Leads design and implementation of cybersecurity architectures for automotive systems, ensuring compliance with ISO/SAE 21434 and UN R155/156 standards. Requires 7+ years in embedded automotive security, systems programming in C/C++/Rust, and threat analysis expertise.
197k – 292k/yr
On-site7+ YOESecurity Engineering
About the role
Responsibilities
Develop cybersecurity architectures compliant with ISO/SAE 21434 engineering requirements and UN R155 Cybersecurity Management System (CSMS) mandates across all vehicle lifecycle phases (concept, development, production, operation, decommissioning)
Implement UN R156-compliant Software Update Management Systems (SUMS) with secure OTA update mechanisms, cryptographic verification, and version control for automotive ECUs
Conduct threat analysis and risk assessments (TARA) per ISO 21434 Annex C requirements, addressing 69 attack vectors identified in UN R155 Annex 5
Design hardware-rooted security controls for automotive SoCs including secure boot, hardware security modules (HSM), and TEE implementations
Collaborate with suppliers to ensure Tier 1/Tier 2 component security meets ISO 21434 supply chain requirements and UN R155 post-production obligations
Develop automotive-specific security requirements for AI/ML systems in autonomous driving platforms, addressing model integrity and adversarial attack prevention
Requirements
7+ years of hands-on experience designing and deploying security solutions for embedded automotive systems, with proven expertise in:
Automotive communication protocol security (CAN bus hardening, Ethernet intrusion detection)
Cryptographic engineering for resource-constrained environments (ECC optimization, post-quantum crypto prototyping)
Proficiency in automotive security toolchains:
Embedded debug tools (JTAG, UART, Trace32)
Vehicle network analysis (Vector CANoe, Wireshark dissectors for SOME/IP)
ECU flashing and diagnostic tools (ODX/PDX scripting, UDS exploit development)
Strong systems programming skills in C/C++/Rust for bare-metal and RTOS environments, with experience in:
Secure over-the-air update implementations
Real-time intrusion detection systems for vehicle networks
Demonstrated ability to lead technical security initiatives, including:
Threat modeling for complex automotive architectures
Security code reviews for safety-critical embedded software
Mentoring junior engineers in secure coding practices
Familiarity with automotive development workflows: AUTOSAR Classic/Adaptive security components
Nice to have
Contributions to open-source automotive security projects (e.g., OpenXC, SavvyCAN)
Experience with autonomous vehicle sensor security (LiDAR/Camera spoofing countermeasures)
Background in hardware security evaluation (glitching, fault injection, TEMPEST)
Development of vehicle-specific penetration testing rigs (CAN bus injectors, ECU emulators)
Public research on automotive vulnerabilities (CVEs, conference presentations, whitepapers)
Secure boot implementation and hardware-rooted trust chains (HSM provisioning, TEE architectures)
Reverse engineering and vulnerability research on automotive firmware (ARM Cortex-M/R, QNX, AUTOSAR)
Experience with hardware security module integration
Familiarity with CI/CD pipelines for ECU software with SBOM generation
Familiarity with Hardware-in-the-loop (HIL) security testing
Compensation
Base salary range: $197,400 - $292,393 USD annually (full-time position)
Senior individual contributor driving technology risk posture across security, infrastructure, and IT. Owns the Technology Risk Register, leads SOX ITGC compliance, and partners with engineering and security teams on remediation in a regulated healthcare environment.
Senior backend engineer to own and scale enforcement infrastructure processing millions of safety decisions daily. Requires 4+ years experience building distributed systems in Python on GCP with PostgreSQL, Redis, and gRPC.
196k – 221k/yr
On-site4+ YOESecurity Engineering
Senior Security Engineer, Enterprise Security
DiscordSan Francisco, CA
Senior Security Engineer implements and maintains enterprise security measures, focusing on data protection, zero-trust architecture, IAM systems, and endpoint management. Requires 3+ years in enterprise security and programming experience (Python, Go, Rust).
196k – 221k/yr
Hybrid3+ YOESecurity Engineering
Senior Security Engineer
OrbSan Francisco, CA
First dedicated Security Engineer owning application, infrastructure, and identity security for Orb's AWS-based revenue platform. Requires 5+ years in security or software engineering with depth in cloud security, IAM, and structural controls; partners with Adyen's security team.
195k – 265k/yr
Hybrid5+ YOESecurity Engineering
Senior Security Engineer, Offensive Security
DatadogNew York, NY
Senior Security Engineer executing sophisticated red team operations, building custom offensive tooling, and applying AI/automation to scale adversary simulations across cloud and Kubernetes environments.