Security Test Architect

About the role

We are looking for a Security Test Architect to lead the design and execution of cybersecurity validation for automotive ECUs and vehicle systems. You will work within Bosch's global software development centre, shaping test strategies that meet UN R155/156 standards and ensure secure integration of AUTOSAR components.

Key responsibilities

• Design and implement test architectures for system‑level validation (SIL, HIL, vehicle) covering AUTOSAR BSW, MCAL, ECU abstraction, OS and services layers.
• Develop and automate test frameworks using Python, CAPL and tools such as CANoe/CANalyzer, Wireshark and fuzzing suites.
• Perform threat analysis, risk assessment (TARA) and create security test scenarios for identified attack vectors.
• Conduct penetration testing on CAN, LIN, Ethernet, FlexRay, OTA and diagnostic interfaces (UDS, DoIP) and validate secure boot, secure flashing and OTA update mechanisms.
• Collaborate with BSW, ASW and system teams to trace cybersecurity requirements from concept through execution and support root‑cause analysis and mitigation.
• Prepare compliance documentation, test reports and audit evidence for OEM certification and regulatory approvals.

Required profile

• Strong experience with AUTOSAR BSW testing, including MCAL, ECU abstraction, OS and services layers.
• Hands‑on expertise in automotive communication protocols (CAN, LIN, Ethernet, FlexRay, diagnostics).
• Proven background in ADAS sensor integration and HIL testing using dSPACE, Vector or ETAS platforms.
• Solid understanding of UN R155/156 cybersecurity standards and ISO 26262/ASPICE processes.

Required skills

• Python (mandatory), C/C++ (preferred)
• CAPL, CANoe, CANalyzer
• Wireshark, fuzzing and penetration testing tools
• Secure communication protocols (TLS, SOME/IP, DoIP)
• HIL systems (dSPACE, Vector, ETAS)
• Threat Analysis & Risk Assessment (TARA)
• Secure boot, OTA update validation
• CI/CD pipelines (e.g., Jenkins)