Responsibilities:

• Serve as a Subject Matter Expert in automotive communication protocols, providing in-depth analysis and guidance on their secure implementation and potential vulnerabilities.

• Apply a deep understanding of in-vehicle network topologies and their security implications to design, analyze, and secure complex automotive architectures.

• Utilize proficiency with diagnostic protocols to identify security risks and ensure secure diagnostic access and functionalities within vehicle systems.

• Leverage in-depth knowledge of securing embedded systems and Electronic Control Units to develop and implement robust security controls. This includes working with secure boot mechanisms, Hardware Security Modules, and Trusted Execution Environments.

• Apply practical experience with Public Key Infrastructure (PKI) to design and secure cryptographic solutions for in-vehicle communication, software updates, and data protection.

• Conduct hands-on security assessments, including penetration testing and fuzz testing, to identify and validate vulnerabilities in automotive hardware, software, and communication systems. Develop and recommend remediation strategies based on findings.

• Take a lead role in the implementation of cybersecurity measures for medium-sized projects, guiding technical teams, defining security requirements, and ensuring successful integration of security features.

• Participate in design reviews and architectural discussions to ensure security is built into products from the ground up, adhering to industry’s best practices and standards.

• Collaborate closely with Ford Secondees at JMC, JMC engineering and product development teams, and JMC tier 1 suppliers to integrate cybersecurity requirements and provide expert technical guidance.

• Bachelor’s Degree in Computer Science, Software Engineering or Electronics/Electrical Engineering.

• Over 4 years of experience in automotive product cybersecurity, including a minimum of 2 years specializing in in-vehicle and mobility cybersecurity.

• Leading the analysis and resolution of highly complex and ambiguous technical cybersecurity challenges.

• Driving the adoption of new security technologies, tools, and best practices.

• Guiding and developing less experienced engineers, sharing deep technical knowledge, and fostering a culture of security awareness and excellence.

• Taking responsibility for the cybersecurity outcomes of medium-sized projects, ensuring security requirements are met and risks are managed.

• Effectively managing cybersecurity tasks within project timelines and helping the team prioritize security activities.

• Making sound and timely technical decisions regarding security implementations and trade-offs.

• Expertise in designing, reviewing, and implementing secure architectures for in-vehicle systems, ECUs, and connected mobility components.

• Ability to translate security requirements into practical, implementable technical solutions.

• Advanced proficiency in conducting detailed threat modeling (e.g. STRIDE, HEAVENS, Attack Trees) for automotive systems and identifying potential attack vectors and vulnerabilities.

• Ability to develop custom test scripts and tools to uncover security flaws.

• Proven ability to lead the technical implementation of cybersecurity features and solutions for medium-sized projects, guiding engineering teams and ensuring successful delivery.

• Proficiency in identifying, analyzing, prioritizing, and managing vulnerabilities in automotive software and hardware, including tracking remediation efforts.

• Subject Matter Expert in in-vehicle communication protocols such as CAN, CAN-FD, Automotive Ethernet, LIN, and their security vulnerabilities and countermeasures

• Proficiency with diagnostic protocols (e.g. UDS, SOME/IP) and securing diagnostic access.

• Hands-on experience with secure boot, Hardware Security Modules, and Trusted Execution Environments.

• Practical experience in applying cryptographic principles and algorithms for secure communication, data storage, and authentication in automotive context.

• Hands-on experience with penetration testing tools and techniques for automotive ECUs and systems.

• Proficiency in programming languages (e.g. Python, JS) for developing security tools, analyzing firmware, or scripting automated security tests.

• Working knowledge of relevant automotive cybersecurity standards and regulations (e.g. ISO/SAE21434, UNECE R155/156, NIST Cybersecurity Framework, China GB44495/

44496) and the ability to apply them to technical implementations.