Product Security Lead
Luminar
Product Security Lead (LiDAR)
About us
Luminar Technologies, Inc. (Nasdaq: LAZR) is transforming automotive safety and autonomy by delivering the only lidar and associated software that meets the industry’s stringent performance, safety, and economic requirements. Luminar has rapidly gained over 50 industry partners, including a majority of the top global automotive OEMs. In 2020, Luminar signed the industry’s first production deal for autonomous consumer vehicles with Volvo Cars, which now expects to make Luminar’s technology part of the standard safety package on their next generation electric SUV. Additional customer wins include Mercedes, SAIC, Daimler Truck AG, Intel’s Mobileye, Pony.ai and Airbus UpNext. Founded in 2012, Luminar employs approximately 400 with offices in Palo Alto, Orlando, Colorado Springs, Detroit, Bangalore and Munich.
For more information, please visit www.luminartech.com
About the role
Luminar Technologies is seeking an experienced technically hands-on senior manager, to be a Product Security Engineer (LiDAR) Lead reporting to the Head of Security Engineering, who can design, build, monitor and enforce the security processes and infrastructure for advanced LiDAR products within a growing US public company. The ideal candidate should have extensive experience in designing security solutions which protect information from threats, ensuring business continuity and regulatory compliance by collaboratively working across the different functions in the organization.
This is a first set of lead hires for this function, as we look to augment this function at Luminar, Bangalore. You will be part of a high cross-functional team and responsible for rapid prototyping and product development at Luminar.
Responsibilities
- Build and lead a best-in-class product security program for both Lidar and Perception development initiatives
- Lead and manage all activities of product security engineers and analysts
- Partner with key stakeholders including: IT, Advanced manufacturing, LiDAR Product, Software, and Customer teams to ensure business outcomes are met on-time, on budget, in a safe secure manner
- Work closely with Product & Software Perception teams as the primary security advisor and embedded security subject matter expert on all product and project teams
- Support internal & external audits as a subject matter expert
- Manage cybersecurity tasks and timing in overall project management plan
- Manage the development of processes and work product content according to ISO/SAE 21434, including Item Definition, Cybersecurity Plan, TARA, Cybersecurity Concept, System, HW and SW Vulnerability Analyses,…
- Manage third-party contractors developing and converting existing work products
- Support development of cybersecurity concept specifications and the implementation of embedded system risk treatments, including secure boot, secure flash and secure communications (using message authentication codes)
- Partner with Legal and Supply Chain teams to develop, implement, and maintain a world-class supply chain security & resilience program for our core LiDAR & Perception product lines
- Ensure compliance to secure coding standards
- Support the planning and implementation of cybersecurity risk treatments in manufacturing and production, including strategy for key management as well as analyzing network security and other IT risk treatments via a manufacturing TARA
- Support meetings and communication on cybersecurity content with customers
- Work as part of a cross-functional team with other customer program members and roles to complete work products and implement cybersecurity risk treatments
Required Skills and Qualifications
- Bachelor’s of Science degree in Computer Science, Electrical Engineering, Cybersecurity, Systems Engineering, or a related field (or documented relevant work experience)
- 10+ years of managerial experience and documented technical proficiency in product security or a combination of general cybersecurity experience and hands-on technical experience with products in technology, automotive, or manufacturing sectors
- Deep knowledge and proven technical proficiency in international standards and critical security technologies, to include: ISO/SAE 21434 & 2700X, NIST, cryptography, hardware- software interface security, ZeroTrust design & frameworks, product security risks and risk treatments
- Deep domain expertise in implementation of basic product security risk treatments, including secure boot, secure flash, secure communications, including SecOC or MACSec
- Experience with agile engineering processes
- Deep system and software expertise and documented technical proficiency with product security & cybersecurity at a management and engineering level
- Experience with other quality processes (ASPICE, ISO 26262, AUTOSAR)
- Experience with agile engineering processes
- Excellent interpersonal, verbal and written communication skills and ability to motivate others, drive collaboration, and quickly resolve conflicts
- Enjoy working within a dynamic and continuously evolving environment
- Strong problem-solving and troubleshooting skills, with the ability to diagnose and resolve complex technical issues
- Ability & willingness to work in a 24/7 on-call capacity in emergencies across global time zones
- Highly self-motivated and directed with attention to detail
- Native-level professional English fluency required, additional language ability a plus
- Valid passport with no restrictions on business travel to Luminar’s areas of operation
- Travel up to 10% (according to relevant national and international COVID-19 safety guidelines)
Preferred Qualifications
- 7+ years of general automotive engineering experience
- Experience with cryptographic key management in a production environment
- Experience with sensors and perception
- Experience with trust anchors, e.g., Hardware Security Modules from multiple semiconductor vendors
- Experience working with semiconductor and software suppliers on cybersecurity requirements
- Experience working with cybersecurity service providers and contractors
- Extensive experience in C++ for safety-critical applications; prefer ADAS or highly autonomous vehicle software experience.
- Strong software engineering experience in vehicle safety critical embedded systems,
- Demonstrated experience in embedded software testing as it pertains to automotive safety-critical software.
- Experience in structural coverage of code - static and dynamic analysis .
- Show out-of-box thinking and invent creative solutions for challenging problems.