Senior Cybersecurity Expert – CSMS

Company Description

CS Group Canada, a subsidiary of CS Group and part of the Sopra Steria group, is a catalyst for functional safety and cybersecurity in companies developing critical embedded technologies (avionics, autonomous driving, transportation electrification). Our clients include original equipment manufacturers (OEMs) and Tier 1 suppliers in the aerospace, automotive, defense, and railway sectors, seeking functional safety (ISO 26262, DO-178C, DO-254, ARP-4761, ARP-4754, EN50128) and cybersecurity (DO-326A, ISO 21434, UN-R155) certifications to bring their technologies to market.

Job Description

Today, we are looking for an Automotive Cybersecurity Engineer to provide high-value expertise and support to our clients. This role involves conducting gap analyses, defining action and deployment plans, and delivering continuous training on both process and product levels, in compliance with standards such as ISO/SAE 21434 or IEC 62443 for Industrial Automation and Control Systems (IACS).

Responsibilities:

• Assist clients in defining cybersecurity processes to establish a Cybersecurity Management System (CSMS) in accordance with UN R155 and/or a Software Update Management System (SUMS) in line with UN R156.
• Develop and improve cybersecurity processes and methodologies.
• Prepare risk analyses in compliance with ISO 21434 (TARA), IEC 62443, for complex systems, both hardware (HW) and software (SW), to enhance design by proposing secure implementations.
• Conduct gap analyses between the client’s current development process and applicable cybersecurity standards.
• Perform process, tool, and method reviews to ensure compliance with QMS requirements.
• Act as a coach, providing training and guidance to automotive systems and software development teams to help them achieve cybersecurity quality objectives.
• Provide guidance on cybersecurity-related testing activities, including:
  • Penetration testing
  • Fuzz testing
  • Vulnerability analysis
• Participate in the development and execution of cybersecurity test plans.
• Engage in technical discussions to support business development efforts.

Qualifications

• Bachelor’s or Master’s degree in cybersecurity or a related field.
• Minimum 3 years of experience in systems engineering within industries such as automotive, aerospace, medical, or nuclear.
• Knowledge of J3061, ISO 21434, IEC 62443, or other similar cybersecurity standards.
• Experience in a role requiring a strong understanding of hardware, embedded software, and overall system architecture.
• Experience with the full V-cycle development process for systems, hardware, or software (requirements, design, implementation, verification, and testing).
• Knowledge of cybersecurity solutions for embedded systems, including:
  • HSM (Hardware Security Module)
  • Secure boot
  • Secure diagnostics
  • Secure in-vehicle communication
  • End-to-end secure architecture
  • Secure OTA updates (UN R156 SUMS)
• Familiarity with system and software testing in the context of cybersecurity threats.
• Curiosity, autonomy, proactivity, and the ability to find innovative solutions and compromises.
• Excellent communication skills.

Additional Information

Only selected candidates will be contacted.

Job Type: Full-time, Permanent

CS Group Canada values workplace diversity and encourages women, visible and ethnic minorities, Indigenous people, and individuals with disabilities to apply.

Benefits:

• Hybrid work model
• Comprehensive health, dental, and vision insurance
• Access to telemedicine services
• RRSP program
• Personal and sick leave
• Recreation room with pool table and foosball
• Free on-site gym access

All your information will remain confidential in accordance with EEO guidelines.

Inclusive and committed employer, our company works every day to combat all forms of discrimination and promote a respectful working environment. That's why, committed to gender diversity and overall inclusivity, we encourage all applications and profiles.