Vehicle Cybersecurity Analyst/Engineer
The Vehicle Cybersecurity Analyst/Engineer is responsible for the systematic identification of security risks and the development of defensive requirements for vehicle systems. This role is primarily focused on the high-volume execution of Threat Analysis and Risk Assessments (TARA) for agricultural, automotive, and other mobile industrial platforms.
This role is ideal for a cybersecurity professional who enjoys the analytical challenge of threat modeling and risk management within a rigorous systems engineering framework and is comfortable collaborating with engineering teams to integrate cybersecurity into system designs.
We believe in a future of automated TARAs. It will be beneficial if you enjoy strategizing how to increase efficiency by using LLMs and AI coding tools.
Responsibilities
- Lead TARA Execution: Perform comprehensive Threat Analysis and Risk Assessments (TARA) utilizing STRIDE-based methodologies to identify system vulnerabilities.
- Attack Path Identification: Analyze and document damage scenarios and threat scenarios, mapping out potential attack paths across vehicle networks and embedded controllers.
- Risk Quantification: Evaluate the feasibility and impact of identified threats to determine risk ratings, ensuring all findings are defensible and technically sound.
- Cybersecurity Concept Development: Translate risk findings into actionable cybersecurity requirements and high-level Cybersecurity Concepts for engineering teams.
- Systems Engineering Collaboration: Interface with E/E architecture, software, and hardware teams to ensure that security mitigations are effectively integrated into the system design.
- Regulatory and Standards Compliance: Ensure all assessment activities and documentation support alignment with UNECE WP.29 (R155/R156) and other relevant industry regulations.
- Technical Documentation: Maintain precise traceability between threats, risks, and requirements to support internal audits and external compliance reviews.
- Efficiency Improvement: Understand which steps can be automated and develop MVPs.
Required Qualifications
- Applied TARA Experience: Demonstrated experience leading and completing Threat Analysis and Risk Assessments for vehicle or complex embedded systems.
- Threat Modeling Proficiency: Strong understanding of the STRIDE framework and the ability to apply adversarial logic to identify security gaps in design.
- Vehicle Network Knowledge: Technical familiarity with vehicle communication protocols such as CAN, J1939, Automotive Ethernet, and ISOBUS.
- Regulatory Knowledge: Working knowledge of ISO/SAE 21434 and the cybersecurity requirements within UNECE WP.29 R155/R156.
- Engineering Discipline: Proven ability to produce high-quality technical documentation and manage a steady volume of deliverables independently.
- Embedded Systems Awareness: Understanding of the security challenges associated with resource-constrained environments and vehicle diagnostics (UDS).
- Analytical and Communication Skills: Strong analytical, documentation, and technical communication skills.
- Project Execution: Ability to lead structured technical discussions and manage deliverables independently in a high-throughput environment.
Preferred / Nice-to-Have
- LLMs and AI: Proficiency in utilizing LLMs and using AI coding tools.
- Specialized Platform Experience: Experience with agricultural, construction, or heavy equipment vehicle platforms.
- Architecture Development: Experience defining secure communication requirements or hardware-level security interfaces.
- Audit Support: Previous experience preparing documentation for regulatory type approval or third-party cybersecurity audits and using a variety of tools to perform TARA.
Try Block Harbor Today
Start protecting your vehicles with the same platform the world’s best hackers and defenders use.
%201.svg){kind=logo}
- Address:
- 2050 15th St, Detroit, MI 48216