Principal Security Engineer
Why this role is exciting
As a Principal Security Engineer, you will play a critical role in shaping the cybersecurity foundation of Vay's vehicle and remote driving ecosystem. This is a highly cross-functional role that sits at the intersection of automotive security, embedded systems, safety-critical development, and organizational leadership.
You'll work closely cross-functionally to ensure our products are designed, developed, and validated with security at the core. Your work will directly influence how we assess risk, define mitigations, validate security requirements, and scale secure engineering practices across the company.
This role is ideal for someone who can operate both strategically and hands-on. You should be comfortable driving high-level security architecture and process discussions while also diving deep into technical details when needed. Strong communication and stakeholder management skills are essential, as you'll often act as the security voice across the organization.
What you'll be driving
You will lead and evolve the cybersecurity engineering practices that support Vay's remote driving technology and vehicle platforms. In order to do that, you will:
- Develop, define, and maintain cybersecurity processes aligned with ISO 21434 and other relevant standards and frameworks such as ISO 27001 and UNECE R155/R156
- Perform security risk assessments and maintain the Threat Analysis and Risk Assessment (TARA) work products
- Define cybersecurity requirements and collaborate with cross-functional engineering teams to implement effective mitigations
- Partner with Safety, Systems, Embedded, and Validation teams to ensure secure product development throughout the lifecycle
- Drive security architecture discussions and influence system-level design decisions across multiple domains
- Create and evolve security testing and validation strategies for vehicle and remote driving systems
- Support secure OTA update mechanisms and secure communication architectures
- Represent cybersecurity topics in internal and external technical discussions and reviews
- Help build scalable security processes that support the growth of Vay's commercial fleet and technology platform
This might be a great fit, if
You are an experienced security engineer who enjoys working across organizational boundaries, influencing complex technical systems, and building products that operate safely in the real world.
- 8+ years of experience in cybersecurity engineering
- 2+ years of experience working on automotive, robotics, IoT, or other embedded/safety-critical products
- Strong understanding of automotive cybersecurity principles, automotive networks, and OTA update mechanisms
- Experience performing security risk assessments and maintaining TARA work products
- Familiarity with ISO 21434, UNECE WP.29 R155/R156, and related automotive cybersecurity standards
- Understanding of embedded systems development and secure software development practices
- Knowledge of cryptographic concepts and secure communication principles
- Ability to assess security vulnerabilities, prioritize risks, and define practical mitigations
- Excellent communication, planning, and stakeholder management skills
- Comfortable operating both strategically and hands-on in fast-moving engineering environments
Why choose Vay
A global team of smart, motivated people from 30+ countries who love tackling hard problems and turning bold ideas into reality
Huge scope for impact in a fast paced environment
ESOP stock options: A stake in Vay's future - not just a salary
Unlimited Paid Vacation Days
Subsidised Deutschland ticket (Berlin)
Subsidised Urban Sports Club or FitX Membership
All Vay team members receive 30% off their Vay rides
Exclusive external discounts
350 Home Office Set-up
Relocation financial assistance when relocating to Berlin
Fully funded German Lessons
Regular team events throughout the year
