工作职责: 1. Responsible for the company based ISO21434 security process construction (organization process, management process, development process, etc.). 2. Responsible for communication with customers and suppliers for security related requirements. 3. Responsible for the TARA analysis, and get agreement with customer of the analysis results and risk mitigation measures. 4. Responsible for security solution design and support the development team in implementation. 5. Keep good communication with internal and external, discover, coordinate and solve issues in the implementation of security requirements. 6. Responsible for the analysis of existing vulnerabilities, and tracking vulnerability status till close. 7. Responsible for project level security-related documentation authoring or review. 8. Cooperate with the project team to promote project development with high efficiency and high quality, and complete third-party security certification (if required). 1.负责基于公司的ISO21434安全流程建设(组织流程、管理流程、开发流程等)。 2.负责与客户和供应商就安全相关要求进行沟通。 3.负责TARA分析,并与客户就分析结果和风险缓解措施达成一致。 4.负责安全解决方案的设计,并支持开发团队的实施。 5.与内部和外部保持良好沟通,发现、协调和解决安全要求实施中的问题。 6.负责分析现有漏洞,并跟踪漏洞状态直至关闭。 7.负责项目级安全相关文档的编写或审查。 8.与项目团队合作,高效、高质量地推进项目开发,并完成第三方安全认证(如有需要)。 岗位要求: 1.Bachelor degree or above, major in electrical, software or cybersecurity; 2.2 years cybersecurity or related experience ; 3.Familar with the standard ISO21434 and know the working process required by ISO21434. 4.Have certain system architecture design capabilities, be able to design cybersecurity solution at system level. 5.Good at teamwork, cross-function communication and problem-solving skills 6.Fluent in both written and oral English . 1.本科及以上学历,电气、软件或网络安全专业; 2.2年以上网络安全或相关经验; 3.熟悉ISO21434标准,了解ISO21434要求的工作流程。 4.具有一定的系统架构设计能力,能够设计系统级的网络安全解决方案。 5.擅长团队合作、跨职能沟通和解决问题的能力 6.英语书面和口头流利。