• Array Full-time

About our partner

Tasks:

• Upcoming legislation and standards such as UNECE.R155 and ISO21434 are driving a number of workstreams across a range of technical and non-technical areas of the business. We have a number of vacancies and so would be keen to hear from you if you have relevant experience in one or more of the following Cyber Security areas:
• Policy, process development and governance, including knowledge of relevant standards such as UNECE.R155, ISO21434, ISO27001
• Threat analysis and risk assessment
• Cyber security controls and technologies for embedded systems / IoT
• Cryptography, including key and certificate management
• Incident monitoring and response (SOC / SIEM)
• Security verification and validation techniques
• Secure hardware and software design and development practices
• You will be expected to take a leading role for your area of specialism, across one or more of the cyber security delivery phases such as the development of cyber security requirements for a critical system or the software verification of and testing of these systems.
• You will be responsible for developing corporate standards and strategies in your area of specialism, leading their deployment in the business.
• You will be expected to engage with suppliers to understand vulnerabiities associated with their systems and define a joint approach to protecting these systems.
• You will need to represent the department in wider business discussions, and also be hands-on with software development teams.
• This will be proven through verification testing, including potentially penetration testing and show clear traceability through standards, process definition and technical documentation.
• The performance indicators will be specific to the individual role but may include elements such as:
• Security metrics including threat, risk and vulnerability measures.
• Compliance of JLR products with cyber security standards and requirements throughout the engineering lifecycle.
• Completion of tasks to agreed timing, cost and quality, and in line with vehicle programme timing requirements.
• System and subsystem test results and associated performance metrics, including PEN test outputs.
• Key Accountabilities and Responsibilities
• The exact responsibilities will depend on the specific role, but can be expected to include topics such as the following:
• Develop corporate strategies in your area of specialism, leading their deployment into the business on a worldwide scale.
• Apply system thinking and engineering knowledge to support the delivery of secure vehicle systems.
• Lead internal and external certification activities, audits, and cybersecurity standards reviews.
• Identify and mitigate technical risks and collaborate with developers to resolve technical issues.
• Maintain departmental and company standards & procedures.
• Monitor and respond to threats identified from a range of sources including analysis of vehicle systems, disclosures and theoretical analysis.
• Ensure continuous improvement through effective lessons learned, knowledge capture and process development compliant with standards such as ISO21434.
• Establish and deploy best technical practice and knowledge transfer via formal training as well as informal mentoring.
• Be an advocate for a cyber security as a core business priority.
• Liaison with third parties to represent their interest in the project / product development.
• Functional domain teams such as the electrical, chassis and powertrain teams; information technology teams; our global software development teams; JLR systems engineering teams, key security / software/ hardware suppliers, connected car and cloud platform services / teams, external specialists and certification authorities.

Requirements:

• Proven experience and track record of delivery in a field relevant to the role.
• Qualified to degree level in a relevant discipline, or equivalent experience.
• An ability to think analytically, rigorously and creatively with a commitment to quality and outstanding results.
• Able to carry out detailed work against security attributes, and able to constructively assess others’ work.
• Excellent written and verbal communication skills; ability to confer complex technical and procedural topics in a clear and concise form, confidently presenting with senior stakeholders.
• Ability to handle concurrent programmes.
• Prior experience relating to the development of safety-critical software.
• Process, methods and tools development, in a structured environment (QMS, ISMS or similar).
• Expertise in requirements management and ALM systems, e.g. IBM Rational DOORS, RTC, JIRA or similar.
• Experience of standards and legislation relevant to the role
• Automotive experience is preferred, but we are also keen to hear from candidates with knowledge in other relevant fields, e.g. aerospace, defence, IT, industrial controls, medical devices or similar.

What we offer

• Bring all this to the home of premium innovation, and you’ll find the opportunities to further your career working with a world-class team in state-of-the-art facilities. We offer a competitive salary and a performance related bonus scheme. All this and more makes the company the perfect place to continue your journey.
• We are committed to equal opportunity for all.