Senior Security Engineer, DevSecOps

Who We Are Sibros unites data, software management, and remote commands to power future mobility. Established in 2018 by automotive industry veterans, Sibros enables mobility companies to get more data out of embedded connectivity. Our Deep Connected Platform is a vehicle-to-cloud system combining smart OTA updates, flexible data logging, and remote commands allowing automakers to have unparalleled control, visibility, and governance over software and data across global fleets throughout the product life cycle, from day zero to product decommissioning. Sibros is proud to work with the mobility industry’s most trusted and innovative brands including Bajaj Automotive, e.GO and Volta Trucks. We’re a global organization with our headquarters in the Silicon Valley and offices in Folsom, California; Pune, India; Munich, Germany; and Paris, France. The shift in mobility from hardware-centric design to software-defined vehicles is the next revolution for passengers, pedestrians, and automakers to create a safe, secure, and reliable experience. Sibros’ vision for powering the connected vehicle ecosystem helps mobility companies move better. Our Mission To innovate remarkable connected mobility technologies that give our customers unmatched value and are essential to how people and goods move from point A to point B. Our goal is to make it simple for the world’s trailblazing OEMs to develop at speed and at scale securely keeping the roads and drivers safe. The technology we are building ushers a transformation for our customers by offering them a solution for connected systems so that they can focus on their forté: creating beautiful, safe, and useful vehicles for all. About the Role Assist in defining security roadmap for all our products Deep Updater, Deep Logger, and Command manager, and deliver security product spec that includes requirements, design specifications and test plans for the software, and build integration teams. Support the Threat Analysis and Risk Assessment (TARA) for the Software / Cloud team Deploy controls within CI/CD pipelines for SAST, DAST and Third Party library analysis for Secrets scanning, Perform, review and prioritize remediation of vulnerabilities in the Cloud environment including Infrastructure, third party libraries Analyze cybersecurity attack entry points and evaluate risk versus impact, and then work with the software team to implement cybersecurity requirements as well as evaluate test and software analysis reports. Perform competitive analysis and maintain knowledge of emerging security technologies in both the automotive and consumer electronics field. Minimum Qualifications 5+ years of relevant experience, technical cybersecurity expertise, and knowledge. Experience designing secure networks, systems, and application architectures. Experience planning and developing security procedures, and standards aligned with Agile frameworks and CI/CD pipelines including Gitlab, ArgoCD and Cloud computing environments such as GCP and AWS Broad comparative understanding of operating systems, networking technologies, and specific implementations - especially from a computer security perspective. Knowledge of public key infrastructure (PKI) in medium to large environments to include key management, digital certificates, and digital signatures, across server and device certificates Knowledge of managing and maintaining encryption cipher suites and impacts of different certificate standards Understanding of knowledge of CIS Benchmarks for Cloud providers, container technologies and key services. Familiarity with standards like ISO 27001, SSAE 16 / 18 SOC 2, ISO 21434 and Uptane framework Experience working with Cloud Posture Assessments, Container Security Experience with penetration testing and penetration tools. Equal Employment Opportunity Sibros is committed to a policy of equal employment opportunity. We recruit, employ, train, compensate, and promote without regard to race, color, age, sex, ancestry, marital status, religion, national origin, disability, sexual orientation, veteran status, present or past history of mental disability, genetic information or any other classification protected by state or federal law. Privacy  At Sibros, we value your privacy and understand the importance of safeguarding your personal information. In order to effectively track candidates for current and future opportunities, we collect and securely store your personal data. The information you provide during the application process will be kept confidential and used solely for recruitment purposes. To ensure the highest level of privacy protection, we utilize third-party service providers for data management but never share your information for any other purpose outside of recruitment. Should you need to access, update, or delete your candidate profile information, our dedicated team is available to assist you. Please contact us at  privacy@sibros.tech  for any questions or requests. To learn more about our commitment to data privacy, including compliance with GDPR and CCPA regulations, please visit our website at sibros.tech/privacy-policy