Oct 10, 2023
You are in charge of carrying out and supporting the security development operations for the aircraft programme as a system cybersecurity engineer. You will have the chance to participate in all aspects of the eVTOL product's security operations, including setting the security scope, conducting a security risk assessment, specifying security measures, testing the product, and monitoring it during use until it is decommissioned.
This is a key role to collaborate with multidisciplinary project teams to meet regulatory framework, customer's needs and define the overall security architecture. You will have the chance to act as a subject matter expert across the program to guide system engineering teams towards a secure-by-design product and to feel the emotion of the first flight of our product.
Define security processes, methods and working instructions for the development of eVTOL
Security development activities for the aircraft and its systems, including definition of security measures on technical and procedural level to mitigate identified risks
Co-operate with system engineering and hardware/software development teams
Lead and/or participate in the aircraft security architecture activities
Develop and maintain best practices and security development standards for next-generation airborne systems
Provide subject matter expert support, awareness, and training to system engineering within the company
Support security related customer milestones and assessments
Eventually engage with civil aviation authorities like EASA and FAA
Collaborate with the creation of standards that will be used in aviation through involvement with EUROCAE activities
Gain knowledge in a new and growing industry
Engage with suppliers to drive the development of security measures ensuring airworthiness security along the entire supply chain
Computer or Embedded System Engineering, or ICS/IT Security
At least 2 years of experience in security engineeringor embedded systems or ICS
Willingness to share Knowledge
Knowledge of at least one of the following security standards/guidelines (ED-200 series, SAE J3061, IEC 62443, ISO 27000 series, ISO 21434, NIST SP 800-series)
Fluent English language skills are essential
Team oriented workstyle
Analytic problem-solving skills needed
Knowledge of security-by-design engineering approach
Knowledge about NIST SP800-160
Applied knowledge of security risk assessment and management approaches for complex systems including embedded devices
Knowledge of standard cryptographic algorithms
Knowledge of classical design flaws as well as vulnerabilities deriving from implementations
Knowledge of aeronautical networking and communication protocols and/or embedded system or industrial controls systems technologies
Knowledge about Agile development tools and frameworks
Knowledge about NIST Cybersecurity Framework
Knowledge about security verification and security testing tools
A security certification in, e.g., CRISC, OSCP, CEH, CISSP, ECSA, or related
Ability to develop and explain technical decisions and recommendations effectively with technical and non-technical audiences through verbal and written communications that lead to actionable and measurable improvements