汽车网络安全咨询顾问

1.为客户提供 ISO/SAE 21434 与 UNECE R155/R156 要求下的网络安全流程咨询与落地支持；

2.组织并执行 TARA（Threat Analysis and Risk Assessment）及安全目标制定；

3.指导客户从概念开发到验证阶段的安全生命周期实施；

4.参与功能安全审核、安全评估与合规性检查；

5.撰写安全计划、安全概念、安全案例及技术文档；

6.支持客户沟通，参与项目管理，参与安全验证与渗透测试协调；

7.为客户或团队成员提供网络安全流程、标准与工具方面的培训。

II. 职位要求

1.工程、信息安全、计算机、车辆、自动化等相关理工科本科及以上学历；

2.至少 2 年汽车网络安全或信息安全相关工作经验；

3.熟悉 ISO/SAE 21434 标准结构与关键流程（如 TARA、安全概念、安全验证等）；

4.熟悉嵌入式系统架构与 CAN、Ethernet 等汽车通信协议；

5.具备优秀的沟通能力、客户导向思维，能够适应快节奏的项目环境；

6.通过CET-6，具备良好的英语听说读写能力。

III. 加分项

1.有参与 UNECE R155/R156 合规项目经验或审核准备经验；

2.具备软硬件开发或者系统开发经验；

3.熟悉 ISO 26262 功能安全框架，并理解 HARA 与 TARA 的整合方法；

4.熟悉汽车OTA、车联网、网关ECU、SOC平台的安全需求；

5.具备渗透测试或安全测试工具使用经验（如 CANoe/Cybersecurity、Wireshark、Metasploit）；

6.具备安全分析或建模经验（如 STRIDE、HEAVENS、Attack Tree 等）；

7.具备英文之外的其他第二语言能力。

IV. 企业福利待遇

·工作时间：弹性8小时｜周末双休｜法定节假日；

·入职即享：五险一金｜带薪年假；

·持续培养：新人培训｜技术培训｜管理培训；

·开拓视野：海外技术资源共享｜多国机构交流合作；

·贴心补贴：技术奖金｜补充医疗保险、重疾险和意外险｜年度体检｜出差补贴｜通讯补贴｜知识付费补贴；

·休闲福利：团建｜体育活动｜下午茶｜日常团体活动；

·办公环境：宽敞明亮的办公室环境｜可升降办公桌｜人体工学办公椅｜健身房。

I. Job Responsibilities

1.Provide consulting and implementation support for cybersecurity processes under ISO/SAE 21434 and UNECE R155/R156.

2.Organize and conduct TARA (Threat Analysis and Risk Assessment) and define cybersecurity goals.

3.Guide customers through the cybersecurity lifecycle from concept development to verification phase.

4.Participate in cybersecurity audits, assessments, and compliance reviews.

5.Draft cybersecurity plans, concepts, cases, and technical documentation.

6.Support customer communication and participate in project management.

7.Deliver training and workshops on safety methodologies, tools, and processes to clients or internal teams.

II. Job Requirements

1.Bachelor's degree or above in Engineering, Information Security, Computer Science, Automotive, Automation, or a related technical discipline..

2.Minimum 2 years of experience in automotive or information cybersecurity.

3.Familiarity with ISO/SAE 21434 structure and key processes (e.g., TARA, cybersecurity concept, validation).

4.Understanding of embedded systems architecture and in-vehicle communication protocols such as CAN and Ethernet.

5.Strong communication skills and customer-oriented mindset, with the ability to work effectively in fast-paced project environments.

6.Pass the CET-6 exam and possess excellent English listening, speaking, reading, and writing skills.

III. Plus Points

1.Experience in UNECE R155/R156 compliance projects or audit preparation.

2.Background in software/hardware/system development.

3.Knowledge of ISO 26262 functional safety framework and integration of HARA with TARA.

4.Understanding of security requirements for OTA, connected vehicles, gateway ECUs, and SOC platforms.

5.Hands-on experience with penetration testing or cybersecurity tools (e.g., CANoe/Cybersecurity, Wireshark, Metasploit).

6.Experience in security analysis or modeling (e.g., STRIDE, HEAVENS, Attack Trees).

7.Proficiency in a second language besides English.

IV. Company Benefits

·Working Hours: Flexible 8 Hours ｜ Two-day Weekend ｜ Statutory Holidays.

·On-boarding Benefits: Five Insurances and One Fund ｜ Paid Annual Leave.

·Continuous Development: New Employee Training ｜ Technical Training ｜ Management Training.

·Broaden Horizons: Overseas Technology Resource Sharing ｜ Multi-national Institution Exchanges and Cooperation.

·Thoughtful Subsidies: Technology Bonus｜Supplemental Medical Insurance, Critical Illness Insurance, and Accident Insurance ｜ Annual Physical Examination ｜ Business Travel Allowance ｜ Communication Allowance ｜ Knowledge-upgrading Allowance.

·Leisure Benefits: Team Building ｜ Sports Activities ｜ Afternoon Tea ｜ Daily Group Activities.

·Office Environment: Spacious and Bright Office Environment ｜ Height-adjustable Desk ｜ Ergonomic Office Chairs ｜ Gym.