We are looking for motivated and talented weakness and בto integrate our cybersecurity team. This function will be mainly responsible for performing vulnerability assessments and pentests, and will also be involved with audits. After every assessment, the researcher will suggest action plans and work with the development teams to assist them in implementing them in a timely manner.
Principal Duties and Responsibilities
Report to Cybersecurity Software Manager on the overall achievements, issues and necessary short, medium- and long-term objectives
Ensure relationship with other Faurecia audit and quality/assurance teams
Research of new vulnerabilities in areas of CAN, IP and operating system; creating suite of penetration tests
Create penetration test reports in both detailed and executive layouts, present and explain results
Define pentests /audits methodologies and technologies standards, update them according to customer needs, regulations or standards
Perform all pentests, either on specific components being developed, or on the overall solution prior to delivering it to customers. Identify the appropriate level of original knowledge and depth (eg: white, grey or black box)
Present the results of the pentests performed, explain the related risks and suggest appropriate action plans. Adapt the level of vulgarization to the audience
Assist in the performance of audits, prepare and present the results
Follow up at necessary frequency on the status of implementation of the defined and validated action plans
The ideal candidate will have/be:
Education and experience
Bachelor’s degree in Computer Science, electrical engineering or Computer Engineering – advantage
5 plus years of commercial experience in offensive weakness and pentest research, audit is a plus
Offensive experience from military service is a plus
Automotive weakness research background – big plus
Experience in a multinational company is a plus
Key technical competencies – Experienced / familiar with:
Mobile / Automotive Hardware / Software secure architecture o Embedded Linux or Android environments o Networking technologies and protocols (Ethernet required; CAN is a plus)