Overview
We’re on the lookout for a
Sr. Cybersecurity Program Manager. We are looking for a self-motivated individual with a passion for cybersecurity. Somebody who will proactively advocate with stakeholders across engineering and manufacturing to ensure security throughout the system development lifecycle.
As a
Senior Cybersecurity Program Manager with a broad scope of work spanning embedded vehicle cybersecurity, supplier risk management, penetration testing, manufacturing, and cloud environments, your responsibilities would include:
Responsibilities
- Embedded Vehicle Cybersecurity:
- Develop and implement strategies to secure the embedded systems within vehicles, including ECUs (Electronic Control Units), infotainment systems, and communication networks
- Collaborate with engineering teams to ensure secure coding practices, threat modeling, and vulnerability assessments for automotive software
- Oversee secure boot processes, cryptographic key management, and secure communication protocols
- Supplier Risk Management:
- Evaluate and manage cybersecurity risks associated with third-party suppliers and partners
- Define security requirements for suppliers, conduct audits, and assess their security practices
- Establish processes for continuous monitoring of supplier security performance
- Penetration Testing:
- Coordinate and oversee penetration testing activities for automotive systems
- Engage with external security firms to conduct thorough assessments of vehicle components, identifying vulnerabilities and weaknesses
- Translate findings into actionable remediation plans
- Manufacturing Security:
- Implement security controls in manufacturing processes to prevent tampering, counterfeiting, or unauthorized modifications
- Ensure secure supply chain practices, including secure firmware updates during production
- Collaborate with manufacturing teams to maintain the integrity of hardware components
- Cloud Environments:
- Define and enforce security policies for cloud-based services used in automotive applications
- Address cloud-specific risks related to data storage, access controls, and authentication
- Monitor cloud infrastructure for anomalies and respond to incidents promptly
- Cross-Functional Collaboration:
- Work closely with product managers, engineers, legal teams, and executives to align cybersecurity goals with business objectives
- Communicate risks and security posture effectively to stakeholders
- Drive a culture of security awareness and compliance across the organization
This role requires a blend of technical expertise, strategic thinking, and effective communication to safeguard automotive systems in an ever-evolving threat landscape. This position works cross-functionally with engineering, IT, service and manufacturing to ensure lifecycle end-to-end cybersecurity. This position reports to the Director of Vehicle Cybersecurity.
Qualifications
- Bachelor’s degree in Computer Science, Information Security, or related field
- Minimum of 8 years of experience in cybersecurity, with a focus on automotive security
- Proven track record of managing complex cybersecurity programs
- Strong knowledge of ISO21434 Cybersecurity Management System
- Excellent communication and leadership skills
- The ability to work well in a team environment and collaborate effectively with other cross-functional professionals
- Certifications such as CISSP, CISM, or CEH
- Experience working with automotive OEMs or Tier 1 suppliers
Candidates must have current U.S. work authorization or be TN eligible from Mexico or Canada. This position is not eligible for CPT or OPT.
EEO Statement
Nikola Corporation™ is committed to a policy of equal employment opportunity. We recruit, employ, train, compensate, and promote without regard to race, color, age, sex, ancestry, marital status, religion, national origin, physical or mental disability, sexual orientation, gender identity, medical condition, pregnancy, veteran status, genetic information or any other classification protected by state or federal law.