ASPICE Cybersecurity Engineer (ISO/SAE 21434)

CS Group Canada, a subsidiary of CS Group, a company within the Sopra Steria Group, is an accelerator of Functional Safety and Cybersecurity for companies developing critical embedded technologies (Avionics, Autonomous Driving, Transport Electrification). Our clients are OEMs and Tier 1 suppliers in the aerospace, automotive, defense, and rail sectors, seeking to obtain Functional Safety (ISO 26262, DO-178C, DO-254, ARP-4761, ARP-4754, EN50128) and cybersecurity certifications (DO-326A, ISO 21434, UN-R155) to market their technologies.

Today, we are looking for a Automotive SPICE Cybersecurity Engineer to provide training, deployment plans, coaching and expertise services to companies regarding the cyber security standards applicable to their domain, such as ISO 21434 for automotive or IEC 62443 for IACS.

Responsibilities:

• Experience in developing cybersecurity frameworks and cybersecurity management systems (CSMS), as per UN R155
• As a coach, provide training and guidance to the automotive system & software development teams to reach their quality targets and apply their competences into the processes/methods development and improvement.
• Perform gap analysis regarding the client current development process and the applicable cybersecurity standard requirements.
• Conduct reviews of processes, tools and methods to ensure compliance with QMS & ASPICE requirements.
• Prepare risk analysis in accordance with ISO 21434 (TARA), IEC 62443, for complex systems, HW and SW in view of improving the design proposing secure implementations (Optional)
• Participate in technical discussion as part of business development efforts.
• Give guidance on how to perform cybersecurity testing related activities.
• Participate in the elaboration of test plans and their execution for cybersecurity aspects such as but not limited to:
  • Penetration testing
  • Fuzz testing
  • Vulnerability Analysis

• Bachelor or Master’s degree in Cybersecurity and relevant disciplines
• Minimum of 3 years experience in systems engineering in domains such as automotive, aerospace, medical, nuclear.
• Experienced on ASPICE / QMS with strong knowledge on Cybersecurity. 
• Knowledge of the J3061 and ISO21434, IEC 62443 or other similar cybersecurity standards
• Experience in a position requiring excellent understanding of hardware and embedded software as well as the larger system picture.
• Full system, hardware, or software V development lifecycle and ASPICE experience (requirements, design, implementation, verification, and testing).
• Knowledge of implementing cybersecurity solution in embedded system such as HSM, secure boot, secure diagnostic, secure on-board communication and secure end-to-end architecture and secure OTA update (according to UN R156 SUMS)
• Knowledge and experience in testing system and software in the context of cybersecurity threats
• Curiosity, autonomy, pro-activity and ability to find innovative solutions and compromises.
• Strong communication skills

Assets:

• Knowledge of security tool such as ANSYS Medini, Itemis
• Knowledge and experience in Functional Safety and its respective standards such as ISO 26262, IEC 61508
• Knowledge of project management and productivity tools such as MS Office, Jira

Candidates must be located in North America and eligible to work in Canada.

Please note that only successful applicants will be contacted.

CS Group Canada values diversity in the workplace and encourages women, visible minorities, ethnic minorities, aboriginal people and people with disabilities to apply.

Benefits:

• Hybrid work.
• Advanced medical, dental and vision insurance.
• Access to a telemedicine service.
• RRSP program.
• Personal and sick leave.
• Recreation room with pool table and table soccer.

All your information will be kept confidential in accordance with EEO guidelines.

Inclusive and committed employer, our company works every day to combat all forms of discrimination and promote a respectful working environment. That's why, committed to gender diversity and overall inclusivity, we encourage all applications and profiles.