Fleet Security Operation Engineer车网安全工程师

Description

Objective of job

Collect, analyse, correlate and disseminate information about threats, vulnerabilities and indicators of compromise based on multiple sources, languages, disciplines in context that draws insights about potential impact on MB assets

Maintain up to date cybersecurity contextualised threat landscape including threat actors, trends, capabilities, technics and incentives

Main tasks

1. Collaborate with the global SIC Team. Collect, analyse, correlate and disseminate information about threats, vulnerabilities and indicators of compromise based on multiple sources in context that draws insights about potential impact on MB assets. Classify, triage and correlate new discoveries to CarIT security incidents and problems by consultation with security architects
2. Maintain up to date cybersecurity contextualized threat landscape including threat actors, trends, capabilities, technics, and incentives. Document and manage alerts, reports and vulnerabilities in SIC Portal
3. Execute procedures to detect new discoveries. Execute operational activities driven CarIT security POIs and RFIs
4. Be the single contact for CarIT Security Incidents from RD/PS China. Receive detections and alerts 24/7 from various channels, such as hotline, internal and external NPM, SIEM Detection. Run investigations and forensics related to CarIT security incidents, incl. for IoV cloud and autonomous driving cloud. Build the virtual incident response team by involving the right parties, such as Security Architects, Information Security Officers, SIC Team, technical experts and system owners.
5. Analyse and validate CarIT related data breaches affecting Chinese customers. Understand the impact and relevance to respond accordingly. Run data export Self Assessments and clarifications with Chinese authorities in case of a potential necessity to export data outside of China, with help of data experts
6. Create monthly report of SIC deliverables
Qualifications

1. Bachelor degree or above, in electrical engineering, electronics engineering, automotive engineering, computer science, software engineering and other engineering majors
2. At least 3 years or above working experience in CarIT security or cloud security. Experience in mainstream OEMs and multinational companies preferred
3. Deep understanding of common network attacks and defence methods, familiar with cloud computing infrastructure
4. Familiar with security operation and maintenance, including security monitoring, data analysis, emergency response, risk control etc. Experience in security operation and maintenance of large cloud service providers is preferred
5. Practical experience in data modelling/ analysis or security response automation or intrusion investigation, vulnerability analysis, security attack and defence drills, security penetration testing
6. Proficient in at least one script/ language, such as Python, JavaScript, Java, C/C++, etc.
7. Beneficial: Knowledge about car related (backend) services, Azure China and AUTOSAR/ in-car technologies related to CarIT security, experience with SIEM (Splunk) Operations Actions, such as Log onboarding, normalization, etc.
8. Fluent in English, good communication skills and learning skills, proactive in work