Product Cybersecurity Incident Response - Specialist

Scania is transforming from being a leading supplier of trucks, buses, and engines to offering complete and sustainable transport solutions. We are looking to expand our incident response team within product cybersecurity, a position located within research and development.

Role Overview

Join Scania’s PSIRT (Product Security Incident Response Team) and be part of a fresh team of specialists. You'll work with your colleagues to tackle cybersecurity issues and protect our customers from potential threats. Your role will involve proactive and reactive measures to secure Scania’s trucks, buses, and other products. As part of R&D and Industrial Operations, you'll get a broad view of our IoT platforms and products.

You will collaborate closely with Scania’s VSOC (Vehicle Security Operations Center), ESOC (Enterprise Security Operations Center), cybersecurity testing teams, platform architects, and security experts.

What you will do

• Analyse security incidents to determine their impact on the products or services, and coordinate incident response
• Analyse vulnerabilities and handle disclosures (CVE, CPE, CVSS, etc)
• Conduct forensics into security incidents to identify the source of the problem and recommend solutions to prevent similar incidents from occurring in the future
• Collaborate with cross-functional teams, including product development, engineering, and legal, to ensure that security incidents are handled appropriately and effectively
• Communicate with internal and external stakeholders about security incidents, providing updates and information about the company's response
• Develop and maintain incident response playbooks and standard operating procedures to ensure that security incidents are handled consistently and efficiently
• Participate in internal and third-party audits to ensure compliance with ISO21434 and UNECE R155

The skills you bring

You are a team player, dedicated to long-term enhancement efforts, yet capable of making swift decisions.

We are looking for candidates who :

• Bachelor's or Master's degree in engineering or similar technical field or equivalent work experience
• Strong technical background with experience in automotive, Cybersecurity, or Security Operations Center
• Advanced analysis and problem-solving skills
• Good communication skills, both written and verbal
• Experience working with automotive cybersecurity is a plus

Good to have

• Security certifications such as GIAC, CompTIA Security+, OSCP, CISM, or CISSP
• Active involvement and contribution to the global security community (e.g., FIRST, TI/TF-CSIRT)

As a person, you are communicative and good at collaborating. You are structured, and have the ability to set and keep deadlines, as well as show good judgment under time pressure. You feel comfortable describing your work and findings to the team and stakeholders.

About Us

We are a dynamic team of experts working at the forefront of innovation in connected vehicles, our mission is to ensure they remain safe, secure, and resilient in the face of evolving cybersecurity threats. We operate with integrity, and with dedication to our core values.  

If you are ready to take your career to the next level and contribute to the cybersecurity of the new generation of vehicles, we want to hear from you. 

What Scania Offers

Scania provides a dynamic and flexible workplace with hybrid work options, including Scania Sergel and Midway hubs. Benefits include:

• Training at the health center Gröndal or wellness allowance
• Performance bonus
• Flexible working hours
• Company car leasing
• Events for employees and their families
• Direct access to Södertälje via Scania Job express buses for Stockholm residents

Application

Please submit your CV and any relevant certificates. The application deadline is 2025-03-24, and screening will take place on an ongoing basis. Logical and personality tests may be used as part of the selection process, and a background check may be required.

For more information, contact Jenny Holmqvist, Manager, Cybersecurity Monitoring and Incident Response, at +46(0)8 553 817 54.