REQ ID: 124135
JOB TITLE: Cyber Security Penetration Test Engineer
SALARY: £51,728 - £66,000

POSTING START DATE: 15/10/2024
POSTING END DATE: 22/10/2024

LOCATION: Gaydon
 
We’re re-examining our vehicles and what a vehicle means in the emerging world of automation, connectedness, electrification and the shared economy. New ideas, new technology, and new approaches to mobility are our business. Join a team of next generation thinkers.

WHAT TO EXPECT

Cyber Security is a fast paced and dynamic area within the Automotive Industry. You will be an elemental part of the Product Engineering teams delivering JLR products in a secure way always looking at improving the Cyber Security posture and responding to emergent threats.

As a Cyber Security Penetration Test Engineer, you will be responsible for developing the Cyber Security Penetration test lab, creating and reviewing penetration test scopes, penetration test plans and penetration test report, execute penetration test and support the creation of vulnerabilities and the related CSMS artefacts. You will support the Product Engineering teams to understand and support you to deliver the penetration test related activities.  

Key Accountabilities and Responsibilities:

•    Manage the delivery of penetration test activities as per CSMS (ISO 21434) according to scope, time, budget and quality and build/ review Vulnerability reports.

•    Create penetration test scopes and plans for ECUs, systems and vehicles and review pen test reports for ECUs, systems and vehicles.

•    Assess Cyber Security Penetration test scopes and plans for JLR products and run penetration test as per penetration test scope for ECUs, systems and vehicles.

•    Manage and lead external penetration test suppliers and their activities and maintain and develop pen test scripts and tools for pen test and fuzz test.

•    Support external penetration test activities for ECUs, systems and vehicles, support Vulnerabilities resolution; and VSOC if required to demonstrate vulnerabilities, attacks, PoCs and support the sign off of the Pen test relevant artefact and type approval activities.

WHAT YOU’LL NEED

•    You will have knowledge of any scripting language, including Python, CAPL and others; knowledge of TARA, security concepts and other Cyber security artefacts mentioned in ISO 21434 and of Cyber Security technologies used to protect embedded systems.

•    Knowledge of, at least one or more of the automotive technologies: in-vehicle networks, safety critical embedded SW and HW, complex onboard computers, vehicle connectivity, etc.

•    Understanding of high integrity systems, and secure software and / or hardware design principles, in an embedded environment.

•    Ability to engineer in a way that is demonstrably compliant with standards and technical specifications excellent collaborative skills.
 

SO WHY US?

Bring all this to the home of premium innovation, and you’ll find the opportunities to further your career with a world-class team, a discounted car purchase and lease scheme for you and your family, membership of a competitive pension plan and performance related bonus scheme. All this and more makes JLR the perfect place to continue your journey.

This role may offer the opportunity for hybrid working where you can split your time between working from home and in the office. At JLR, hybrid working is a voluntary, non-contractual arrangement providing employees with more choice and flexibility around how, when and where they work, if suitable for their role. Further details can be discussed with the Hiring Manager at interview stage. 

JLR is committed to equal opportunity for all.