Aurora's mission is to deliver the benefits of self-driving technology safely, quickly, and broadly by ensuring the secure design and implementation of secure technologies used by the Aurora Driver and continually improving the assurance levels of security across all of Aurora's Products.
Requirements
- Foundational knowledge of Automotive Cybersecurity (ISO21434/UNECE/NHTSA)
- Foundational knowledge of operating system security for Linux
- Foundational knowledge of the CWE Top 25
- Ability to write proficiently in C++, Golang and Python
- Ability to assess software and/or hardware components with and without full knowledge
- Experience in one or more of the following: risk assessment, threat modeling, incident and emergency response, OS hardening, vulnerability management, pentesting, offensive security or cryptographic protocols and concepts
- Experience in vulnerability discovery and analysis, design review, and code-level security reviews
Responsibilities
- Provide consulting and advisory services to engineering teams heavily focused on automotive cybersecurity
- Work directly with engineering and non-engineering teams to drive improvements in internal processes, procedures and technical fundamentals through threat modeling and requirements development
- Develop, document, improve, implement and execute cybersecurity best practices and processes for autonomous vehicles across internal and external engineering partners
- Perform technical automotive cybersecurity assessments and reviews, research, uncover, and reproduce vulnerabilities, design secure protocols and systems, and write tests and fuzzers to drive architecture changes
- Assess the risks across the Aurora Driver Platform and prioritize high value components (software and/or hardware) for critical and high security vulnerabilities
- Conduct research to identify new and novel attack vectors against Aurora's products and services
- Review, develop and document secure operational best practices, and provide security guidance for engineers and various internal and external partners
Other
- Ability to communicate effectively with technical and non-technical audiences
- Ability to work well with other assessment members and engineering partners
- Relevant automotive cybersecurity work experience
- Commitment to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures
- Aurora considers candidates without regard to their race, color, religion, national origin, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, pregnancy status, parent or caregiver status, ancestry, political affiliation, veteran and/or military status, physical or mental disability, or any other status protected by federal or state law
