Job Description Ford’s Research and Advanced Engineering organization is broadening its core competency within the area of Embedded Cyber Security in the automotive environment. We are both researching and reviewing new enterprise-wide features and technologies, as well as providing frameworks, processes and tools to help the research.
Technology is advancing, connection mechanisms are growing, and consumers and hackers are becoming more sophisticated. With increasing networking between modules and access points into the vehicle, the attack surface has increased thereby opening up new potential vulnerabilities. Automobiles are no longer mere mechanical devices but are controlled by dozens of digital computers coordinated by internal networks. While all this technology has allowed for better personalized experiences, seamless integration into a person’s lifestyle, differential services, predictive diagnostics and safer driving conditions, the increase in complexity drives the need for advanced security and data solutions.
We are exploring the role of advanced embedded computing platforms, coupled with cloud-based services, to deliver applications which will redefine the experience of owning, maintaining, driving and interacting with Ford Motor Company vehicles. Security needs to be built into each of these growing technologies.
The ideal candidate will have outstanding security design analytical skills and the ability to work in a fast-paced, collaborative environment. We are looking for exceptionally creative, motivated and talented Cyber Security engineers to join our team to develop advanced features (specifically in the autonomous driving and vehicle to vehicle communication environments), toolkits and consult on security related architectures. We collaborate extensively within Ford and with external partners, thus we require exceptional communication and collaborative skills.
Work tasks span from the early research and development stages of ideation, experience and use case development, through development of Proof-of-Concept solutions, vehicle integration and finally delivery of features and processes to the Product Development organization.
Research and develop concepts around related Cyber Security incidents reported in industry and research organizations.
Understand the exploit and report back findings so new requirements, testing or processes can be updated to avoid future risk. Storyboards, use cases, proof-of-concept demonstrations, specifications and requirements development experience
Development and maintenance of tools (e.g. Fuzzing) for use in internal vehicle penetration testing
Threat Analysis and Risk Assessment tool/modeling
Lead technology and security feature projects. Deliver to internal customers.
Actively ideate and invent new security techniques or countermeasures for Vehicle to Vehicle or Vehicle to Infrastructure or in-vehicle modules/architecture
Performing competitive analyses and comparative studies to maintain knowledge of emerging technologies in both the automotive and consumer electronics field
Develop security roadmap (near-term, mid-term and long-term focus) as it relates to Security, Safety and Quality Features
Actively work with Security Partners, Research and Government for information sharing, joint project development, and reporting
Some travel expected to cover critical Cyber Security Conferences or meet with other non-local team members (e.g. England or California)
CISSP or minimum 3 years of cyber security academic / professional experience
Masters or higher in Computer Science, Electrical and/or Computer Engineering highly preferred
Experience/knowledge of upcoming embedded module security, driver assistance, vehicle to vehicle communication technologies, or autonomous driving features
Ability to present and communicate intelligently, concisely, and coherently
Familiarization with Safety Systems such as ISO 26262
Experience with writing requirements, test procedures and use case development
General understanding of CAN network, Ethernet, firewalls and secure architecture development
Knowledge with cryptographic algorithms and protocols
Use of IDA Pro, fuzz testers, network analyzer, CAN traffic tools, threat modeling and risk management tools
Knowledge with PKI management
Experience with Secure Coding Techniques
Experience with embedded hardware and software security knowledge
Knowledge of digital and wireless communication and familiarity with communication technologies such as TCP/IP, Ethernet, Bluetooth, WiFi, DSRC and CAN
Basic interest and knowledge about geographical technologies such as GPS, maps, geofencing and POIs as well as privacy risk associated with these technologies
Self-motivated with the ability to manage multiple tasks. Excellent communication skills.
A genuine passion for technology, electronics, gadgets, security of internet of things, both on a professional and personal level
The distance between imagination and … creation. It can be measured in years of innovation, or in moments of brilliance. When you join the Ford team discover all the benefits, rewards and development opportunities you’d expect from a diverse global leader. You’ll become part of a team that is already leading the way, with ingenious solutions and attainable products – and it is always ready to go further.
Candidates for positions with Ford Motor Company must be legally authorized to work in the United States on a permanent basis. Verification of employment eligibility will be required at the time of hire. Visa sponsorship is not available for this position.
Ford Motor Company is an equal opportunity employer committed to a culturally diverse workforce. All qualified applicants will receive consideration for employment without regard to race, religion, color, age, sex, national origin, sexual orientation, gender identity, disability status or protected veteran status.