Report this Job
Lead Cyber Security Engineer
Plano, Texas (Hybrid)
Phone+Skype
Job Description:
In this position you will play a pivotal role in shaping the overall cybersecurity posture for Toyota. As a software engineer with the Product Security Team, you will be responsible for leading and developing advanced security tooling for current and forward-model systems throughout Toyota's Connected Car ecosystem.
Job Responsibilities:
Lead and perform development of security test tooling that directly supports the team's validation and verification efforts
Maintain and support several existing projects, improving overall code quality
Design and develop complex software infrastructure to support DevSecOps and automated regression analysis
Engage with other stakeholders in code reviews and audits
Research and stay up to date on new attack vectors, vulnerabilities, and exploitation techniques
Lead and participate in small to large-scale individual and matrix-based groups, initiatives, or mentoring others in technical/functional security areas
Lead and participate in technology security design reviews with the ability to efficiently communicate potential issues and risks
Job Qualifications:
Bachelor's degree (or higher) in Electrical Engineering, Computer Engineering, Computer Science, Cybersecurity or related is strongly desired
Proficient in Python, JavaScript, C and C++ development
Experience with reverse engineering and binary analysis methods and tools (e.g. IDA Pro, Ghidra)
Knowledge of compiler concepts, compilation lifecycle and intermediate products
Knowledge and experience using static and dynamic binary analysis techniques
Ability to handle tasks with significant complexity under minimal supervision requiring a high degree of technical competence
Additional Valued Attributes:
Experience with core security concepts, embedded security best practices (e.g. secure boot, secure debug, secure storage, secure communications) and the secure development lifecycle activities
Experience working with React or Angular is a plus
Experience performing code audit or review efforts
Experience working or leading in Agile development workflow
Experience in designing, developing and debugging embedded security applications is a plus
Familiarity with Automotive and Industry standards and best practices such at ISO-SAE 21434, SAE J3101
Experience in security research, vulnerability generation
Knowledge or experience with binary symbolic analysis and fuzzing frameworks (e.g. angr, BAP, AFL)
Experience with vulnerability analysis using CVSS scoring and CWE types
Experience with vulnerability management process (from proof-of-concept to remediation)
Stellent IT LLC
