CarIT Security Supplier Management Engineer供应商车联网安全管理工程师
- 北京
Objective of job
Ensuring compliance and implementation of the supplier security assessments to secure HW/ SW product CarIT security; Localising, managing, and executing supplier security management process according to V0590089 and other applicable Chinese authority requirements
Task description
1. Conducting supplier security assessments to secure HW/ SW product CarIT security
• Identifying the need for CarIT security supplier assessments
• Assessing CarIT security requirements in the vehicle function
• Planning CarIT security supplier assessments based on the measurement criteria assessment (with the respective quality engineer and security architect)
• Ensuring the relevant experts concerning CarIT security are supporting supplier assessments
• Executing the dedicated CarIT security supplier set assessments
• Deciding on CarIT security supplier assessments and providing feedbacks on results of the supplier set assessments
• Executing and tracking measures of CarIT security supplier assessments. Gathering information and assessing as quality gate of the suppliers along the vehicle lifecycle
• Supporting communication of the interface agreement and technical requirements to the supplier and assessment of the supplier
• Providing reporting requirements in line with ISO/ SAE 21434 to the suppliers along the vehicle lifecycle (e.g., vulnerability reporting)
2. Localising, managing and executing supplier security management process according to V0590089
• Providing China input to the CarIT security measurement criteria in VDA-RGA
• Defining, extending and managing the cybersecurity interface agreement (CIA) and technical requirements regarding CarIT security content. Ensuring that the cybersecurity interface agreement are up-to-date
• Ensuring the correct sampling of the CarIT security development and respective processes
• Process adaptation and localization together with China MP
• Ensuring the alignment with the technical compliance mgmt. system (tCMS)
3. Supporting the team and coordinating to conduct CarIT security relevant checks for RDP business
• Providing consultation to RDC internal teams on supplier management activities and business evaluation
• Conducting CarIT security gap analysis based on authority requirements
Qualification
1. Bachelor degree or above, in electrical engineering, electronics engineering, automotive engineering, computer science, software engineering and other engineering majors
2. More than 5 years of experience in regulations and policies of OEMs or other industry organizations, familiar with the management process of automotive industry authorities and industry standards and regulations, and have a deep understanding of relevant policies or technologies of IoV
3. Familiar with the relevant regulations and standards of the automotive industry, announcement declaration, 3C certification, etc.
4. Familiar with software development process and testing process
4. Familiar with CarIT security management system requested by UN R155 and ISO/ SAE 21434
5. Familiar with software development process and testing process
6. Fluent in English, good communication skills and learning skills, proactive in work
Ensuring compliance and implementation of the supplier security assessments to secure HW/ SW product CarIT security; Localising, managing, and executing supplier security management process according to V0590089 and other applicable Chinese authority requirements
Task description
1. Conducting supplier security assessments to secure HW/ SW product CarIT security
• Identifying the need for CarIT security supplier assessments
• Assessing CarIT security requirements in the vehicle function
• Planning CarIT security supplier assessments based on the measurement criteria assessment (with the respective quality engineer and security architect)
• Ensuring the relevant experts concerning CarIT security are supporting supplier assessments
• Executing the dedicated CarIT security supplier set assessments
• Deciding on CarIT security supplier assessments and providing feedbacks on results of the supplier set assessments
• Executing and tracking measures of CarIT security supplier assessments. Gathering information and assessing as quality gate of the suppliers along the vehicle lifecycle
• Supporting communication of the interface agreement and technical requirements to the supplier and assessment of the supplier
• Providing reporting requirements in line with ISO/ SAE 21434 to the suppliers along the vehicle lifecycle (e.g., vulnerability reporting)
2. Localising, managing and executing supplier security management process according to V0590089
• Providing China input to the CarIT security measurement criteria in VDA-RGA
• Defining, extending and managing the cybersecurity interface agreement (CIA) and technical requirements regarding CarIT security content. Ensuring that the cybersecurity interface agreement are up-to-date
• Ensuring the correct sampling of the CarIT security development and respective processes
• Process adaptation and localization together with China MP
• Ensuring the alignment with the technical compliance mgmt. system (tCMS)
3. Supporting the team and coordinating to conduct CarIT security relevant checks for RDP business
• Providing consultation to RDC internal teams on supplier management activities and business evaluation
• Conducting CarIT security gap analysis based on authority requirements
Qualification
1. Bachelor degree or above, in electrical engineering, electronics engineering, automotive engineering, computer science, software engineering and other engineering majors
2. More than 5 years of experience in regulations and policies of OEMs or other industry organizations, familiar with the management process of automotive industry authorities and industry standards and regulations, and have a deep understanding of relevant policies or technologies of IoV
3. Familiar with the relevant regulations and standards of the automotive industry, announcement declaration, 3C certification, etc.
4. Familiar with software development process and testing process
4. Familiar with CarIT security management system requested by UN R155 and ISO/ SAE 21434
5. Familiar with software development process and testing process
6. Fluent in English, good communication skills and learning skills, proactive in work
