Senior Product Security Engineer - Interior, Infotainment & Digital Experience (m/f/d)

At CARIAD, we're bundling and further expanding the Volkswagen Group's software expertise. We're uniting over 6,500 global experts to build a scalable technology stack, including a software platform, unified electronic architecture and reliable connection to the automotive cloud. Our CARIDIANS are developing vehicle functions such as driver assistance systems, a next-generation infotainment platform, power electronics and charging technology, and digital services in and around the vehicle.

Our software can already be found in Volkswagen ID. models and will soon power Audi and Porsche vehicles with the E3 1.2 platform in 2024.

It's no easy task, but with experts like you, we can shape the future of mobility. Join us at CARIAD and be part of this exciting journey!

YOUR TEAM

You will be part of the Cyber Security team in the business unit for "Interior, Infotainment & Digital Experience" (IIX). Our mission is to protect our customers by ensuring that cyber security in our organization is fit to meet the challenges of a rapidly expanding threat landscape.
As IIX Senior Product Security Engineer you work hand in hand with the IIX Cyber Security Manager. Engaged at the direct interface with our development organization as well as central departments you assume a crucial role by enabling and supporting our organization.
In your capacity as part of our Shared Service Cyber Security you provide our teams with specific security expertise, giving guidance as well as challenging their security evidences. This first-hand engagement in day-to-day security challenges informs your decision-making in driving initiatives to structurally enhance the security capabilities of our organization.

WHAT YOU WILL DO

• Act as SPoC for specific technical security requests from DevOps teams (from risk evaluation to design choices)
• Challenge security concept design and implementation of product teams
• Establish functioning security operations capabilities and assume steering of security incident responses
• Identify request patterns & gaps in security capabilities and propose structural enhancements including state-of-the-art security technologies & tools
• Develop the organization towards a stronger focus on security by design and end-to-end security testing (frontend - backend - in-car)
• Steer engagement of systems engineers and architects to act as security multipliers within the organization
• Define security learning journeys for technical roles and propose training formats
• Act as deputy for the IIX Cyber Security Manager

WHO YOU ARE

• Completed studies in the field of software engineering or comparable training
• Hands-on experience working in agile DevSecOps teams (>3 years)
• Experienced working with security & risk management methods (e.g. TARA)
• Practiced user of current security tools & technologies
• Strong ability to work and communicate at the interface between many stakeholders from team level to senior management
• Enthusiastic about keeping pace with technical developments
• Foundational understanding of security related regulations and standards preferred (e.g. ISO21434, ISO27001, NIST-800)
• Fluency in English is required (understanding of German is a plus)

NICE TO KNOW

• Remote work options
• Temporary work from abroad in selected countries
• Flextime / optional working hours
• Company pension plan
• Annual professional development
• Sabbatical option up to 6 months
• 30 days paid + 10 days unpaid leave
• Possibility for VW Group car leasing

YOUR RECRUITING CONTACT

Susanne Muhr