RedandBlue Applied Innovations is hiring an experienced Automotive Cybersecurity Compliance & Vulnerability Management Engineer with 10+ years of experience in automotive cybersecurity, vulnerability management, compliance frameworks, and platform security. The ideal candidate should have strong expertise in ISO/SAE 21434, UNECE R155, ISO 27001, NIST, vulnerability assessment tools, and secure-by-design practices within connected vehicle, ECU, embedded systems, and automotive platform environments. This role involves working closely with automotive engineering, embedded security, infrastructure, and cybersecurity teams to perform compliance assessments, vulnerability analysis, risk assessments, threat modeling, and remediation activities across automotive systems and connected platforms.

About the Role

RedandBlue Applied Innovations is looking for a highly skilled Automotive Cybersecurity Compliance & Vulnerability Management Engineer to support cybersecurity compliance initiatives, vulnerability management, and platform security activities across connected vehicle ecosystems, automotive platforms, ECUs, cloud-connected services, and supporting infrastructure.

The candidate will work closely with automotive engineering, embedded systems, platform, infrastructure, and cybersecurity teams to ensure compliance with automotive cybersecurity standards and proactively identify, assess, and remediate security vulnerabilities across vehicle platforms and related environments.

This role requires strong understanding of automotive cybersecurity regulations, secure-by-design principles, and vulnerability management practices aligned with standards such as ISO/SAE 21434 and UNECE R155.

Key Responsibilities

• Conduct automotive cybersecurity compliance assessments across vehicle systems, ECUs, applications, and connected platforms
• Support internal and external cybersecurity audits and maintain compliance evidence repositories
• Manage the complete vulnerability management lifecycle including:
  • Discovery
  • Classification
  • Prioritization
  • Remediation
  • Verification
• Perform vulnerability scans and security assessments using tools such as:
  • Tenable
  • Qualys
  • Rapid7
  • Microsoft Defender
  • Similar enterprise and automotive security tools
• Collaborate with automotive engineering and platform teams to implement secure-by-design principles
• Assist in automotive threat modeling, TARA activities, platform risk assessments, and security reviews
• Track remediation activities and provide executive and technical vulnerability reports
• Ensure adherence to automotive cybersecurity frameworks, standards, and best practices including:
  • ISO/SAE 21434
  • UNECE R155
  • ISO 27001
  • NIST
  • CIS Controls
• Work with suppliers and cross-functional teams to ensure cybersecurity compliance throughout the product lifecycle

Required Skills

Strong understanding of:

• ISO/SAE 21434
• UNECE R155
• ISO 27001
• NIST
• CIS Controls
• GDPR
• SOC2
• Hands-on experience in vulnerability management and cybersecurity risk assessment
• Knowledge of automotive cybersecurity architecture, connected vehicle security, and platform security controls
• Understanding of embedded systems and automotive communication ecosystems is preferred
• Strong documentation, reporting, and analytical skills
• Ability to communicate technical risks effectively to both technical and leadership teams

Preferred Skills

• Experience in Automotive OEM / Tier-1 environments
• Experience with connected vehicle platforms, ECU security, or embedded cybersecurity
• Familiarity with TARA and cybersecurity assurance activities
• Experience with cloud security and hybrid infrastructure environments
• Familiarity with automation or scripting (PowerShell/Python) is a plus
• Experience supporting compliance-driven automotive environments