Cybersecurity Research Engineer

Auto Req ID:
Job Title:
Cybersecurity Research Engineer
Ford Motor Company

Job Description
Ford’s Research and Advanced Engineering organization is broadening its core competency within the area of Embedded Cyber Security in the automotive environment. We are both researching and reviewing new enterprise-wide features and technologies, as well as providing frameworks, processes and tools to help the research.

Technology is advancing, connection mechanisms are growing, and consumers and hackers are becoming more sophisticated. With increasing networking between modules and access points into the vehicle, the attack surface has increased thereby opening up new potential vulnerabilities. Automobiles are no longer mere mechanical devices but are controlled by dozens of digital computers coordinated by internal networks. While all this technology has allowed for better personalized experiences, seamless integration into a person’s lifestyle, differential services, predictive diagnostics and safer driving conditions, the increase in complexity drives the need for advanced security and data solutions.

We are exploring the role of advanced embedded computing platforms, coupled with cloud-based services, to deliver applications which will redefine the experience of owning, maintaining, driving and interacting with Ford Motor Company vehicles. Security needs to be built into each of these growing technologies.

The ideal candidate will have outstanding security design analytical skills and the ability to work in a fast-paced, collaborative environment. We are looking for exceptionally creative, motivated and talented Cyber Security engineers to join our team to evaluate and develop advanced features, toolkits and consult on security related architectures. We collaborate extensively within Ford and with external partners, thus we require exceptional communication and collaborative skills.

Work tasks span from the early research and development stages of ideation, experience and use case development, through development of Proof-of-Concept solutions, vehicle integration and finally delivery of features and processes to the Product Development organization.

Job Responsibilities:

  • Research and develop concepts around related Cyber Security incidents reported in industry and research organizations.
  • Understand the exploit and report back findings so new requirements, testing or processes can be updated to avoid future risk. Storyboards, use cases, proof-of-concept demonstrations, specifications and requirements development experience
  • Development and maintenance of tools (e.g. Fuzzing) for use in internal vehicle penetration or vulnerability testing
  • Threat Analysis and Risk Assessment tool/modeling
  • Lead technology and security feature projects. Deliver to internal customers.
  • Actively ideate and invent new security techniques or countermeasures for in-vehicle products
  • Perform competitive analyses and maintain knowledge of emerging technologies in both the automotive and consumer electronics field
  • Develop security roadmap (near-term, mid-term and long-term focus) as it relates to Security and Safety Features
  • Actively work with Security Partners, Research and Government for information sharing, joint project development, and reporting
  • Some travel expected to cover critical Cyber Security Conferences or meet with other non-local team members (e.g. England, Germany or California)

Basic Qualifications:

  • Master’s Degree
  • 3+ years’ academic / professional experience in security, or CISSP certified

Preferred Qualifications:

  • Master or higher degree in Computer Science, Computer Engineering, Electrical Engineering, Cybersecurity highly preferred.
  • Has some experience/knowledge of upcoming embedded module security design and knowledge of new technologies/features (Car Sharing, Autonomous Vehicle, Third party automotive devices, etc.)
  • Strong written and oral communication skills
  • Experience with writing requirements, test procedures and use case development
  • General understanding of CAN network, Ethernet, firewalls and secure architecture development
  • Knowledge with cryptographic algorithms and protocols
  • Use of IDA Pro, fuzz testers, network analyzer, CAN Network Tools, threat modeling and risk management tools
  • Knowledge with PKI management
  • Experience with Secure Coding Techniques
  • Experience with embedded hardware and software security knowledge
  • Knowledge of digital and wireless communication and familiarity with communication technologies such as TCP/IP, Ethernet, Bluetooth, WiFi, DSRC and CAN
  • Basic interest and knowledge about geographical technologies such as GPS, maps, geofencing and POIs as well as privacy risk associated with these technologies
  • Self-motivated with the ability to manage multiple tasks.
  • A genuine passion for technology, electronics, gadgets, security of internet of things, both on a professional and personal level

The distance between imagination and … creation. It can be measured in years of innovation, or in moments of brilliance. When you join the Ford team discover all the benefits, rewards and development opportunities you’d expect from a diverse global leader. You’ll become part of a team that is already leading the way, with ingenious solutions and attainable products – and it is always ready to go further.

Visa sponsorship may be available for this position.

Ford Motor Company is an equal opportunity employer committed to a culturally diverse workforce. All qualified applicants will receive consideration for employment without regard to race, religion, color, age, sex, national origin, sexual orientation, gender identity, disability status or protected veteran status.