Cybersecurity Product Expert / ISO 21434

CS Group Canada, a subsidiary of CS Group (part of the Sopra Steria Group), is a leader in the development and certification of safety-critical systems in the aerospace, electric, and autonomous driving industries.

Joining CS Group Canada means taking part in complex, high-tech projects for some of the most prestigious system manufacturers in North America, while benefiting from competitive salaries, comprehensive benefits, and flexible work arrangements.

As a Cybersecurity Engineer – Automotive Product, you will play a central role in ensuring the security and compliance of our vehicle systems and ECU architectures. Your responsibilities include:

• Perform a comprehensive risk assessment of the current system architecture and vehicle-level functions by applying the TARA methodology using Medini Analyze (ANSYS).
• Identify critical assets, potential attack vectors, threat scenarios, and evaluate associated risks at both ECU and vehicle levels.
• Derive Cybersecurity Goals and Cybersecurity Requirements from the TARA results and ensure traceability throughout the product development lifecycle.
• Contribute to the Cybersecurity Concept (CSC) and ensure alignment with ISO/SAE 21434 and regulatory requirements (e.g., UNECE R155/R156).
• Collaborate with system, software, and hardware engineering teams to integrate recommended security measures (cryptography, secure boot, secure communication, key management).
• Support validation activities for cybersecurity controls and participate in audits, reviews, and documentation of findings.

• Bachelor’s or Master’s degree in Software, Electrical, Computer, or Automotive Engineering or a related field.
• 3–10 years of experience in automotive cybersecurity or embedded systems cybersecurity, with hands-on experience in TARA and ISO/SAE 21434 processes.
• Strong knowledge of Medini Analyze (ANSYS) for threat and risk assessments.
• Solid understanding of vehicle and ECU architectures, communication protocols (CAN, CAN-FD, Automotive Ethernet, SOME/IP, UDS), and embedded security mechanisms (secure boot, cryptography, key management, secure communication).
• Proven ability to define Cybersecurity Goals and Requirements and ensure traceability through the development lifecycle.
• Excellent analytical, problem-solving, and documentation skills.
• Ability to work collaboratively with multi-disciplinary, multi-site engineering teams.

Preferred / Asset Qualifications:

• Experience with ADAS, autonomous vehicle systems, or safety-critical ECUs.
• Hands-on experience in cybersecurity validation and testing (fuzzing, robustness testing, penetration testing).
• Knowledge of Cybersecurity Case preparation and internal/external audit processes.
• Familiarity with regulatory requirements such as UNECE R155/R156.

Please note that only selected candidates and Permanent Residents/Canadian Citizens will be contacted.

Job Types: Full-time, Permanent

CS Group Canada values ​​diversity in the workplace and encourages women, visible minorities, ethnic minorities, aboriginal people, and people with disabilities to apply.

Benefits:

• Hybrid Work 
• Industry leading medical, dental, and vision Insurance
• Access to a telemedicine service
• RRSP program
• Personal and sick days
• Recreation room with pool table and foosball table

All your information will be kept confidential according to EEO guidelines.