Senior Cybersecurity Manager – CSMS

Company Description

CS Group Canada, a subsidiary of CS Group and part of the Sopra Steria group, is a catalyst for functional safety and cybersecurity in companies developing critical embedded technologies (avionics, autonomous driving, transportation electrification). Our clients include original equipment manufacturers (OEMs) and Tier 1 suppliers in the aerospace, automotive, defense, and railway sectors, seeking functional safety (ISO 26262, DO-178C, DO-254, ARP-4761, ARP-4754, EN50128) and cybersecurity (DO-326A, ISO 21434, UN-R155) certifications to bring their technologies to market.

Job Description

Today, we are looking for an Automotive Cybersecurity Engineer to provide high-value expertise and support to our clients. This includes conducting gap analyses, defining action and deployment plans, and offering continuous training at both the process and product levels, in compliance with standards such as ISO/SAE 21434 or IEC 62443 for Industrial Automation and Control Systems (IACS).

Responsibilities:

• Support clients in defining cybersecurity processes to build a Cybersecurity Management System (CSMS) in accordance with UN R155 and/or a Software Update Management System (SUMS) in accordance with UN R156.
• Develop and improve processes/methods.
• Prepare risk analyses in accordance with ISO 21434 (TARA) and IEC 62443 for complex systems, including hardware (HW) and software (SW), to improve design by proposing secure implementations.
• Conduct gap analyses between the client's current development processes and the requirements of applicable cybersecurity standards.
• Perform reviews of processes, tools, and methods to ensure compliance with QMS requirements.
• Act as a coach, providing training and guidance to automotive systems and software development teams to help them achieve their cybersecurity quality objectives.
• Provide guidance on cybersecurity-related testing activities.
• Participate in the development and execution of cybersecurity test plans, including:
  • Penetration testing
  • Fuzz testing
  • Vulnerability analysis
• Participate in technical discussions in support of business development efforts.

Qualifications

• Bachelor's or Master's degree in Cybersecurity or related fields
• Minimum of 3 years of experience in systems engineering in industries such as automotive, aerospace, medical, or nuclear
• Knowledge of cybersecurity standards such as J3061, ISO 21434, IEC 62443, or other similar standards
• Experience in a role requiring strong understanding of hardware, embedded software, and a system-level perspective
• Experience with the full V-model development lifecycle for systems, hardware, or software (requirements, design, implementation, verification, and testing)
• Familiarity with QMS / ASPICE, and ideally ISO 26262 (not necessarily an expert, but a solid grasp of the concepts)
• Knowledge of OT/IT environments
• Knowledge and experience in system and software testing in the context of cybersecurity threats
• Curious, autonomous, proactive, and able to find innovative solutions and trade-offs
• Excellent communication skills

Additional Information

Only selected candidates will be contacted.

Job Type: Full-time, Permanent

CS Group Canada values workplace diversity and encourages women, visible and ethnic minorities, Indigenous people, and individuals with disabilities to apply.

Benefits:

• Hybrid work model
• Comprehensive health, dental, and vision insurance
• Access to telemedicine services
• RRSP program
• Personal and sick leave
• Recreation room with pool table and foosball
• Free on-site gym access

All your information will remain confidential in accordance with EEO guidelines.

Inclusive and committed employer, our company works every day to combat all forms of discrimination and promote a respectful working environment. That's why, committed to gender diversity and overall inclusivity, we encourage all applications and profiles.