职位描述

We are looking for a cyber security expert of software team in Marelli Electronics Guangzhou R&D center. The candidate will be responsible for the following activities:
1. Work with MM SW and project team to achieve SW development targets
2. Work out SW solution/design, and report to the SW project leader for project development.
3. Perform SW Requirements engineering activities, and maintain the requirement traceability at System Requirement, SW Requirement and SW Design.
4. Review for System Requirements, SW design and implementation.
5. Lead SW Architect design.
6. Defect & risk analysis.
7. Supports the SW project leader in daily technical issues
8. Track Requirements change and provide the related impact / feasibility analysis and effort / cost estimations in order to share them during the Change Control Board meeting.
9. Participate to the offers, design and validation of the projects
10. Responsible for the accuracy of the design/improvement work & its implementation
11. Develop and deploy security development lifecycle process and practices
12. Developing cybersecurity solutions to in-vehicle connectivity devices and drives in general and related accessories such as options, PC tools, etc.
13. Security dynamic tracking in both domestic and international security communities for vulnerability warning, analysis, and fixing.
14. Supporting new product development projects to fulfill internal and external cybersecurity requirements by design reviews and other means
15. Support management in assessing cybersecurity compliance of new products and solutions

Key Skills
1. Android/Linux/QNX/AutoSAR OS knowledge
2. Good at C/C++/Python/Assembly
3. High Level SW Design, SW Architecture Design
4. Requirements elicitation and development
5. Multinational Team working
6. Problem Solving
7. Automotive industrialization rules

Requirement:
1. At least Bachelor degree on Automation/Automotive/Communication/Electronic/Computer Science
2. More than 6 years of experience of embedded electronic product development with high level of SW contents, more than 3 years of cyber security development and testing.
3. SW design background in embedded systems
4. Technical background in Telematics System, Telecom, Infotainment areas will be appreciated
5. Security major. Proficient in cyber security, related software and application
6. Following certifications will be appreciated: CISSP, CASS, ISA, CSSLP, or ECSP, TISP in combination with TPSSE, CSSLP (or comparable)
7. Working knowledge of NIST, Open Web Application Security Project (OWASP) and Open Source Security Testing Methodology Manual (OSSTMM)
8. Know well about China cyber security related laws and regulations

Skills Background
9. Knowledge of: TCP/IP, PKI, firewall, secure boot, Cryptology (4)
10. Wireless security of BLE/Zigbee/RF and so on (4)
11. Penetration test solution (4)
12. Knowledge of packer for executables (3)
13. Experience discerning an organizations security controls for application software based on vulnerabilities and business needs (3)
14. Advanced ability to identify security vulnerabilities from code reviews and testing (4)
15. Advanced knowledge of application vulnerabilities such as parameter manipulation, injection attacks, buffer overflows and cross-site scripting (4)
16. Knowledge of application functionality such as authentication, authorization, data validation, encryption, exception handling, logging and language frameworks (4)
17. Knowledge of cloud technologies and products (1)