QNX - Cybersecurity Specialist

QNX is seeking a Cybersecurity Specialist to join its growing Product Security Operations team. The role involves providing cybersecurity guidance to development teams, maintaining the QNX Cybersecurity Management System, and conducting vulnerability analysis. Key responsibilities include driving Threat Analysis and Risk Assessment (TARA) activities, reviewing project documentation, and assisting with security testing. The specialist will also work on identifying compliance gaps and automating security processes, contributing to the safety and security of critical embedded systems.

Must Have

• Provide Cybersecurity guidance and support to development teams
• Comply with ISO/SAE 21434
• Carry-out, uphold and improve the QNX Cybersecurity Management System
• Undertake research projects or in-depth vulnerability analysis
• Review project documentation for cybersecurity requirements
• Provide product security support to internal and external stakeholders
• Drive, contribute and coordinate Threat Analysis and Risk Assessment (TARA) activities
• Assess software defects for impacts to security
• Perform reviews and verification of ISO 21434 work products
• Assist and advise development teams on security testing activities
• Identify standards compliance gaps and implement process improvements
• Automate process activities, fuzz testing, scanning and reporting
• Knowledge of ISO/SAE 21434
• C/C++ and Python programming skills
• Knowledge of embedded systems

Good to Have

• Exposure to ASPICE and ISO26262
• Exposure to EU CRA, IEC 62443, ETSI 303 and other cybersecurity regulations or standards
• Experience working within product security and custom engineering teams
• Experience with product certifications and audits
• Experience working directly with customers
• Excellent communication skills
• Ability to work with a high level of autonomy

QNX® is a trusted supplier of safe and secure operating systems, hypervisors, frameworks and development tools, and provides expert support and services for building the world’s most critical embedded systems. We are the embedded experts. QNX was born in embedded, and provides time-tested and trusted foundation software, including our deterministic microkernel real-time operating system (RTOS), safety-certified products, middleware and security solutions, all purpose-built for embedded systems.

BlackBerry QNX software is trusted by more than 68% of the Electric Vehicle market by volume, 24 of the top 25 EV manufacturers and is running in 255 million vehicles globally. Our foundation products have been pre-certified to ISO 26262 ASIL D and we offer a broad range of board support packages, professional services, AUTOSAR adaptive support and middleware solutions – from acoustic management, to digital cockpits to advanced driving assistance (ADAS) - to accelerate development and help OEMs meet Start of Production (SOP) dates.

Are you the person we are looking for?

The BlackBerry QNX product Security Operations team is growing. We’re looking for talented individuals with an interest in cybersecurity and advanced embedded technology.

You will have:

• Provide Cybersecurity guidance and support to development teams in the generation of work products to comply with ISO/SAE 21434
• Carry-out, uphold and improve the QNX Cybersecurity Management System
• Undertake research projects or in-depth vulnerability analysis
• Review project documentation, suggest changes based on cybersecurity requirements and best practices
• Provide product security support to internal and external stakeholders
• Drive, contribute and coordinate Threat Analysis and Risk Assessment (TARA) activities in accordance with ISO 21434
• Work with development teams to assess software defects for impacts to security
• Perform reviews and verification of ISO 21434 work products
• Assist and advise development teams on security testing activities
• Continually identify standards compliance gaps and implement process improvements
• Automating things - process activities, fuzz testing, scanning and reporting, etc

You will have the following technical skills:

• knowledge of ISO/SAE 21434
• Exposure to ASPICE and ISO26262
• Exposure to EU CRA, IEC 62443, ETSI 303 and other cybersecurity regulations or standards
• Experience working within a product security and custom engineering teams
• Experience with product certifications and audits
• Experience working directly with customers
• Excellent communication skills
• Must be able to work with a high level of autonomy
• C/C++ and Python and knowledge of embedded systems

Your work will affect millions of users and be essential to the success of QNX. Imagine what you could do at QNX!

#LI-KH1

Scheduled Weekly Hours:

40