(Senior) Product Owner of Product Security (all genders) – in Berlin

At MBition, we are bringing digital luxury to mobility users around the world. To accomplish this, we are redefining how software is developed within the automotive field as part of an international Mercedes-Benz software development network. As a 100% subsidiary of Mercedes-Benz AG, we develop and integrate the next generation of Mercedes-Benz in-car infotainment systems that are based on the Mercedes-Benz Operating System (MBOS). In addition, we are responsible for the Mercedes me companion app, we provide seamless & connected mobility experiences and we contribute to Advanced Driver Assistance Systems (ADAS) platform development.



About the role


In our team, we are developing features and tools to secure the future infotainment system and its platform for Mercedes-Benz cars.


As a Product Owner of our Product Security team, you will:



  • Research on different security aspects of our platform

    • You will also judge what drives value to end-user/stakeholders when it comes to details in feature scope and contribute to the planning of user story and feature implementation.





  • You will be working with very talented group of builders (Software Engineers) & breakers (Security Engineers) and utilize their diverse skills in the best possible way to make our product more secure

  • You will drive the design and implementation of security components and features across multiple layers of our Linux-based platform

  • You will drive the design, implementation, integration and automation of software security tools for threat modeling, security testing and vulnerability management in our CI/CD pipeline

  • You will collaborate with other feature development teams within MBition and partner organizations in order to align about their contribution to your team’s feature features.

  • Along with the stakeholders, you will create the feature roadmap for Product Security team, maintain and prioritize the product backlog of the team


You will assist in creating DevSecOps culture in the organization by making security an integral part of our development and build workflow. 

Your Profile



Education



  • Degree in Computer Science, Information Technology, Electrical Engineering or a comparable qualification


Experience 



  • Ability to seek and understand the security needs and researching the possible solutions

  • Passion for security and securing an embedded system

  • Proficiency in shell scripting, Python, C and C++

  • First experience as a security engineer or software engineer in embedded software development

  • Very good knowledge on cryptography

  • Experience with system programming (Linux is preferred)

  • Deep understanding and hands-on experience working with at least one of the well-known Linux Security Modules (Apparmor, SELinux, SMACK, TOMOYO)

  • Hands-on experience in other Linux security mechanisms like Discretionary Access Control, Access Control Lists, Linux Capabilities, CGROUPS, namespaces, seccomp

  • Experience hardening Linux based system using different kernel hardening mechanisms and familiarity with Linux Kernel hardening projects like grsecurity, Kernel Self Protection

  • Familiarity with platform integrity solution (dm-verity/IMA) and disk encryption solution (dm-crypt), network security solutions (OpenVPN, IPSec, ), Linux kernel cryptographic subsystem, cryptographic libraries (libcrytpo, libssl, wolfssl, wolfcrypt etc.)

  • Very good understanding of secure boot mechanism and Trustzone in ARM-based SoC

  • Familiarity with security aspects of different virtualization technologies

  • Familiarity with one (or more) low level architecture (x86, ARM, etc.)

  • Familiarity with low level inner-working of operating systems

  • Familiarity with version control system (preferably git), with continuous integration tool like Jenkins, and with docker-based environment

  • Familiarity with Secure Software Development


Nice to have



  • Good understanding of threat modeling techniques. Practical experience is a plus.

  • Experience in delivering security features either, as product owner/engineer/similar role for an Automotive Infotainment System for one complete project lifecycle i.e. from inception to series production will be a huge plus.



  • Security vulnerability analysis experience

  • Familiarity with IDA Pro, Understand™ or other binary/source code analysis tools


 


 


Personal skills



  • Proficiency in problem solving, troubleshooting technical issues and can-do attitude

  • Ability to handle multiple competing priorities in a fast-paced environment

  • Personal initiative, commitment, perseverance and resilience

  • Well-developed communication and teamwork skills


 


Language skills



  • Fluent in English, German proficiency is a plus.

What we offer



  • A chance to work on a new generation of Infotainment Systems, which will power millions of cars

  • An international, interdisciplinary innovation lab, which is part of the Daimler AG



  • Great company values that we are passionate about and live by every day at work. Have a look for yourself at mbition.io and scroll down to "The MBition Experience"



  • Agile working methods and open feedback culture

  • A brand new modern and fully accessible office facing the Spree

  • Flexible working hours

  • Transportation and health benefits, discounts on cars, free coffee, fruits and more


 


Interested?


We look forward to receiving your complete application, including CV (in English or German) and relevant references with the following information:



  •  Job title and reference number

  •  Salary expectations

  •  Earliest start date


We would like to encourage people with health impairments to apply to our jobs! Our building and work places offer the possibilities to adjust to different employee requirements.

Usage of Cookies

Daimler uses cookies for optimal visualization and ongoing improvement of the website. By using this website you agree to the usage of cookies.