Product Security Engineer (Software)

About us

Luminar Technologies, Inc. (Nasdaq: LAZR) is transforming automotive safety and autonomy by delivering the only lidar and associated software that meets the industry’s stringent performance, safety, and economic requirements. Luminar has rapidly gained over 50 industry partners, including a majority of the top global automotive OEMs. In 2020, Luminar signed the industry’s first production deal for autonomous consumer vehicles with Volvo Cars, which now expects to make Luminar’s technology part of the standard safety package on their next generation electric SUV. Additional customer wins include Mercedes, SAIC, Daimler Truck AG, Intel’s Mobileye, Pony.ai and Airbus UpNext. Founded in 2012, Luminar employs approximately 400 with offices in Palo Alto, Orlando, Colorado Springs, Detroit, Bangalore and Munich.

For more information, please visit www.luminartech.com

About the role

Luminar Technologies is seeking an experienced technically hands-on Product Security Engineer (Software) reporting to the Head of Security Engineering, who can design, build, monitor and enforce the security processes and infrastructure within a growing US public company. The ideal candidate should have extensive experience in designing security solutions which protect information from threats, ensuring business continuity and regulatory compliance by collaboratively working across the different functions in the organization. This is a first set of lead hires for this function, as we look to augment this function in Luminar, India. You will be part of a high cross-functional team and responsible for rapid prototyping and product development at Luminar.

Responsibilities

• Lead cybersecurity and customer support (security) on all Luminar software products, to include: sensors, perception, automotive, non-automotive, and data analysis
• Partner with key stakeholders including: IT, Advanced manufacturing, Lidar & sensor Product, Software, Data, Perception, and Customer teams to ensure business outcomes are met on-time, on budget, in a safe secure manner
• Partner with Luminar Semiconductor (LSI) Software teams to ensure secure & compliant systems and processes in alignment with US government regulations and guidelines, to include: NIST Cyber & Privacy frameworks, FedRAMP, and CMMC
• Partner with Legal and Supply Chain teams to develop, implement, and maintain a world-class supply chain security & resilience program for software product lines
• Develop software product cybersecurity work products & content according to ISO/SAE 21434, ISO 2700X, and other relevant standards & frameworks
• Work closely and actively support the Software, Data, Firmware, and Perception teams as the primary security advisor and embedded security subject matter expert on all product and project teams
• Support the development of secure software development (DevSecOps) standards and culture, including securing tools, data in motion and data stores. Support secure integration of cryptographic key management into the CI/CD pipeline
• Build and manage, in coordination with IT Governance & Compliance and Cybersecurity Strategy teams a world-class cybersecurity training and awareness program for Software Engineering org and engineers that includes key knowledge areas like: threat modeling, Chaos Engineering concepts, ZeroTrust concepts, etc
• Plan, manage and execute product security tasks within the overall project management plan
• Support meetings and communication on cybersecurity content with customers

Minimum Qualifications

• Bachelor’s Degree in computer science, computer engineering, cybersecurity, or a related discipline (or similar relevant technical hands-on work experience)
• 10+ years of relevant work experience
• Expert-level expertise and documented technical proficiency in software & data product cybersecurity, data protection, privacy engineering or a combination of general cybersecurity experience and 5+ years of software product development and commercial platform engineering experience
• Deep domain expertise and technical proficiency with core infrastructure & architectures (to include Kubernetes, etc)
• Experience designing, building, and maintaining enterprise security infrastructure and tools 
• Expert knowledge and documented technical proficiency of international cybersecurity standards & frameworks, to include: ISO/SAE 21434, ISO 2700x, NIST Cybersecurity & Privacy, CMMC, TISAX, etc
• Deep domain expertise and documented technical proficiency with agile engineering processes, DevSecOps, and software quality control regimes
• Strong interpersonal, verbal and written communication skills
• Experience with software quality processes (eg: ASPICE, etc)
• Software development experience and professional proficiency with Python, C++ (with Bazel), and other industry standard programming languages
• Ability to consistently execute against tight deadlines with incomplete or ambiguous information in rapidly changing environments
• Able to work successfully in cross-functional teams, especially across organizational and geographical boundaries
• Ability and willingness to work in a 24/7 on-call capacity in emergencies
• Native-level professional English fluency required, additional language ability a plus
• Valid passport with no restrictions on business travel to Luminar’s areas of operation
• Travel up to 10% (according to relevant national and international COVID-19 safety guidelines)

Preferred Qualifications

• Domain expertise and documented technical proficiency with sensors, big data, artificial intelligence, machine learning, and perception
• Extensive expertise in Chaos Engineering and/or SRE 
• Expert knowledge of cryptography with focus on key management solutions in production environments
• Technical familiarity with applied machine learning and artificial intelligence
• Experience with perception software algorithms
• Experience in structural coverage of code - static and dynamic analysis