Key
Responsibilities:

1.
Threat & Risk Analysis (TARA):

• 
  Perform threat modeling and risk assessment for
  in-vehicle communication channels (CAN, CAN-FD, Ethernet, LIN).
• 
  Identify attack vectors (e.g., spoofing, injection,
  DoS) and propose mitigations based on threat severity.

2.
Security Architecture & Design:

• 
  Define and maintain cybersecurity concepts and
  requirements for networked ECUs.
• 
  Collaborate with E/E system architects to define secure
  communication flows, segmentation strategies, and gateway protections.
• 
  Define security zones and boundaries between critical
  vs. non-critical domains (e.g., powertrain vs. infotainment).

3.
Protocol & Interface Security:

• 
  Define secure messaging concepts for CAN (e.g., MAC, ID
  whitelisting, time-window validation).
• 
  Implement secure Ethernet communication using
  TLS/IPsec/DoIP firewalls.
• 
  Define intrusion detection (IDS) and prevention system
  (IPS) strategies for Ethernet/CAN gateway ECUs.

4.
Standards Compliance:

• 
  Ensure security requirements and development processes
  are aligned with:
• 
  ISO/SAE 21434 (Cybersecurity Engineering)
• 
  UN R155 (Cybersecurity Management System)
• 
  ASPICE security extension (if applicable)

5.
Testing, Monitoring & Verification:

• 
  Support penetration testing, fuzz testing, and
  simulated cyberattacks in development vehicles and benches.
• 
  Work with security test teams to validate
  implementation of message authentication, secure boot, secure diagnostics,
  and OTA protections.
• 
  Analyze logs and CAN/Ethernet traces to identify
  abnormal behavior or intrusion patterns.

6.
Collaboration & Documentation:

• 
  Work closely with software, hardware, diagnostic, and
  network teams.
• 
  Provide documentation for cybersecurity work products
  including CS Concept, CS Claim, TARA Report, and Verification Plan.
• 
  Support supplier selection and cybersecurity
  requirement reviews with Tier 1s and tool vendors.

Requirements

• 
  Bachelor’s or Master’s degree in Computer Science,
  Electrical Engineering, Automotive Engineering, or a related technical
  field.
• 
  3+ years of experience in automotive cybersecurity or
  network security.
• 
  Strong understanding of in-vehicle communication
  protocols (CAN, CAN FD, LIN, Ethernet/AVB/TSN).
• 
  Familiar with ISO 21434, UN R155, and typical OEM
  cybersecurity development cycles.
• 
  Experience with CANoe/CANalyzer, Wireshark, and network
  simulation or fuzzing tools.
• 
  Proficient in identifying and mitigating cyber threats
  in embedded systems.

Preferred
Qualifications:

• 
  Experience with security modules such as:
• 
  Secure Onboard Communication (SecOC)
• 
  Hardware Security Modules (HSM)
• 
  Secure Boot & Secure Flash
• 
  Familiarity with AUTOSAR (Classic or Adaptive) security
  stack.
• 
  Experience with PKI, key provisioning, and ECU
  certificate management.
• 
  Certifications such as CISSP, CEH, ISO 21434 certified
  engineer are a plus.

Benefits

• 
  In Hanoi:
  Symphony Building, Chu Huy Man street, Long Bien distict, Hanoi

Working hours:
Monday to Friday, with alternating Saturdays, from 08:30 AM to 05:30 PM.