AtMagna, our groups work together to deliver advancements in mobility to build a better world for everyone and everything. Magnas ADAS technologies are shaping an autonomous future and improving lives.Full autonomy is coming. But to create the technology which will bring it into view, you need the desire and ability to adapt complete ADAS systems or modular solutions to any vehicle, for any mobility need.Magnas electronicssolutions connect OEMs to their customers with features that improve their lives. Its our expertise across the entire vehicle, key strategic partnerships and culture of innovation that allow us to make our industry-leading technologies road-ready. And it is how well continue to build a safer, smarter and more connected mobility experience for all people.What You Can Expect
- Act as a Cyber Security Incident Handler and being part of Magna's "PSIRT" team.
- This team monitors and proactively responds to any cyber threat which impacts or might impact Magna automotive embedded products, to prevent or minimize potential safety, operational, financial, or privacy risks.
- Coordinate product related cyber security information e.g. vulnerabilities, incidents over their entire life cycle.
- Maintain and continuously improve the global cyber security database.
What you'll do?Deliverables
- managing interaction with development and operational teams;
- create and maintain cyber security tickets by respecting urgency, severity and confidentiality;
- coordonate and support internal teams during the vulnerability life cycle process;
- create and manage reports;
- maintain and continously improve cyber security database.
Core Responsabilities And Activities
- responsible for executing active monitoring of potential product security issues (intern and extern e.g. CVE databases, use scanning tools);
- create and manage cyber security incident, vulnerability;
- ensure that security issues are probably solved by respecting the related processes for product security handling;
- coordinate security issues activities insides Magna and support product area during the vulnerability and incident life cycle process;
- manage metrics and monitor KPI´s incl. the entire product portfolio;
- create report for different stakeholders (customer, management, product area);
- responsible to maintain and improve security database;
- act as point of contact for internal stakeholder and customer, supplier, Auto-ISAC
- share cyber security risks and lessons learned inside Magna;
- being UpToDate to cyber security trends, threats, tools and technics.
What you'll bring?Behavioral CompetenciesAnalytical skills:Strong skills in managing data, KPI´s. Analyze and prioritize incoming security information, prepare the basis for decision-making;Communication skills: Incident handler should be able to communicate with executives, developers, suppliers, customers in an efficient way. Leading communication;Organizational skills:Organizational skills are vital to the success of effective security issue handling over entire product life cycle and for respecting time criticality.Functional Competences
- basic cyber security knowledge;
- basic automotive process knowledge;
- advanced resource constraint embedded system know-how;
- advanced managing data and reporting skills.
Personal Characteristics Enabling Success
- good communication and networking capabilities;
- be pro-active;
- enjoy to manage data and KPI's.
EducationYou're holder of a Bachelor´s or Master´s degree in Information Assurance, Computer Science, Cybersecurity/Cyber Policy, Information Systems or related field of study or equivalent work experience.Previous Experience
- 5+ years of automotive industry and embedded SW development;
- skills in working with databases and tools (e.g. Codebeamer, Excel);
- skills in issue and risk management.
It Is a Plus
- confident knowledge in the use of ISO 21434, UN-ECE R155 in the context of embedded systems development;
- risk management (e.g. TARA, CVSS).
- business fluent in English is mandatory;
- further language is an advantage.
What We Offer
- Flexible working hours and remote work
- Health programs, sports and team events
- An extensive training program and exciting internal development opportunities
- Meal allowance
- Communications Skills
- Cybersecurity Solutions
- Data Security