DevSpeak Jobs
Vay logo
Vay

Principal Security Engineer

🕐 16 dias atrás📍 Berlin, Germany

About Vay

Ever imagined saying, “I helped launch the future of transportation”? We’re rewriting the rules of urban mobility. At Vay, customers tap a button and a car arrives - with no one inside - powered by our world-first Remote Driving technology on real public streets. We’re live in Las Vegas and scaling fast, powered by a strategic investment of up to $410 million from Grab. Our mission is simple: replace private car ownership with a faster, cleaner, door-to-door mobility model.

Why this role is exciting

As a Principal Security Engineer, you will play a critical role in shaping the cybersecurity foundation of Vay’s vehicle and remote driving ecosystem. This is a highly cross-functional role that sits at the intersection of automotive security, embedded systems, safety-critical development, and organizational leadership. You’ll work closely cross-functionally to ensure our products are designed, developed, and validated with security at the core.

Responsibilities

  • Develop, define, and maintain cybersecurity processes aligned with ISO 21434 and other relevant standards and frameworks such as ISO 27001 and UNECE R155/R156.
  • Perform security risk assessments and maintain the Threat Analysis and Risk Assessment (TARA) work products.
  • Define cybersecurity requirements and collaborate with cross-functional engineering teams to implement effective mitigations.
  • Partner with Safety, Systems, Embedded, and Validation teams to ensure secure product development throughout the lifecycle.
  • Drive security architecture discussions and influence system-level design decisions across multiple domains.
  • Create and evolve security testing and validation strategies for vehicle and remote driving systems.
  • Support secure OTA update mechanisms and secure communication architectures.
  • Represent cybersecurity topics in internal and external technical discussions and reviews.
  • Help build scalable security processes that support the growth of Vay’s commercial fleet and technology platform.

Qualifications

  • 8+ years of experience in cybersecurity engineering.
  • 2+ years of experience working on automotive, robotics, IoT, or other embedded/safety-critical products.
  • Strong understanding of automotive cybersecurity principles, automotive networks, and OTA update mechanisms.
  • Experience performing security risk assessments and maintaining TARA work products.
  • Familiarity with ISO 21434, UNECE WP.29 R155/R156, and related automotive cybersecurity standards.
  • Understanding of embedded systems development and secure software development practices.
  • Knowledge of cryptographic concepts and secure communication principles.
  • Ability to assess security vulnerabilities, prioritize risks, and define practical mitigations.
  • Excellent communication, planning, and stakeholder management skills.
  • Comfortable operating both strategically and hands-on in fast-moving engineering environments.

Why choose Vay

  • A global team of smart, motivated people from 30+ countries who love tackling hard problems and turning bold ideas into reality.
  • Huge scope for impact in a fast-paced environment.
  • ESOP stock options: A stake in Vay’s future - not just a salary.
  • Unlimited Paid Vacation Days.
  • Subsidised Deutschland ticket (Berlin).
  • Subsidised Urban Sports Club or FitX Membership.
  • All Vay team members receive 30% off their Vay rides.
  • Exclusive external discounts.
  • €350 Home Office Set-up.
  • Relocation financial assistance when relocating to Berlin.
  • Fully funded German Lessons.
  • Regular team events throughout the year.

🇧🇷 Essa vaga exige inglês. Você está pronto?

A DevSpeak Academy prepara desenvolvedores brasileiros para conquistar vagas internacionais. Domine o inglês técnico com professores que entendem o mundo dev.

Conheça a DevSpeak Academy