Worker Sub-Type : Regular
Regular
Job Description :
BlackBerry® QNX® is a trusted supplier of safe and secure operating systems, hypervisors, frameworks and development tools, and provides expert support and services for building the world’s most critical embedded systems.
We are the embedded experts. BlackBerry QNX was born in embedded, and provides time-tested and trusted foundation software, including our deterministic microkernel real-time operating system (RTOS), safety-certified products, middleware and security solutions, all purpose-built for embedded systems.
BlackBerry QNX software is trusted by more than , 24 of the top 25 EV manufacturers and is running in more than 235 million vehicles globally.
Our foundation products have been pre-certified to ISO 26262 ASIL D and we offer a broad range of board support packages, professional services, AUTOSAR adaptive support and middleware solutions from acoustic management, to digital cockpits to advanced driving assistance (ADAS) - to accelerate development and help OEMs meet Start of Production (SOP) dates.
Our customers count on us to convert awesome ideas into great products and services.
Are you the person we are looking for?
Job Duties
- Understand and take ownership of vulnerability reports, communicate details and urgency clearly to stakeholders
- Provide Cybersecurity guidance and support to product teams in the development of their work products in compliance with ISO 21434
- Undertake research projects / in-depth vulnerability analysis.
- Provide product security support to internal and external stakeholders
- Drive, contribute and coordinate on Threat Analysis and Risk Assessment (TARA) in accordance with ISO 21434
- Work with development teams, and project managers to help bring security incidents to a conclusion
- Perform reviews and verification of ISO 21434 work products
- Assist and advise development teams on security testing activities
- Continually identify standards compliance gaps and implement process improvements
- Automating things - process activities, fuzz testing, scanning and reporting, etc
Preferred Qualifications
- Basic knowledge of ISO 21434 and / or UNECE WP.29 R155 is preferred
- Exposure to ASPICE and ISO26262
- Experience working within a product security team
- C / C++ and Python
Assets
- Excellent communication skills
- Must be able to work without supervision
- Technical understanding of first.org principles and terms and how they work
LI-SK2
Scheduled Weekly Hours :