Vehicle Security Architect

Role description :

The Technical 2nd LoD review shall focus on the Cyber Security aspects of the Onboard Elements in the Vehicle (ECUs / units in the Network Architecture) and the Offboard (Mobile Communications and Cloud).

As part of the expectation from the CSMS process in JLR Way, the 2nd LoD review is currently mandatory for the Cyber Security Assessment of High and Critical risk projects.

Key responsibilities :

The reviewer is responsible to review each and every ECU of concern in accordance with the CSMS process defined in JLR Way and shall prepare a review report for it.

The planning of the project happens using AGILE methods and tracked using JIRA.

Key skills

• Awareness on the Cyber Security Regulations :

The first and foremost requirement is to have a knowledge on the CSMS process.

Overview on the UN-R155 and UN-R156 regulations, and awareness about the ISO21434 is a  must .

Awareness on the different Cyber Security Mitigations (Cyber Hygiene, Secure Boot, Signed SW, SecOC, Secure Diagnostics, Secure Debug, etc.,) for the ECUs and the Network and knowledge of the Security Controls found in SOTA, Mobile Communications and Cloud) for the offboard aspects is a  must .

Knowledge on the CSMS process with awareness on ISO21434 is a  must .

Experience in DIA / CIA, Cyber Security Plan, Item Definition, TARA is the least expectation.

In order to perform an effective review, the reviewer  should  have an awareness on the Network architecture, Communication Protocols, ECU hardware, HSMs, etc.,

Strong documentation and communication skills are must when providing review support as Technical 2nd LoD. This includes the ability to clearly articulate findings and recommendations to technical and non-technical stakeholders alike.

Person specification :

Skills Required

Cyber Security