1. Cybersecurity Senior Expert & Project Security and Privacy Manager
• Plan and execute project-wide security activities in accordance with the internal development process aligned with ISO/SAE 21434.
• Lead the Cybersecurity Concept and Security Architecture for Radar/Parking ECU products.
• Develop Threat Analysis & Risk Assessment (TARA) and coordinate review activities with OEMs.
• Evaluate and review security mechanisms such as Secure Boot, Secure Flash, and key management.
• Perform security reviews for software, in-vehicle network communication, OTA, and cloud connectivity (as required).
• Conduct vulnerability analysis (VARA), plan penetration testing, and manage corrective actions.
• Collaborate closely with system engineering teams, software teams, project managers, and other stakeholders.
• Ensure CSMS/SUMS compliance from development through production and operational phases for assigned projects.
2. Customer Cybersecurity Audit & Technical Negotiation
• Serve as the primary interface and accountable lead for Cybersecurity Audits and Technical Reviews conducted by Japanese OEMs.
• Provide technical responses and lead negotiations regarding cybersecurity requirements from Japanese OEMs.
• Coordinate preparation for Cybersecurity Audits in collaboration with internal cybersecurity teams and the Cybersecurity team at headquarters in Germany, and drive post-audit improvement planning and execution.
3. CS development milestone review
• Coordinate technical reviews with the Global Cybersecurity Team.
• Prepare required technical documents, software architecture descriptions, and risk analyses necessary for Gate/Milestone Reviews.
• Ensure alignment and compliance with internal cybersecurity processes.
シニア サイバーセキュリティー マネージャー
1. Cybersecurity Senior Expert & Project Security and Privacy Manager
• ISO/SAE 21434に準拠した社内開発プロセスに基づくプロジェクト全体のセキュリティアクティビティの計画・実施
• Radar/Parking ECU製品のCybersecurity Concept及びSecurity Architectureの主導
• Threat Analysis & Risk Assessment (TARA) の作成およびOEMとのレビュー対応
• Secure Boot、Secure Flash、鍵管理などのセキュリティメカニズム検討・レビュー
• SW、車載ネットワーク通信、OTA、Cloud連携(必要に応じ)のセキュリティレビュー
• 脆弱性分析(VARA)、Penetration test計画、修正アクション管理
• システムエンジニアリングチーム、ソフトチーム、Project Managerなどとの連携
• 担当プロジェクトにおける開発フェーズから量産・運用フェーズまでのCSMS/SUMS対応
2. Customer Cybersecurity Audit & Technical Negotiation
• JOEMによるCybersecurity Audit/Technical Reviewの窓口および説明責任者
• JOEMのSecurity要求に対する技術的回答および交渉
• Cybersecurity Auditに向けた社内CS主管部署及びドイツ本社Cybersecurity Teamと連携した準備及び監査実施後の改善計画の策定と実行
3. HQ TeamによるGate Review対応
• Global Cybersecurity Teamとの技術レビュー調整
• Gate/Milestone Reviewの通過に必要な技術文書、S/Wアーキテクチャ、リスク分析の作成
• 社内CSプロセスとの整合性確保
aumovio