSM, SHE, TPM, TEE etc.)

• Familiarity with debug tools(e.g. Lauter Bach/ JTAG Trace 32)

• Understanding of threats/vulnerabilities of various ECUs and their impact on vehicle security (Gateway, Telematics, Inverter, ADAS, etc. ).

Skills:

• Good understanding of Secure Development Lifecycle as it relates to Vehicle Cybersecurity and aligned to SAE/ISO 21434.

• Hands on experience in Vulnerability Analysis and Penetration testing of TCP/IP supported Automotive and embedded products.

• Experience in performing Threat Analysis and Risk Assessment (TARA) of a variety of Automotive and embedded products.

• Experience in Embedded and Automotive system communication protocols like Automotive Ethernet, CAN, UDS, XCP, J1939, LIN over JTAG, UART, SPI, I2C.

• Understanding of Device identity and integrity controls - On-Board/Off-Board key generation, secure boot, codesigning, OTA/FOTA Software Update, SecOC, Secure Diagnostics, device life-cycle management (enrollment, provisioning, activation, suspend, revoke, re-provision/terminate)

• Understanding of secure libraries (e.g. bootloader etc.), Embedded Linux and RTOS

• Experience in firmware reverse engineering and device security hardening

• Understanding in executing vehicle level cyber security attacks - Grey box testing (Command injection, data corruption, back doors, Man in the middle attack, sensor manipulation, network overloading/etc.)

• Good to have understanding of Data and system security - application whitelisting, run-time system integrity check, anomaly detection, message signing, dynamic access control

• Good to have understanding of cryptography & PKI technology - Hash, Symmetric / Asymmetric encryption | RSA-X509, SSL, TLS/DTLS, PKCS, key management, certificate implementation

• Good to have Hands on Experience with Linux and Python scripting

• Good to have experience in Fuzz testing Over CAN/UDS and other automotive protocols. Preferably using Synopsys Defensics, Python Scripting, CAPL Scripting, BeStorm etc.)

• Good Hands on experience in Penetration testing tools(Wireshark, CANalyzer, CANoe, CAPL Scripting, Nmap, etc.)

• Good to have experience in C and in secure C/C++ code review using of Static Analysis tools.