Secure System Designer
About the Role
We are seeking a highly skilled and experienced Cybersecurity Consultant to join our team. As a Cybersecurity Consultant, you will be responsible for participating in system design meetings to assess cybersecurity risks and identify necessary tasks.
You will collaborate regularly with Enterprise Architects to develop or revise systems in alignment with IT standards.
Conducting Threat Analysis and Risk Assessment (TARA) for systems and producing comprehensive reports is also a key aspect of this role.
Key Responsibilities:
* Participate in system design meetings to assess cybersecurity risks and identify necessary tasks; record and share meeting minutes.
* Collaborate regularly with Enterprise Architects to develop or revise systems in alignment with IT standards.
* Conduct Threat Analysis and Risk Assessment (TARA) for systems and produce comprehensive reports.
* Define cybersecurity mitigations and convert them into actionable items for development teams.
* Design, assign, and perform mitigation tests; collect and consolidate test evidence.
* Validate the implementation of mitigations, identify any residual risks, and document them accordingly.
* Review cybersecurity documentation related to applications or systems in collaboration with relevant Cyber Security teams.
* Evaluate system vulnerabilities by severity, relevance, and origin (e.g., cloud images vs. application libraries) and communicate findings to development teams.
* Independently plan and organize tasks. Provide regular updates on activities, achievements, risks, and issues to the Team Lead and/or Manager.
* Identify systems subject to cybersecurity regulations (e.g., UN ECE R155).
* Create, update, and maintain Data Flow Diagrams and Software Design Documentation.
* Ensure compliance with the TME Cyber Security Management System (CSMS).
Requirements
To be successful in this role, you will need to have:
* Familiarity with IT systems such as AWS Cloud and Microsoft Azure.
* Understanding of UN ECE R154 regulation.
* Practical knowledge and application of Company principles.
* Experience with vehicle CAN communication protocols (e.g., J2534, ISO 15765-4).
* Knowledge of ISO/SAE 21434 and ISO 26262 standards.
* Strong analytical and problem-solving abilities.
* English fluency.
This is an exciting opportunity to join our team and contribute your expertise to shaping the future of cybersecurity.