Manager - Connected Vehicle Cybersecurity

About The Position

Requirements

• Bachelor’s degree in Computer Science, Electrical Engineering, Cybersecurity, or related field.
• 8+ years in automotive cybersecurity, embedded security, telecom security, or cloud security.
• Demonstrated hands-on experience with: Connected ECUs ( TCU, IVI, connectivity modules ) PKI / certificate management systems Secure communication protocols ( TLS, IPsec, DoIP, CAN security )
• Proven people leadership experience (team lead, engineering manager, or equivalent).

Nice To Haves

• Experience implementing ISO/SAE 21434 -compliant development processes.
• Familiarity with UNECE R155/R156 regulatory expectations.
• Experience with: HSM -based key storage Secure provisioning at manufacturing OTA security architecture Telecom security ( eSIM , carrier integration) Cloud-native security controls (IAM, zero trust, API security )
• Strong understanding of threat modeling ( TARA ), penetration testing, and red-team findings in automotive.
• Experience working in a global OEM or Tier-1 environment.

Responsibilities

• Lead, grow, and mentor the Connected Vehicle Security engineering team.
• Drive hiring strategy, capability development, and performance management.
• Build deep technical expertise in embedded, telecom, and cloud security within the team.
• Foster a security-by-design culture across vehicle programs.
• Define and maintain security architecture for: Connected ECUs (telematics control units, infotainment systems, connectivity SoCs) ADAS systems, CLM design Vehicle-to-cloud communications Backend services communicating with vehicles including CLM, IAM, APIs, and OTA
• Establish and maintain security requirements aligned to: ISO/SAE 21434 UNECE WP.29 R155 / UNECE WP.29 R156
• Own threat modeling (TARA) and risk treatment decisions for connected systems.
• Define cryptographic architecture (PKI, key hierarchy, provisioning, rotation, revocation).
• Oversee the design and deployment of security controls including: Secure boot & hardware root of trust (HSM / TPM-based). Firmware signing & OTA protection. OS hardening (Linux/QNX/Android-based IVI platforms). TLS/mTLS implementation for vehicle-to-cloud communication. Token-based authentication & OAuth flows. Certificate Lifecycle Management (development, provisioning, renewal, revocation, backend trust anchors, etc.) Secure API gateways and backend authentication services. Secure telecom integration (eSIM, 4G/5G, V2X security).
• Govern cybersecurity engagement across connected vehicle programs: Security intake Architecture reviews Design assessments Penetration testing reviews Security sign-off gates
• Track and manage: Cybersecurity risks Deviations and compensating controls Open vulnerabilities
• Ensure traceability from cybersecurity requirements to validation artifacts.
• Support CSMS evidence generation and audit readiness.
• Provide leadership oversight for vulnerability management across: In-vehicle connectivity stacks Mobile integrations
• Coordinate incident response with enterprise security teams.
• Define connected vehicle patching and remediation strategy.
• Support external researcher engagement and responsible disclosure handling.
• Communicate security strategy, trade-offs, and risk posture to senior leadership.
• Translate technical risk into business impact.
• Provide security health metrics for connected platforms.
• Represent Connected Vehicle Security in executive and regulatory reviews.