Senior Security Engineer

Who are we?
Volvo Cars is a company on a mission; to bring traditional car manufacturing into a connected, sustainable and smart future. Since 1927, we have been a brand known for our commitment to safety, creating innovative cars that make life less complicated for our consumers. Today, we’re expanding our global footprint in Europe, China and the US, and we’re on the lookout for new talent. We are constantly pushing our own skills and abilities to drive change in the automobile industry like never before. Join us and be part of Volvo Cars’ journey into the future.

What we offer
Volvo Cars have an ambitious growth plan for connected functionality and autonomous drive. To mitigate the threats presented to a connected autonomous vehicle, we have a solid foundation of competence within our very dedicated System Security Team. To be able to meet the future needs, are we now expanding the team with three more members. Are you a passioned Senior Security Engineer who likes to become a member of an agile development team with great team spirit? Then this is the opportunity for you. Volvo Cars have a holistic approach to in-vehicle security, spanning the complete vehicle lifecycle, involving technology for protection and detection, as well as threat intelligence and incident response. Due to your contributions to the area you will be recognized as an important player in the Security field. Volvo Cars Cyber Security Group is located in both Gothenburg and Lund and this position is open for both locations.

What you’ll do
You get inspired by our mission to give our customers “Freedom to move”. You will use your deep knowledge to analyse and enhance the protective measures that we install in all parts of the in-vehicle embedded system. You will perform vulnerability tests, security assessments and risk analysis activities related to in-vehicle communication independently or as a part of a team. You will collaborate with concept owners to establish verification methods and work closely with the automation team who automates test cases into the Continuous Integration (CI) machinery. You will develop security mechanisms and help receiving teams implement them, by supporting or implementing a concept that Security Group owns and share with the company. Programming environments extends from script languages like Python to C, will also be among your tasks. Further, verify security requirements of different types of ECUs related to e.g. Infotainment, Gateway and Connectivity functions will be on your response as well as ensuring proficiency and adequate level of details in reports and test results. You will get the chance to work within different test environments, i.e. real cars as well as Boxcars or similar settings and are excepted to demonstrate critical thinking and creative analytical skills to for example identify vulnerabilities/attack vectors that are difficult to detect.
You and your skills 
You use your skills as Senior Security Engineer and your passion for security in embedded systems to expand your technical insights and to build and maintain a network that includes people from all areas in the company. You have experience within the field of security by design. We believe that you have a M.Sc. or B.Sc. degree in Software, Electrical or Computer engineering, or equivalent education and a strong understanding for the threat landscape of a connected device and the mitigation mechanisms needed for protection. You are proficient in programming languages such as C/C++ and Python/Bash/CAPL and in the English language, both in written and oral form. You will need a couple of years of relevant professional experience of developing security solutions in vehicle or other embedded environments. You are curious and want to contribute to develop ground breaking technology. Driven by customer focus you get things done. You are committed to high delivery quality and have the ability to proceed your work without having all facts at hand before you start. You are flexible and have excellent communication and documentation skills. With your positive attitude, you have the ability to work constructively both as an individual or in teams. You are experienced with agile development and familiar with software development best practices. 
You have competence to examine security from a holistic view, including threat modelling, risk, and vulnerability assessment. Knowledge and experience on vehicle networks and communication protocols such as CAN, TCP/IP, IEEE 802.11x, BLE, and Bluetooth. Experience of one or several tools such as Wireshark, CANalyzer and CANoe. Previous knowledge of automotive related standards such as UDS and SOME/IP. Experience with reverse engineering, pen-testing for embedded devices and of Metasploit framework and Kali Linux OS. Experience in Code Reviews (Gerrit etc), Threat Modeling (Heaven), Static/Dynamic/Interactive Code and 3rd party analysis tools and processes, Security in the Cloud, Embedded systems, IoT and Hardware based attacks. International Software Testing Qualifications Board (ISTQB) certification. Other security related certifications such as CISSP and CEH.
How to learn more and apply
If you have any questions regarding the position, you are welcome to contact Karolina Hill, Team Manager Cyber Security, at karolina.hill@volvocars.com . If you have any questions regarding the recruitment process, contact Catharina Skog, at catharina.skog@volvocars.com . Please apply as soon as possible, but no later than 17th of October 2021. Note that we do not accept applications via e-mails.