Cybersecurity Architect - Embedded Security Mitigations

About The Position

Requirements

• Bachelor’s degree in Electrical Engineering, Computer Science, Computer Engineering, or a related field, or a combination of education and experience.
• 10+ years of technical leadership experience in embedded software development for automotive applications.
• Fluency in both Classic and Adaptive AUTOSAR architecture and integration practices.
• Proven expertise in at least 2 of the following AUTOSAR implementation/tool ecosystems: Vector (DaVinci), ETAS, Elektrobit.
• Advanced proficiency in C and C++ for embedded systems with a strong focus on secure coding practices
• Strong debugging skills and experience with embedded systems debugging tools.
• Working knowledge of Python and Java for automation, tooling, and/or supporting development.
• Working knowledge of UDS (ISO 14229-1) and ISO/SAE 21434.
• Strong background in automotive cybersecurity regulations, data protection standards, and industry-relevant security protocols (e.g., ISO/SAE 21434, UNECE WP29 R.155/R.156, GDPR, IEEE, IETF, NIST), with a history of applying these in vehicle development contexts.
• Solid understanding of common security vulnerabilities and attack vectors in embedded systems.
• Working knowledge of cryptography fundamentals, including symmetric and asymmetric algorithms, hashing, Public Key Infrastructure (PKI), and X.509 digital certificates.
• Solid understanding of common security vulnerabilities and attack vectors in embedded systems.
• Excellent communication and collaboration skills, with the ability to explain complex security concepts to diverse audiences and work effectively in cross-functional, geographically dispersed teams.
• Demonstrated experience working productively within Jira for task management and project tracking.

Nice To Haves

• Experience with Hardware Security Modules (HSM) and Secure Hardware Extension (SHE) concepts.
• Familiarity with cryptographic libraries and secure boot-related integration patterns.
• Strong background in GitHub-based workflows, including code review practices and CI/CD integration.
• Ability to mentor junior and mid-level engineers while maintaining high individual technical output.
• Experience building automated test strategies for embedded libraries and publishing prebuilt artifacts through CI.

Responsibilities

• Standardized Implementation: Architect and implement production-ready security mitigations within Classic AUTOSAR, proactively collaborating with controller teams to gather requirements and technical constraints and drive a unified, standard implementation across platforms.
• Hands-on Code Production: Maintain a high level of hands-on involvement by writing and reviewing complex embedded code in C and C++, ensuring it meets Ford quality, performance, and maintainability expectations.
• Technical Leadership: Partner with and guide Embedded Security Engineers (GSR) to execute technical roadmaps and deliver robust, reusable software components.
• Deliverables & Reuse: Drive creation of reusable deliverables (source libraries, prebuilt artifacts, and test suites) with clear APIs, versioning strategy, and integration guidance for ECU teams.
• Lifecycle Management: Own the full software development lifecycle (SDLC) for mitigation implementations, from initial design through production support, maintenance, and hardening.
• Standards Alignment: Ensure implementations align with ISO/SAE 21434 cybersecurity engineering needs and incorporate diagnostic/security considerations aligned to UDS (ISO 14229-1); demonstrate familiarity with UNECE R155 expectations.
• Workflow: Use GitHub for version control, pull requests, and code reviews.
• Tooling: Experience with at least 2 of the following AUTOSAR implementation/tool ecosystems: Vector, eTAS, Elektrobit.
• Agile Execution: Manage technical debt, feature backlogs, and sprint planning productively within Jira.
• Cross-Functional Collaboration: Coordinate with systems engineering, validation, and platform teams to enable seamless integration of security controls across a diverse set of ECUs.
• Testing / V&V: Collaborate with Verification & Validation teams to develop and execute security focused test plans to ensure robust, secure solutions

Benefits

• Immediate medical, dental, vision and prescription drug coverage
• Flexible family care days, paid parental leave, new parent ramp-up programs, subsidized back-up childcare and more
• Family building benefits including adoption and surrogacy expense reimbursement, fertility treatments, and more
• Vehicle discount program for employees and family members and management leases
• Tuition assistance
• Established and active employee resource groups
• Paid time off for individual and team community service
• A generous schedule of paid holidays, including the week between Christmas and New Year’s Day
• Paid time off and the option to purchase additional vacation time.