Full-Time

Sr. Product Cybersecurity Engineer

Confirmed live in the last 24 hours

Polaris

Polaris

5,001-10,000 employees

Designs and manufactures powersports vehicles

Automotive & Transportation
Consumer Goods

Senior

Novi, MI, USA + 1 more

More locations: Marine on St Croix, MN, USA

Category
Cybersecurity
IT & Security
Required Skills
Python
Java
C#
JIRA
C/C++
Linux/Unix
Requirements
  • Bachelor’s degree in computer science, computer engineering, software engineering, electrical engineering, IT security or other relevant domains
  • 5+ years of experience in automotive cybersecurity, embedded system security, IoT security, cyber-physical system security, or a combination of these areas
  • Experience with securing wireless communication protocols, e.g., cellular, Wi-Fi, Bluetooth, BLE, satellite communications, RF, etc.
  • Experience with setting up and managing KMS, PKI, CA, certificate/key generation, distribution, storage, renewal, revocation, etc.
  • Experience with conducting threat analysis and risk assessment
  • Experience with developing cybersecurity goals and requirement specifications
  • Experience with designing cybersecurity controls, such as secure boot, secure reprogramming, security access, security gateway, IDS, IPS, security hardening, etc.
  • Experience with SELinux, App Armor, Hypervisor, TEE, HSM, etc.
  • A self-starter with minimum supervision
  • Excellent written and verbal communication skills
  • Advanced degree in cybersecurity (preferred)
  • 10+ years of experience in automotive product cybersecurity (preferred)
  • Experience with symmetric and asymmetric cryptography, digital signature, hash, message authentication, encryption, key exchange (preferred)
  • Experience with developing telematics, infotainment, or other connected ECUs (preferred)
  • Experience with implementing and executing ISO/SAE 21434 processes (preferred)
  • Understanding of cybersecurity regulations, standards and best practices, e.g., UNR 155, CRA, Radio Equipment Directive, Machinery Regulation, ISO/SAE 21434, NIST/NHTSA/Auto-ISAC best practices, etc. (preferred)
  • Experience with CAN, CAN-FD, J1939, Ethernet, USB, SPI, UART, JTAG, etc. (preferred)
  • Understanding of embedded RTOS and Linux based operating systems (preferred)
  • Experience with reporting, managing, and closing security issues in tools such as Jira (preferred)
  • Experience with at least one modern software programming language (C, C++, C#, Python, Java, etc.) (preferred)
Responsibilities
  • Support the Chief Cybersecurity Engineer in developing, communicating, and implementing Polaris’ enterprise-wide product cybersecurity strategy & roadmap
  • Provide guidance to stakeholders (product owners, development teams, system engineers) on security concerns and recommended controls
  • Execute threat analysis and risk assessment (TARA) on vehicle, feature, system and component levels and mitigate identified risks by defining appropriate cybersecurity controls to the risks
  • Develop, refine, and review cybersecurity requirements and gain approval from Chief Cybersecurity Engineer
  • Perform design reviews over internal and external cybersecurity solutions and mitigate cybersecurity weaknesses or vulnerabilities throughout of product life cycle
  • Define in-vehicle cybersecurity architectures, develop cybersecurity controls, e.g., secure boot, secure reprogramming, security access, IDS/IPS, etc. and secure vehicle to back-office communication interfaces
  • Manage and provide guidance on key management system and internal use of PKI, support supplier usage of Polaris PKI system, collaborate with the KMS vendor to resolve issues quickly
  • Collaborate with Ride Commend team to ensure a robust overall connected ecosystem cybersecurity from a product, app, web, and cloud standpoint
  • Support triage and prioritization of vulnerabilities identified during verification and validation phases, e.g., static code analysis, OSS vulnerability scanning, fuzz testing, penetration testing
  • Support institutionalization of ISO/SAE 21434 processes across Polaris and produce ISO/SAE 21434 compliant work products
  • Support regulatory compliance such as UNR 155, CRA, Radio Equipment Directive
  • Support supply chain integrity and security initiatives to secure Polaris’ supply chain, e.g., HBOM, SBOM, etc.
  • Promote cybersecurity culture by providing cybersecurity training to team members on a regular basis
  • Support internal and external connected device penetration testing execution
  • Support cybersecurity validation engineer in root cause analysis
  • Participate in and support Auto-ISAC working group
  • Investigate new cybersecurity technologies and recommend appropriate technologies to adopt in vehicles
  • Analyze connected vehicles related cybersecurity intelligence and share with broader team
  • Adopt product cybersecurity industry best practices for continuous improvement

Polaris designs and manufactures a variety of outdoor recreational and work-related vehicles, including all-terrain vehicles (ATVs), side-by-sides, snowmobiles, motorcycles, and boats. Their products are built to enhance outdoor experiences for both leisure and utility, catering to outdoor enthusiasts and professionals alike. Polaris vehicles are known for their high performance, reliability, and customization options, setting them apart from competitors in the powersports market. The company operates a multifaceted business model that includes direct sales, a dealer network, and a subscription service called Polaris Adventures, which allows customers to rent vehicles on a monthly basis. Polaris aims to continuously innovate while ensuring that its growth benefits both the community and the environment.

Company Stage

IPO

Total Funding

$680.9K

Headquarters

Medina, Ohio

Founded

N/A

Simplify Jobs

Simplify's Take

What believers are saying

  • Polaris' continuous innovation and product upgrades, such as the 2025 RZR Pro lineup, ensure employees are part of a forward-thinking and dynamic company.
  • The company's robust dealer network and global reach provide ample opportunities for career growth and international experience.
  • Polaris' involvement in high-profile events like the Dakar Rally and Camp RZR offers employees unique and exciting professional experiences.

What critics are saying

  • The highly competitive powersports market requires Polaris to consistently innovate to maintain its market position.
  • Economic downturns could impact consumer spending on recreational vehicles, affecting Polaris' sales and profitability.

What makes Polaris unique

  • Polaris stands out by offering a unique subscription service, Polaris Adventures, which allows customers to rent various vehicles on a monthly basis, unlike traditional sales models.
  • The company’s focus on high-performance, customizable vehicles tailored for both leisure and utility purposes sets it apart from competitors who may specialize in only one area.
  • Polaris' strong emphasis on community involvement and sustainability initiatives further differentiates it from other powersports manufacturers.

Help us improve and share your feedback! Did you find this helpful?