Security Validation Engineer (f/m/x)

At BMW Car IT, a wholly owned subsidiary of BMW AG, we live and breathe software. We design and implement embedded software for electronic control units of the BMW cars as well as related tools and frameworks. By delivering software all the way from the idea to the final product we lead BMW into the future of digitalization and mobility.

The infotainment system, with its many external interfaces (e.g., LTE, WiFi, Bluetooth, USB) and high software complexity, has a large attack surface. We, as automotive security engineers, work passionately to protect our cars from attackers.

We need your help to secure the infotainment system against attacks, no matter if they come over the air or from attackers with physical access to the vehicle.

What awaits you?

• As part of our engineering team, you solve challenging problems to shape the future of automotive security and make BMW products even more secure.
• In your daily work, you design and implement tools and test suites to ensure that the desired security measures are working as expected.
• Your structured approach derives test cases in areas that are not completely covered so far and makes sure that our security shield is a 100% operational for all software releases.
• You work together with our suppliers, support them in developing a structured approach to validating functionality and quality of their deliveries.
• You harden BMW’s common Linux platform for all Infotainment ECUs by developing a common validation strategy that enables BMW to deliver all software versions with a constantly high security level.
• Due to the high complexity of modern connected cars, you can apply your knowledge in hardware security, application security, cryptography, network security, and other security domains.
• You support other teams to analyze potential security issues in a structured way and suggest technological as well as organizational measures to improve the security of our customer features.
• You define and manage penetration tests (and code reviews) performed by the suppliers and external partners.

What you should bring along?

• University degree in Computer Science or a comparable field of study, ideally with a security focus.
• A good understanding of Linux/Android security mechanisms (for example Linux permissions, secure RPC, …).
• Overview of security principles, latest techniques, and operating system features (for example, secure boot, disk encryption, integrity protection, Linux kernel hardening).
• Experience in developing tests and utilities in Python.
• A background in penetration testing is beneficial but not required.
• You enjoy explaining technical ideas and are a strong communicator.
• Business-fluent English is required, German would be an advantage.

You have enthusiasm and passion for IT-Security and software quality? Apply now!

Note: Please apply exclusively online via our career portal. Applications via other channels (esp. e-mail) cannot be considered.

What we offer in Ulm?

• Company car option.
• English speaking teams in an intercultural setting.
• Flexible organization of working times & mobile work arrangements.
• High Work-Life Balance.
• Career development & continuous personal qualification.
• Relocation Services for our new employees.

At the BMW Group, we see diversity and inclusion in all its dimensions as a strength for our teams. Equal opportunities are a particular concern for us, and the equal treatment of applicants and employees is a fundamental principle of our corporate policy. That is why our recruiting decisions are also based on personality, experience and skills.

Find out more about diversity at the BMW Group at bmwgroup.jobs/diversity

Earliest starting date: from now on

Type of employment: unlimited
Working hours: full-time

Option for remote contract within Germany: Yes.

Contact:

Josefine Sattler
BMW Group Recruiting Team
+49 89 382-17001