Senior Automotive Cybersecurity Specialist

BMW Group•Woodcliff Lake, NJ

15d•$62,500 - $125,000•Hybrid

About The Position

As an independent group of companies, the BMW Group has a commitment to creativity and breakthrough ideas that goes well beyond the racetrack. In order to continuously create ultimate driving machines, we drive our growth and design excellence by staffing our teams with individuals who are innovative and always looking for the next great idea. If you share our vision and view yourself as an independent, creative thinker, we invite you to join our team in this exceptional role located in Woodcliff Lake, NJ. Responsibility and Authority: Oversees standards, methods, processes, and implementation of vulnerability and incident management for all E/E systems in the US (in coordination with Munich), with authority to order mitigation, lead incident treatment, escalate non-compliance, and schedule security audits. Budget and Resource Management: Manages budget (aligned with Munich/BMW NA) for environmental, vulnerability, and incident analyses, including external tools and test support. Incident and Vulnerability Handling: Authorized to implement immediate measures for critical incidents impacting vehicle fleet/customers and coordinate mitigation with relevant departments and CoCs. Development and Regulatory Compliance: Prepares release recommendations for cybersecurity focus areas to achieve regulatory development goals. Technology and Threat Monitoring: Conducts technology scouting and monitors hacker activities/threat scenarios in the US, integrating findings into automotive security processes and threat intelligence. Awareness and Collaboration: Supports industrialization of new security approaches, co-develops incident management scope with Munich, and promotes automotive security awareness in junior programs, dealerships, and technicians.

Requirements

Master’s degree in computer science or electrical engineering, preferred post-grad education/PhD.
3 – 5 years of professional experience in the field of (IT) security.
Knowledge in the areas of specialization specified above or adequate training/experience.
Extensive practical experience in project management.
Knowledge in the field of "ethical hacking" in particular in embedded and automotive-specific protocol areas, of (wireless) communication protocols with IoT or smartphone devices, and backend as well as electronics, software development and reverse engineering.
Broad knowledge of components, procedures and specialist processes in the ProEV.
Comprehensive understanding of strategic positions, overall vehicle, information (protection), security and data protection contexts.

Nice To Haves

BMW experience appreciated.

Responsibilities

Oversees standards, methods, processes, and implementation of vulnerability and incident management for all E/E systems in the US (in coordination with Munich), with authority to order mitigation, lead incident treatment, escalate non-compliance, and schedule security audits.
Manages budget (aligned with Munich/BMW NA) for environmental, vulnerability, and incident analyses, including external tools and test support.
Authorized to implement immediate measures for critical incidents impacting vehicle fleet/customers and coordinate mitigation with relevant departments and CoCs.
Prepares release recommendations for cybersecurity focus areas to achieve regulatory development goals.
Conducts technology scouting and monitors hacker activities/threat scenarios in the US, integrating findings into automotive security processes and threat intelligence.
Supports industrialization of new security approaches, co-develops incident management scope with Munich, and promotes automotive security awareness in junior programs, dealerships, and technicians.