Product Cybersecurity Engineer

Company Description

CS Group Canada, a subsidiary of CS Group and part of the Sopra Steria group, is a catalyst for functional safety and cybersecurity in companies developing critical embedded technologies (avionics, autonomous driving, transportation electrification). Our clients include original equipment manufacturers (OEMs) and Tier 1 suppliers in the aerospace, automotive, defense, and railway sectors, seeking functional safety (ISO 26262, DO-178C, DO-254, ARP-4761, ARP-4754, EN50128) and cybersecurity (DO-326A, ISO 21434, UN-R155) certifications to bring their technologies to market.

Job Description

We are looking for a Product Cybersecurity Engineer specializing in embedded systems to provide expertise and support to our automotive clients. This role involves analyzing architectures, identifying product vulnerabilities, and proposing action plans based on cybersecurity requirements in compliance with ISO/SAE 21434 and ISO 62443.

Responsibilities:

• Provide cybersecurity guidance and support system and software teams in product development.
• Conduct and perform Threat Analysis & Risk Assessment (TARA) according to ISO 21434.
• Analyze the architecture of complex systems, both hardware (HW) and software (SW), to enhance design by proposing secure implementations.
• Review and validate ISO 21434 work products (WP) reports.
• Perform gap analyses between the client’s current development process and applicable cybersecurity standards (UN R155, ISO 21434, UN R156, etc.).
• Provide guidance on cybersecurity-related testing activities.
• Contribute to the development and execution of cybersecurity test plans, including:
  • Penetration testing
  • Fuzz testing
  • Vulnerability analysis

Qualifications

• Minimum 3 years of experience in systems engineering within industries such as automotive, aerospace, medical, or nuclear.
• Knowledge of J3061, ISO 21434, IEC 62443, or other similar cybersecurity standards.
• Experience in product development (both system and software).
• Exposure to ISO 26262 and ASPICE.
• Understanding of cybersecurity solutions implementation in embedded systems, including:
  • HSM (Hardware Security Module)
  • Secure boot
  • Secure diagnostics
  • Secure in-vehicle communication
  • End-to-end secure architecture
• Experience with system and software testing in the context of cybersecurity threats.
• Curious, autonomous, proactive, and capable of finding innovative solutions and compromises.
• Excellent communication skills

Additional Information

Only selected candidates will be contacted.

Job Type: Full-time, Permanent

CS Group Canada values workplace diversity and encourages women, visible and ethnic minorities, Indigenous people, and individuals with disabilities to apply.

Benefits:

• Hybrid work model
• Comprehensive health, dental, and vision insurance
• Access to telemedicine services
• RRSP program
• Personal and sick leave
• Recreation room with pool table and foosball
• Free on-site gym access

All your information will remain confidential in accordance with EEO guidelines.

Inclusive and committed employer, our company works every day to combat all forms of discrimination and promote a respectful working environment. That's why, committed to gender diversity and overall inclusivity, we encourage all applications and profiles.