CE
Cybersecurity Validation
Accepting applicationsCapgemini Engineering · Bengaluru, Karnataka, India
Full-Time Mid_senior CybersecurityECUAutomotiveCryptographySecure Boot
Posted
1d ago
Category
Verification
Experience
Mid_senior
Country
India
JOB Description: Cybersecurity Validation
Responsibilities
The engineer defines the cybersecurity verification and validation strategy for ECUs covering all integrated cybersecurity functions, in collaboration with stakeholders and considering the required external environment:
Reviews requirements with cybersecurity architects to assess their testability
Adapts the generic validation plan to the specific context of each project, including the allocation of verification/validation activities between internal teams
Specifies the tests to be performed
Defines the required tools and environments (HIL – Hardware-In-the-Loop, Electronic Integration Platform (EIP/PIE), test software to be developed, etc.) and ensures their representativeness (while prioritizing reuse of existing test resources from teams responsible for other ECU functionalities)
Defines verification/validation campaigns per test environment
Leads the resolution of anomalies detected during verification/validation across multiple Programs
Skills expected:
To analyze PVAL & nomination compliance matrices and verify requirement-test applicability.
ECU diagnostics (UDS), session control, and NRC codes for test validation.
Log review and result validation to ensure correct test execution.
Traceability between requirements, tests, and results
ECU cybersecurity validation, especially diagnostic security (UDS), secure sessions, and access control.
SoC/MAC security concepts (communication security, authentication, message integrity).
Cybersecurity testing methods, including penetration testing, vulnerability analysis, and log validation.
Strong knowledge of ethical hacking, penetration testing methodologies, and tools (Kali Linux, Metasploit, Wireshark, Burp Suite).
Deep understanding of automotive protocols (CAN, UDS, SOME/IP, DoIP,Ethernet) and ECU behavior.
Expertise in vulnerability analysis, exploit techniques, and threat modeling (TARA context).
Good understanding of security mechanisms (encryption, authentication, secure boot, key management).
Ability to analyze logs, traffic, and system responses and clearly report findings with remediation guidance.
Show more Show less
Responsibilities
The engineer defines the cybersecurity verification and validation strategy for ECUs covering all integrated cybersecurity functions, in collaboration with stakeholders and considering the required external environment:
Reviews requirements with cybersecurity architects to assess their testability
Adapts the generic validation plan to the specific context of each project, including the allocation of verification/validation activities between internal teams
Specifies the tests to be performed
Defines the required tools and environments (HIL – Hardware-In-the-Loop, Electronic Integration Platform (EIP/PIE), test software to be developed, etc.) and ensures their representativeness (while prioritizing reuse of existing test resources from teams responsible for other ECU functionalities)
Defines verification/validation campaigns per test environment
Leads the resolution of anomalies detected during verification/validation across multiple Programs
Skills expected:
To analyze PVAL & nomination compliance matrices and verify requirement-test applicability.
ECU diagnostics (UDS), session control, and NRC codes for test validation.
Log review and result validation to ensure correct test execution.
Traceability between requirements, tests, and results
ECU cybersecurity validation, especially diagnostic security (UDS), secure sessions, and access control.
SoC/MAC security concepts (communication security, authentication, message integrity).
Cybersecurity testing methods, including penetration testing, vulnerability analysis, and log validation.
Strong knowledge of ethical hacking, penetration testing methodologies, and tools (Kali Linux, Metasploit, Wireshark, Burp Suite).
Deep understanding of automotive protocols (CAN, UDS, SOME/IP, DoIP,Ethernet) and ECU behavior.
Expertise in vulnerability analysis, exploit techniques, and threat modeling (TARA context).
Good understanding of security mechanisms (encryption, authentication, secure boot, key management).
Ability to analyze logs, traffic, and system responses and clearly report findings with remediation guidance.
Show more Show less