Vehicle Cybersecurity Analyst/Engineer

Position SummaryThe Vehicle Cybersecurity Analyst/Engineer is responsible for the systematic identification of security risks and the development of defensive requirements for vehicle systems. This role is primarily focused on the high-volume execution of Threat Analysis and Risk Assessments (TARA) for agricultural, automotive, and other mobile industrial platforms.This role is ideal for a cybersecurity professional who enjoys the analytical challenge of threat modeling and risk management within a rigorous systems engineering framework and is comfortable collaborating with engineering teams to integrate cybersecurity into system designs.We believe in a future of automated TARAs. It will be beneficial if you enjoy strategizing how to increase efficiency by using LLMs and AI coding tools. Key ResponsibilitiesLead TARA Execution: Perform comprehensive Threat Analysis and Risk Assessments (TARA) utilizing STRIDE-based methodologies to identify system vulnerabilities.Attack Path Identification: Analyze and document damage scenarios and threat scenarios, mapping out potential attack paths across vehicle networks and embedded controllers.Risk Quantification: Evaluate the feasibility and impact of identified threats to determine risk ratings, ensuring all findings are defensible and technically sound.Cybersecurity Concept Development: Translate risk findings into actionable cybersecurity requirements and high-level Cybersecurity Concepts for engineering teams.Systems Engineering Collaboration: Interface with E/E architecture, software, and hardware teams to ensure that security mitigations are effectively integrated into the system design.Regulatory and Standards Compliance: Ensure all assessment activities and documentation support alignment with UNECE WP.29 (R155/R156) and other relevant industry regulations.Technical Documentation: Maintain precise traceability between threats, risks, and requirements to support internal audits and external compliance reviews.Efficiency Improvement: Understand which steps can be automated and develop MVPs.Required QualificationsApplied TARA Experience: Demonstrated experience leading and completing Threat Analysis and Risk Assessments for vehicle or complex embedded systems.Threat Modeling Proficiency: Strong understanding of the STRIDE framework and the ability to apply adversarial logic to identify security gaps in design.Vehicle Network Knowledge: Technical familiarity with vehicle communication protocols such as CAN, J1939, Automotive Ethernet, and ISOBUS.Regulatory Knowledge: Working knowledge of ISO/SAE 21434 and the cybersecurity requirements within UNECE WP.29 R155/R156.Engineering Discipline: Proven ability to produce high-quality technical documentation and manage a steady volume of deliverables independently.Embedded Systems Awareness: Understanding of the security challenges associated with resource-constrained environments and vehicle diagnostics (UDS).Analytical and Communication Skills: Strong analytical, documentation, and technical communication skills.Project Execution: Ability to lead structured technical discussions and manage deliverables independently in a high-throughput environment.Preferred QualificationsLLMs and AI: Proficiency in utilizing LLMs and using AI coding tools. Specialized Platform Experience: Experience with agricultural, construction, or heavy equipment vehicle platforms.Architecture Development: Experience defining secure communication requirements or hardware-level security interfaces.Audit Support: Previous experience preparing documentation for regulatory type approval or third-party cybersecurity audits and using a variety of tools to perform TARA.