Certified Information Systems Security Manager (CISSP) na HELLA GmbH & Co. KGaA

Certified Information Systems Security Manager (CISSP)

FORVIA HELLA is a listed, international automotive supplier. Coming together with Faurecia in the FORVIA Group, we build the world's seventh largest supplier of automotive technologies. As a global market leader in high-growth areas, FORVIA employs 157,000 people worldwide. FORVIA HELLA therein stands for high-performance lighting technology and automotive electronics. At the same time, we cover a broad service and product portfolio for the spare parts and workshop business as well as for manufacturers of special vehicles with our Business Group Lifecycle Solutions. With around 37,500 employees at over 125 locations, the Company is active worldwide and generated adjusted sales of € 8.1 billion on a preliminary basis in the fiscal year 2023.

YOUR TASKS

We are seeking Certified Information Systems Security Professional (CISSP) candidates to join our team at Pune.

Major Tasks
Lead and manage product cyber security in high-complexity development projects from acquisition to start of production (SOP) in compliance with ISO/SAE 21434 or UNECE R-155 standards.
Ensure the integration of security requirements into the product lifecycle.

Planning & Development:
Develop and implement comprehensive security activities, including threat modeling, security requirements definition, and secure design practices.
Evaluate development efforts to ensure adherence to security standards and best practices.

Evaluation & Approval:
Review and approve security concepts, architectures, and strategies throughout the development phases.
Conduct security reviews and audits to ensure compliance with security policies and standards.

QCT Targets:
Achieve Quality, Cost, and Time (QCT) targets related to cyber security work products, ensuring efficient and effective security implementations.
Tasks / Areas of Responsibility:

Planning & Guidance:
Independently plan and execute necessary cyber security activities, providing technical guidance and mentorship to colleagues.
Develop and maintain security documentation, including security plans, risk assessments, and test reports.

Risk Analysis:
Perform detailed risk analysis of product scope, identifying and mitigating cyber security risks based on known vulnerabilities and threat intelligence.
Utilize tools and methodologies such as STRIDE, DREAD, and CVSS for risk assessment.

Coordination:
Define and implement a holistic product cyber security concept, ensuring alignment with overall product strategy.
Coordinate with customers, suppliers, and subcontractors to ensure security requirements are met.
Report security status to customers and gather necessary information from subcontractors.

Support:
Assist the development team in selecting and integrating security-compliant technologies and cryptographic procedures.
Provide technical support for security-related issues and incidents.

Verification Methods:
Define and implement verification methods such as fuzzing, vulnerability scanning, penetration testing, and static/dynamic code analysis.
Develop and execute security test plans to validate the effectiveness of security controls.

Assessments & Training:
Prepare and conduct cyber security assessments, including security audits, penetration tests, and compliance checks.
Implement training measures to enhance the security awareness and skills of the development team.

Communication:
Facilitate communication within the global HELLA cyber security network to share knowledge, improve processes, and promote best practices.
Represent the organization in external security forums and working groups.

CISSP certificate is Mandatory 

Bachelor's degree BE /B. Tech/ M.E/ M. Tech in Electronics/Electronics & Communication/Industrial Electronics

ISO-21434 certification OR working experience

Location - Hinjewadi Phase - 1. // Hybrid Working.

HELLA India Automotive Pvt Ltd.
Rimsha Shaikh