Head of Automotive Cyber Security
Bose - bloomfield hills, MI
Apply NowJob Description
Job Description About Bose You know the moment. It's the first notes of that song you love, the intro to your favorite movie, or simply the sound of someone you love saying "hello". It's in these moments that sound matters most. At Bose, we believe sound is the most powerful force on earth. We've dedicated ourselves to improving it for nearly 60 years. And we're passionate down to our bones about making whatever you're listening to a little more magical. About the Job Product, data, and intellectual property security are a fundamental need within the automotive industry. It's a broad topic that reaches into every part of the organization. Within the Bose Automotive Systems Division, we are searching for a Head of Automotive Cyber Security that will lead our ongoing adoption and implementation of cybersecurity measures and will coordinate this effort across the global enterprise. This role serves as the primary point of contact between our management and customer teams, Bose's Information Security and Technology Services teams, and our customers to drive and be the communication link on all cyber security activities. Responsibilities include: Overall ownership of ASD security maturity roadmap. Lead ASD Cyber Security change management as the Automotive industry evolves and as ASD adopts new industry certifications and vehicle methods (autonomy, electrification, up integrated, connected, shared). ASD subject matter expert in understanding OEM RFQ Cyber Security requirements and considerations - including security policies, standards, product security work products, and guidance provided by GIS to product engineering organizations for adoption. Assess new requirements against our industry standards to determine if requirements are covered by our adopted industry standards or need either remediation or negotiating requirements exceptions. Communicate with Customer Teams and, upon request, Customers on ASD's response to Customer requests and requirements. Act as primary point of contact between Global Information Security (GIS) / Product Security Engineering, for the purposes of communication of security policies, standards, processes and guidance from GIS on newly identified security threats and vulnerabilities, and security industry news that may impact the development community, and the product engineering organization(s) they represent. Notify GIS through the appropriate process(es) of any event or situation which impacts the security of a Bose product, service offering, or engineering organization. Notify GIS through the appropriate process(es) of new programs or significant changes in existing programs (so GIS may take appropriate action such as re-assignment of resources). Provide security expertise and guidance to product engineering teams during investigation of a vulnerability or incident. Act as the primary input liaison for new Cyber Security and Data Protection Customer requirements. Attend security-specific conferences and training seminars as necessary and complete any required security training to meet programs goals and objectives; a Champion is encouraged to complete any recommended training offerings. Respond within defined Service Level Objectives (SLOs) to requests for information to vulnerability reports or security incident reports from GIS under the Product Security Vulnerability Response / Corporate Incident Response processes. Ensure that the regular cadence of Cyber Security deliverables (policy reviews, audits, assessments, other regularly occurring deliverables) are adhered to across the ASD enterprise. Facilitate all ASD Cyber training across all ASD employees and geographies. Ensure that required compliance is achieved by all employees, through tracking and reporting through GBS/Global Campus/Windchill and other tools or methodologies. About You Bachelor
Created: 2024-11-05