Cyber Security Engineer

✅ The offer is addressed to individuals working in Poland ✅

Hybrid work mode - 2 days/week from the office

Project Description:

Client engages in the business of designing, manufacturing and exporting motor vehicles, engines, transmissions, differentials and their components at its manufacturing locations in Turkey, for sales in the domestic and foreign markets. Client has requested Luxoft to undertake engineering design and consultancy support to a new Software Defined Vehicle (SDV) Development program that meets the technical and attribute requirements, which will be produced and/or sold worldwide by Client and its licensees.

Responsibilities:

• Perform end-to-end threat analysis and risk assessments (TARA) on ADAS and Middleware components per ISO/SAE 21434.

• Write and integrate cybersecurity requirements into system/software architecture and detailed component specs.

• Review and validate the cybersecurity design, including secure communication, credential management, and access control concepts.

• Participate in supplier reviews and technical workshops to ensure security concepts are implemented as intended.

• Coordinate and support security verification activities, including penetration testing, fuzzing, and robustness testing (done by internal teams or suppliers).

• Contribute to the definition of cybersecurity test cases, misuse cases, and verification plans.

• Support compliance with ISO/SAE 21434, UNECE WP.29, and internal cybersecurity policies.

• Provide technical input during CSMS activities, incident response planning, and vehicle-level risk reviews.

Mandatory Skills Description:

• 7+ years of experience in Automotive Software Development

• Proven hands-on experience performing cybersecurity analysis in ADAS and Middleware domains.

• Very good understanding of AUTOSAR Classic and Adaptive, including cybersecurity-relevant layers and services.

• Familiar with Service Oriented Architecture

• In-depth knowledge of ISO/SAE 21434, UNECE WP.29, and related process frameworks.

• Familiarity with embedded vehicle networks (CAN, Ethernet, SOME/IP) and related attack vectors.

• Experience using tools like Vector CANoe/CANalyzer, TARA/FMEA tools, and cybersecurity requirements management platforms (e.g., Polarion, Jama).

Languages:

English: C1 Advanced