|
ADAS Software Engineer - Embedded Security
We are seeking a diligent, detail-driven professional to provide vital expertise in support of our Advance
Driver Assistance Systems Embedded Software development activities. This involves applying
engineering principles and analytical techniques to support the delivery of cybersecurity solutions to
protect the next generation of ADAS ECU. Cybersecurity Engineers will evaluate, critique, and drive
secure designs from concept to implementation. Engineers are expected to take ownership of
assignments including developing in-depth understanding of the technologies under review, working to
close security gaps and mitigate identified vulnerabilities, and report out to management.
You will:
* Follow/implement the Cybersecurity development process per ISO 21434 and OEM specific
strategy.
* Review feature/system cybersecurity requirement and other partner requirement to develop
software cybersecurity requirement.
* Support development of software architecture design based on system design in architecture
tool (i.e., Magic Draw) and allocate the software cybersecurity requirement to the architecture.
* Development and validation of cybersecurity features including secure boot, secure software
update, secure communication (CAN/Ethernet), secure logging, secure diagnostics, and secure
debug.
* Perform/support software unit verification /integration testing on bench/HIL/vehicle
environment.
* Build vital work product per ISO 21434 and UNECE WP.29 and collect required test evidence to
build software security case.
* Support cybersecurity technical specialist to ensure ISO 21434 and UNECE WP.29 compliance
including cyber security auditing.
* Support cybersecurity system engineer and feature owner to build feature cybersecurity work
product including TARA and system cybersecurity requirement.
* Support system architecture and system engineer to build ECU/module system design and
cybersecurity concept.
* Support system engineer and HW engineer to build hardware software interface.
* Participate of the development and tracking of detailed deployment timing plans to support
production validation of ECU software on benches, Voice of Customer Fleet (VoCF),
Management Lease Vehicles (MLV), Beta and End Customer vehicles.
* Support ECU manufacture process related to cybersecurity material (key/password/certificate).
* Support field issue resolution and root-cause analysis.
* Supply to process improvement to achieve ASPICE compliance.
* Participate in agile development teams in applying cyber security standard processes to product
development projects and programs
The minimum requirements we seek:
* B.S. in Computer Science, Electrical Engineering, Computer Engineering, or related field or a
combination of education and equivalent experience
* 2+ years experience in embedded software development experience using RTOS (i.e.
AUTOSAR/OSEK, LINUX/QNX/POSIX).
* 1+ years of experience in a technical cyber security or architecture or software developer
position
* 1+ years of experience with in-vehicle network architecture, modules, and protocols (CAN etc.)
Our preferred requirements:
* M.S. in computer science, Electrical Engineering, Computer Engineering, or related field
* 3+ years' experience in embedded software development for security critical system.
* 3+ years' experience in security critical software development under classical/adaptive
AUTOSAR framework.
* 1+ years' experience in AUTOSAR security stack configuration (SecOC/TLS/HW&SW Crypto).
* Familiar with Cybersecurity industrial standard (i.e. ISO 21434).
* Familiar with software change control and issue tracking tool (i.e. Jira).
* Familiar with software requirement management tool (i.e. Polarion, Doors, JAMA).
* Familiar with software architecture design tool based on UML/SysML (i.e. MagicDraw,
Enterprise Architect).
* Familiar with software integration test tool (i.e. CANoe, CANalyzer, CANape).
* Familiar with port/service scan tool (i.e. nmap).
* Familiar with fuzz testing tool (i.e. Defensics Networking Test Suites).
* Familiar with Common Vulnerabilities and Exposures (CVE) and appropriate methods of
mitigation.
* Familiar with CI/CD workflow (i.e. Jenkins).
* Ability to provide engineering documentation including requirements, specifications, test plans,
etc.
* Ability to work independently and collaboratively
* Strong communication and analytical skills
* Conceptual understanding of security methodologies and challenges
* Experience applying security fundamentals (such as Cryptography, keying, PKI, TLS) Employee Status : Full Time Employee Shift : Day Job Travel : No Job Posting : May 07 2024 About Cognizant Cognizant (Nasdaq-100: CTSH) is one of the world's leading professional services companies, transforming clients' business, operating and technology models for the digital era. Our unique industry-based, consultative approach helps clients envision, build and run more innovative and efficient businesses. Headquartered in the U.S., Cognizant is ranked 185 on the Fortune 500 and is consistently listed among the most admired companies in the world. Learn how Cognizant helps clients lead with digital at www.cognizant.com or follow us @USJobsCognizant.
Applicants may be required to attend interviews in person or by video conference. In addition, candidates may be required to present their current state or government issued ID during each interview. Cognizant is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. If you have a disability that requires a reasonable accommodation to search for a job opening or submit an application, please email CareersNA2@cognizant.com with your request and contact information.
|
Cognizant North America
May 07, 2024