Dana Incorporated
Location
Novi, MI | United States
Job description
Dana is a global leader in the supply of highly engineered driveline, sealing, and thermal-management technologies that improve the efficiency and performance of vehicles with both conventional and alternative-energy powertrains. Serving three primary markets – passenger vehicle, commercial truck, and off-highway equipment – Dana provides the world's original-equipment manufacturers and the aftermarket with local product and service support through a network of nearly 100 engineering, manufacturing, and distribution facilities.
We are seeking a dedicated and proactive Product Cybersecurity Incident Response Leader to join our team. This role is crucial in leading the investigation of Product Cybersecurity Incidents and responding to cybersecurity vulnerabilities and incidents. This role interacts closely with the product cybersecurity intelligence leader, the cybersecurity teams across Dana, and other relevant organizations in Dana, such as Legal, Communications, IT, Manufacturing, Sales, leadership team, etc. This role will serve as a trusted advisor to the Global Head of Product Cybersecurity and contribute to future strategy development.
• Develop and maturate incident response plan for product cybersecurity
• Develop and continuously improve incident response processes
• Institutionalize product cybersecurity incident response framework in Dana
• Lead the execution of product cybersecurity incident response plan
• Ensure swift and effective action in the event of a cybersecurity incident
• Perform tabletop exercise within Dana on a regular basis
• Support product cybersecurity intelligence lead on analyzing vulnerabilities
• Work with IT Security team to coordinate and collaborate on IT/OT/Product security incident response
• Work with cross-functional teams (such as IT, engineering, legal, communications, manufacturing, functional safety, sales, etc.) within data to respond to the incident
• Provide timely update and report to senior leadership during throughout an incident and make recommendation on incident treatment decisions
• Work with Corp Communications team on how to address public and customer
• Patriciate in Auto-ISAC and adopt industry incident response best practices
• Conduct post-incident analysis to identify areas for improvement and prevent future incidents
EDUCATION AND QUALIFICATIONS
• Bachelor’s degree in Computer Science, Computer Engineering, Electrical Engineering, Information Technology, or a related field.
• Industry certifications such as ISO/SAE 21434, CISSP preferred
• 7+ years of combined experience in cybersecurity incident response, intelligence analysis, vulnerability analysis, threat analysis and risk assessment (TARA), automotive systems and components
• Work experience in automotive cybersecurity highly desired
• Experience in working with cross-functional team, influencing, negotiating with, and gaining buy-in from others, including senior leadership
• Knowledge of cybersecurity standards and regulations such as ISO/SAE 21434, TISAX, ISO 27001, UNR 155/156, NIST Cybersecurity Framework preferred
• Strong analytical skills and attention to detail
• Strong communication skills, both oral and written, at all levels
• Able to effectively interface with other disciplines in the organization to achieve results
• Strong interpersonal skills
SKILLS AND COMPETENCIES
• Willingness to create order from ambiguity
• Creative problem solver
• Highly resourceful and efficient
• Ability to work within tight design constraints
• Flexibility in assisting where needed, when needed technically
• Able to make decisions independently with appropriate level of consultation/communication.
• Commitment to the highest standards of ethical behavior in self and others
• Commitment to inclusion and diversity
We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class.
Unsolicited Resumes from Third-Party Recruiters
Please note that as per Dana policy, we do not accept unsolicited resumes from third-party recruiters unless such recruiters were engaged to provide candidates for a specified opening. Any employment agency, person or entity that submits an unsolicited resume does so with the understanding that Dana will have the right to hire that applicant at its discretion without any fee owed to the submitting employment agency, person or entity.
Job tags
Salary
