Description
As an Architect for Embedded Security Mitigations within the Office of Cybersecurity, you will serve as the primary technical authority for the design, development, and maintenance of production-ready embedded security implementations that will be used across vehicle controllers.
This is a high-impact, hands-on role where you will be expected to produce high-quality, production-grade code while providing technical leadership to Embedded Security Engineers (GSR). You will work closely with cross-functional and functional teams,including ECU software, systems engineering, validation, and platform teams,to translate cybersecurity requirements into standardized, reusable embedded implementations.
You will bridge high-level cybersecurity requirements and low-level embedded implementation, ensuring our vehicle platforms are resilient against evolving threats.
This team’s deliverables include source code libraries, prebuilt libraries, and a complete automated test suite intended for broad adoption by ECU programs across the vehicle.
Key responsibilities include:
Standardized Implementation: Architect and implement production-ready security mitigations within Classic AUTOSAR, proactively collaborating with controller teams to gather requirements and technical constraints and drive a unified, standard implementation across platforms.
Hands-on Code Production: Maintain a high level of hands-on involvement by writing and reviewing complex embedded code in C and C++, ensuring it meets Ford quality, performance, and maintainability expectations.
Technical Leadership: Partner with and guide Embedded Security Engineers (GSR) to execute technical roadmaps and deliver robust, reusable software components.
Deliverables & Reuse: Drive creation of reusable deliverables (source libraries, prebuilt artifacts, and test suites) with clear APIs, versioning strategy, and integration guidance for ECU teams.
Lifecycle Management: Own the full software development lifecycle (SDLC) for mitigation implementations, from initial design through production support, maintenance, and hardening.
Standards Alignment: Ensure implementations align with ISO/SAE 21434 cybersecurity engineering needs and incorporate diagnostic/security considerations aligned to UDS (ISO 14229-1); demonstrate familiarity with UNECE R155 expectations.
Workflow: Use GitHub for version control, pull requests, and code reviews.
Tooling: Experience with at least 2 of the following AUTOSAR implementation/tool ecosystems: Vector, eTAS, Elektrobit.
Agile Execution: Manage technical debt, feature backlogs, and sprint planning productively within Jira.
Cross-Functional Collaboration: Coordinate with systems engineering, validation, and platform teams to enable seamless integration of security controls across a diverse set of ECUs.
Testing / V&V: Collaborate with Verification & Validation teams to develop and execute security focused test plans to ensure robust, secure solutions.
Qualifications:
Bachelor’s degree in Electrical Engineering, Computer Science, Computer Engineering, or a related field, or a combination of education and experience.
10+ years of technical leadership experience in embedded software development for automotive applications.
Fluency in both Classic and Adaptive AUTOSAR architecture and integration practices.
Proven expertise in at least 2 of the following AUTOSAR implementation/tool ecosystems: Vector (DaVinci), ETAS, Elektrobit.
Advanced proficiency in C and C++ for embedded systems with a strong focus on secure coding practices.
Strong debugging skills and experience with embedded systems debugging tools.
Working knowledge of Python and Java for automation, tooling, and/or supporting development.
Working knowledge of UDS (ISO 14229-1) and ISO/SAE 21434.
Solid understanding of common security vulnerabilities and attack vectors in embedded systems.
Working knowledge of cryptography fundamentals, including symmetric and asymmetric algorithms, hashing, Public Key Infrastructure (PKI), and X.509 digital certificates.
Solid understanding of common security vulnerabilities and attack vectors in embedded systems.
Excellent communication and collaboration skills, with the ability to explain complex security concepts to diverse audiences and work effectively in cross-functional, geographically dispersed teams.
Demonstrated experience working productively within Jira for task management and project tracking.
Preferred qualifications include experience with Hardware Security Modules (HSM) and Secure Hardware Extension (SHE) concepts, familiarity with cryptographic libraries and secure boot-related integration patterns, and strong background in GitHub-based workflows, including code review practices and CI/CD integration.