Application Security Engineer

Mountain View, CA, United States

Mountain View, California, United States Applied Intuition Applied Intuition provides an ADAS and autonomous vehicle (AV) simulation and validation platform for automotive, trucking, construction, and more. View company page

Applied Intuition is a Tier 1 vehicle software supplier that accelerates the adoption of safe and intelligent machines worldwide. Founded in 2017, Applied Intuition delivers the definitive ADAS/AD toolchain and a world-class vehicle platform to help customers shorten time to market, build industry-leading products, and create next-generation consumer experiences. 18 of the top 20 global automakers trust Applied Intuition’s solutions to drive the production of modern vehicles. Applied Intuition serves the automotive, trucking, construction, mining, agriculture, and defense industries and is headquartered in Mountain View, CA, with offices in Ann Arbor and Detroit, MI, Washington, D.C., Munich, Stockholm, Seoul, and Tokyo. Learn more at https://appliedintuition.com .

Please note that we are an in-office company, which means the expectation is that you would come in to your Applied Intuition office 5 days a week.

About the role Applied is looking for a multifaceted Product Security Engineer who can play a crucial role in ensuring the security and integrity of our products, particularly focusing on Over-The-Air (OTA) updates, remote command execution, key provisioning, and certificate management. You will collaborate closely with cross-functional teams to design, implement, and maintain security measures that protect our applications and devices from vulnerabilities and unauthorized access.

At Applied Intuition, you will: Drive the implementation of new security features such as remote command signing, secured Over-The-Air (OTA) updates, key provisioning, and certificate provisioning to bolster the security of our automotive systems

Collaborate with development teams to architect and review the implementation of security features in automotive applications and backend systems, ensuring adherence to best practices

Assist in triaging vulnerabilities reported by various sources, including internal security assessments, external researchers, and bug bounty programs, to prioritize remediation efforts effectively

Conduct thorough assessments of third-party vendors and suppliers to evaluate their security posture and ensure the integrity of software components integrated into our automotive systems

Provide guidance and support to cross-functional teams during the development lifecycle, offering expertise in security considerations and best practices

We're looking for someone who has: 5+ years of experience in product or cybersecurity security engineering role

Demonstrated experience in product security engineering with a focus on application and backend security, preferably in the automotive industry

Strong architectural review skills with the ability to provide guidance and review development efforts across different teams

Ability to conduct thorough vendor security assessments to ensure the integrity of third-party software components

Excellent communication and collaboration skills to effectively engage with internal teams and external stakeholders

MS/BS degree in Computer Science, Engineering or equivalent

Nice to have: Strong understanding of cryptographic principles, protocols, and algorithms

Passion for automotive technology and a commitment to advancing automotive cybersecurity

Knowledge of vehicle diagnostics protocols (e.g., OBD-II, UDS) and Over-The-Air (OTA) update mechanisms used in automotive embedded systems, including security considerations for remote software updates and maintenance

The salary range for this position is $150,000 - $220,000 USD annually. This salary range is an estimate, and the actual salary may vary based on the Company's compensation practices.

Don’t meet every single requirement? If you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right candidate for this or other roles.

Applicants will be required to be fully vaccinated against COVID-19 upon commencing employment. Reasonable accommodations will be considered on a case-by-case basis for exemptions to this requirement in accordance with applicable federal and state law. Applicants should be aware that for external-facing roles that involve close contact with Company employees or other third parties on the Company's premises, accommodations that involve remaining unvaccinated against COVID-19 may not be deemed reasonable. The Company will engage in the interactive process on an individualized basis taking into account the particular position.

Applied Intuition is an equal opportunity employer and federal contractor or subcontractor. Consequently, the parties agree that, as applicable, they will abide by the requirements of 41 CFR 60-1.4(a), 41 CFR 60-300.5(a) and 41 CFR 60-741.5(a) and that these laws are incorporated herein by reference. These regulations prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities, and prohibit discrimination against all individuals based on their race, color, religion, sex, sexual orientation, gender identity or national origin. These regulations require that covered prime contractors and subcontractors take affirmative action to employ and advance in employment individuals without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status or disability. The parties also agree that, as applicable, they will abide by the requirements of Executive Order 13496 (29 CFR Part 471, Appendix A to Subpart A), relating to the notice of employee rights under federal labor laws.

Explore more InfoSec / Cybersecurity career opportunities Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.

#J-18808-Ljbffr