Sr. Product Cybersecurity Engineer - Governance, Risk & Compliance
Company: Disability Solutions
Location: Novi
Posted on: January 26, 2025
Job Description:
At Polaris Inc., we have fun doing what we love by driving
change and innovation. We empower employees to take on challenging
assignments and roles with an elevated level of responsibility in
our agile working environment. Our people make us who we are, and
we create incredible products and experiences that empower us to
THINK OUTSIDE.ob Summary: Polaris, a global powersports leader,
building world-class connected vehicle solutions for motorcycles
and off-road vehicles, is looking for a Sr. Product Cybersecurity
GRC (Governance, Risk, and Compliance) Engineer. This role is
responsible for assessing and ensuring Polaris's product
cybersecurity compliance to international regulations and
standards, understanding Polaris's product cybersecurity risk
posture, ensuring that we follow industry best practices to perform
risk assessment. This role will stay abreast of cybersecurity
standards, policies, regulatory developments, perform independent
cybersecurity assessment for internal projects and programs,
perform internal process audits and support external audits. This
role will provide guidance and support to cross-functional teams on
cybersecurity governance, risk and compliance. Essential Duties &
Responsibilities:
- Support the Chief Cybersecurity Engineer in developing,
implementing, and executing Polaris' enterprise-wide product
cybersecurity risk management framework to ensure that product
cybersecurity risks are identified, monitored, and remediated
- Lead the adoption, implementation, execution, and
institutionalization of ISO/SAE 21434 standards across business
units in Polaris
- Lead the product cybersecurity compliance to cybersecurity
regulations such as United Nation Regulation 155 cybersecurity type
approval, Cybersecurity Resilience Act, Machinery Regulation, Radio
Equipment Directive, General Data Protection Regulation, etc.
- Review and approve Threat Analysis and Risk Assessment reports,
perform independent project cybersecurity assessments, produce
cybersecurity assessment report
- Guide and support product development teams in creating and
reviewing product compliance work product and evidence
- Evaluate risk and vulnerability management methodologies and
tools, review current strategies and identify gaps, propose
improvements to leadership
- Develop, implement, and update product cybersecurity policies,
processes, and procedures to protect sensitive information and
product cybersecurity
- Perform internal process and project audit, prepare for
external audit, and address non-conformities from audit results
- Manage supply chain cybersecurity risks, work with internal and
external suppliers to compile and collect Hardware/Software Bill of
Materials
- Establish vulnerability management system to manage
vulnerabilities and Open Source Software compliance
- Work collaboratively with various organizations and business
units and their leadership to drive cybersecurity compliance
- Write, communicate and present reports, detailing the
assessment work completed, evidence reviewed, identified risks and
remediation actionsSkills & Knowledge: Minimum Qualifications:
- Bachelor's degree in Computer Science, Computer Engineering,
Electrical Engineering, Software Engineering, System Engineering,
or IT Security, focusing on automotive, product, or embedded
systems cybersecurity, or IT Security GRC is required
- 5+ years of cybersecurity engineering experience with at least
3 years of experience in cybersecurity with a focus on governance,
risk and compliance
- Strong experience with implementing ISO/SAE 21434, TISAX, ISO
27001, UNR 155/156, CRA, MR, RED, GDPR, CCPA regulations and
standards
- Strong knowledge of cybersecurity threat modeling, risk
assessment methodologies, risk management frameworks (e.g., NIST
cybersecurity framework), vulnerability management systems, supply
chain security, SBOM, HBOM
- Experience with conducting TARA
- Knowledge in automotive product cybersecurity best practices
from NIST, NHTSA, Auto-ISAC, ENISA
- Experience with internal audits, managing third party audits,
and gathering evidence for audit response
- Experience in developing standards, guidelines, and policies
and execute them in corporate environmentPreferred Qualifications:
- Advanced degree in cybersecurity
- 7+ years of experience in automotive product cybersecurity
- Professional certifications such as CISSP, CRISC, CISM, or CISA
are strongly desired
- Effective project management skills
- Highly resourceful and efficient
- Able to effectively interface with other disciplines in the
organization to achieve results
- Strong communication skills, both oral and written, at all
levelsWe are an ambitious, resourceful, and driven workforce, which
empowers us to THINK OUTSIDE. Apply today!At Polaris we put our
employees first, by offering a holistic approach to their health
and financial wellbeing. Polaris is proud to offer competitive
compensation, including a market-leading profit-sharing plan that
is fundamental to our pay-for-performance culture. At Polaris,
employees are owners of the company through company contributions
to our Employee Stock Ownership Plan and discounted employee stock
purchases plan. Employees receive a generous matching contribution
to 401(k), financial wellness education and consultation to plan
for their financial future. In addition to competitive pay, Polaris
provides a comprehensive suite of benefits, including health,
dental, and vision insurance, wellness programs, paid time off, gym
& personal training reimbursement, life insurance and disability
offerings. Through the Polaris Foundation and our Polaris Gives
paid volunteer time off, we support employees who actively
volunteer their time, efforts, and passions to improve the health
and wellbeing of the communities in which they live, play and work.
Employees at Polaris drive our success and are rewarded for their
commitment.About PolarisAs the global leader in powersports,
Polaris Inc. (NYSE: PII) pioneers product breakthroughs and
enriching experiences and services that have invited people to
discover the joy of being outdoors since our founding in 1954.
Polaris' high-quality product line-up includes the Polaris
RANGER--, RZR-- and Polaris GENERAL--- side-by-side off-road
vehicles; Sportsman-- all-terrain off-road vehicles; military and
commercial off-road vehicles; snowmobiles; Indian Motorcycle--
mid-size and heavyweight motorcycles; Slingshot-- moto-roadsters;
Aixam quadricycles; Goupil electric vehicles; and pontoon and deck
boats, including industry-leading Bennington pontoons. Polaris
enhances the riding experience with a robust portfolio of parts,
garments, and accessories. Proudly headquartered in Minnesota,
Polaris serves more than 100 countries across the globe.
www.polaris.com EEO StatementPolaris is an Equal Opportunity
Employer and will make all employment-related decisions without
regard to race, color, religion, creed, sex, sexual orientation,
gender identity, national origin, age, disability, marital status,
familial status, status with regard to public assistance,
membership or activity in a local commission, protected veteran
status, or any other status protected by applicable law.
Keywords: Disability Solutions, Detroit , Sr. Product Cybersecurity Engineer - Governance, Risk & Compliance, Engineering , Novi, Michigan
Didn't find what you're looking for? Search again!
Loading more jobs...