Tasks
*mission of the position*:
i. Create the security plans and maintain consistency with the overall project planning ensuring the proper implementation of the security requirements
*b. Job description*:
i. The project security and privacy engineer (pspe) performs inductive and deductive security and privacy analyses on functional or technical architecture level and below. The role cares for the correct usage of the security and privacy analysis and implementation methods. The security and privacy analyst also prepares reports for the technical project leader, giving a statement about the risks for security and privacy. The security and privacy analyst closely works together with the system architect and ee and sw architects to achieve a common understanding within the development team.
ii. Perform/update security and privacy threat analysis, risk assessment and risk treatment in collaboration with the system architect
iii. Creates a functional security concept and analyze change requests with respect to impact on security and privacy
iv. Leads all the security & privacy development activities of a project. This includes the planning of security & privacy deliverables, ensuring the development of the security & privacy features following the defined process guidelines. The pspm acts as the interface of the project to the bu, project team and customer for all security aspects.
v. Ensures the quality of the security & privacy deliverables using thorough reviews, testing, and assessments. The pspm is also responsible for proper work package allocation, tracking, and the communication of project status related to security & privacy.
vi. Responsible for creation & review of the security & privacy development interface agreement (dia).
vii. Develops the threat analysis & risk assessment (tara) results and the security & privacy concepts for usage within the project
*c. Main responsibilities*:
creates security and privacy threat analysis, risk assessment and risk treatment
creates functional security concept
contribute to overall project plan with security & privacy aspects (security & privacy are part of the pp)
assure adequate tailoring of development process and the relevant activities dependent on security & privacy scope
contribute to feature ramp up and pr ramp down plans with respect to security & privacy content
create, update, review and get approval for security verification & validation plan
plan & initiate execution of the required security implementation analysis & assessments.
Discuss & negotiate security & privacy aspects with customer, suppliers and external assessors
support regular project status reporting (ex. epsr, weekly, risks & mitigation, dependencies, etc.) with respect to security & privacy
track security & privacy relevant project kpis on a regular basis. Support definition & tracking of countermeasures in case of deviations to recover the adherence to security & privacy driven kpi targets.
Support quote team for estimation of effort and costs for security & privacy related content
create, update, review and get approval for security & privacy verification & validation plan
*qualifications*:
*qualifications*:
- bachelor's degree in an engineering discipline such as electrical, computer, mechatronic or software engineering.
- 2+ years of automotive systems engineering development experience of electronic control units or equivalent embedded system design experience.
- 2+ years of experience developing requirements or security concepts, security analysis or security software.
- experience or knowledge of embedded system design practices and solutions.
- experience or knowledge of systems and/or software requirements best practices.
- demonstratable knowledge of project management concepts.
- experience with or demonstratable knowledge of iso/sae-21434.
- good communication, presentation skills and able to work in global cross-functional team environment.
About us
this business area vehicle networking and information develops modules and end-to-end systems for connected mobility along the strategic elements “network. Inform. Integrate.”, i.e. hardware, software and services. By providing solutions for networking, human-machine interaction, system integration and high-performance computing for cars, commercial vehicles and fleets, vehicle networking and information ensures functioning networks and a smooth flow of information for connected mobility.
Keyfacts
job-id
241253br
function
forschung und entwicklung
nice to know
continentals spezialisten aus unterschiedlichen disziplinen treiben den trend des automatisierten fahrens mit aller innovationskraft voran.
App. w. professional exp.