Product Cybersecurity Risk Analyst within Vehicle Connectivity
Posted on Oct 15, 2020 by eTeam Inc.
Job Title: Product Cybersecurity Risk Analyst within Vehicle Connectivity
Location: Gothenburg, Sweden
Type: Contract role
As a Product Cybersecurity Risk Analyst, we need you to assume the primary responsibility of leading and organizing work with risk identification and analysis - Threat analysis and Risk assessment (automotive TARA) - for our current, future, and Legacy products.
You will need to be able to:
- Gather relevant information regarding the concept area.
- Analyse the concept area to identify and quantify risks using the TARA methodology.
- Document the identified risks in a coherent and accessible manner and be confident in communicating them with risk owners and to risk governance forums.
- Collaborate with your cyber security colleagues to define high-level security requirements and goals.
As our dedicated SME for risk identification and analysis, you will also play an active role in the research of new Methods and Tools to further improve and streamline risk management activities.
This is you:
- This role requires a comprehensive understanding of cyber security principles, threat modelling, and the attacker' mindset. Though it is desirable, prior automotive industry experience is not essential for this role, but prior experience working with cyber security is.
- It is important that you are self-motivated, and good at prioritizing and planning your work. Good networking- and communication skills are essential.
You must be able to:
- Source and determine information relevant to the concept under evaluation.
- Use your cyber security knowledge and attacker mindset to analyse complex systems to identify and quantify risks.
- Create pedagogical overviews to highlight important details for stakeholders of varying technical knowledge.
- Tailor reports to appropriate audiences (ie technical vs. non-technical staff).
- Knowledge of core cyber security principles and properties for system-level design.
- B.Sc. or M.Sc. degree in a relevant field, eg information security, cyber security, systems engineering or equivalent experience.
- 3+ years of working experience from an information security, or product cyber security related discipline (ie within IoT, Healthcare, Industrial controls, defence, etc.).
- Experience with cyber security threat modelling methods/tools.
- Good networking and communication skills with the ability to present and persuade appropriately.
- Fluent communication in English (written and verbal).
- It is meritorious for you to have one or more of the following skills:
- Experience working with cyber security risk management frameworks/methods.
- Experience from the Automotive industry
- Language skills in Swedish.