Job Description

Rivian is on a mission to keep the world adventurous forever. This goes for the emissions-free Electric Adventure Vehicles we build, and the curious, courageous souls we seek to attract.

As a company, we constantly challenge what\'s possible, never simply accepting what has always been done. We reframe old problems, seek new solutions and operate comfortably in areas that are unknown. Our backgrounds are diverse, but our team shares a love of the outdoors and a desire to protect it for future generations.

Job Summary:

A Security Engineer on the Product Security Red Team is a key role in the carrying out Red team engagements and risk assessments against our products including our vehicles, their charging infrastructure, mobile app, and related cloud infrastructure.

Responsibilities:

• Perform penetration tests and risk assessments on our products, and provide actionable remediation guidance
• Analyze externally submitted vulnerability reports to validate findings
• Work cross-functionally with engineering teams to provide cybersecurity expertise and services
• Develop attack methodologies and strategies against our vehicles for security engagements against them with a red team mindset
• Scope out and document Threat Analysis and Risk Assessment studies during the Secure Development Lifecycle
• Collaborate with our Enterprise Security Red Team on assessing Rivian Cloud infrastructure and applications
• Contribute to team documentation and process maturity

Qualifications:

• 5+ years of hands-on experience in penetration testing methodologies, with a primary emphasis on embedded software in Infotainment and Telematics units
• Demonstrated practical knowledge of embedded Linux/QNX and Android and iOS security
• In-depth knowledge of software and systems vulnerabilities and mitigations, experience with connected automotive systems preferred
• Strong familiarity with Vehicle and Cloud-based architectures
• Experience carrying out Reverse Engineering of embedded systems to find vulnerabilities and attack chains
• Experience attacking android based infotainment systems
• Experience attacking diagnostic systems and firmware update processes
• Experience assessing secure boot on embedded systems
• Ability to develop custom tools to further an attack strategy
• Deep understanding of inner workings of security concepts and mechanisms
• Strong communication skills to work with engineers to remediate vulnerabilities
• Ability to think far outside of the box, and adapt to quickly changing timelines

Equal Opportunity

Rivian is an equal opportunity employer and complies with all applicable federal, state, and local fair employment practices laws. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, ancestry, sex, sexual orientation, gender, gender expression, gender identity, genetic information or characteristics, physical or mental disability, marital/domestic partner status, age, military/veteran status, medical condition, or any other characteristic protected by law.

Rivian is committed to ensuring that our hiring process is accessible for persons with disabilities. If you have a disability or limitation, such as those covered by the Americans with Disabilities Act, that requires accommodations to assist you in the search and application process, please email us at .

Candidate Data Privacy

Rivian may collect, use and disclose your personal information or personal data (within the meaning of the applicable data protection laws) when you apply for employment and/or participate in our recruitment processes (\xe2\x80\x9cCandidate Personal Data\xe2\x80\x9d). This data includes contact, demographic, communications, educational, professional, employment, social media/website, network/device, recruiting system usage/interaction, security and preference information. Rivian may use your Candidate Personal Data for the purposes of (i) tracking interactions with our recruiting system; (ii) carrying out, analyzing and improving our application and recruitment process, including assessing you and your application and conducting employment, background and reference checks; (iii) establishing an employment relationship or entering into an employment contract with you; (iv) complying with our legal, regulatory and corporate governance obligations; (v) recordkeeping; (vi) ensuring network and information security and preventing fraud; and (vii) as otherwise required or permitted by applicable law.

Rivian may share your Candidate Personal Data with (i) internal personnel who have a need to know such information in order to perform their duties, including individuals on our People Team, Finance, Legal, and the team(s) with the position(s) for which you are applying; (ii) Rivian affiliates; and (iii) Rivian\'s service providers, including providers of background checks, staffing services, and cloud services.

Rivian may transfer or store internationally your Candidate Personal Data, including to or in the United States, Canada, the United Kingdom, and the European Union and in the cloud, and this data may be subject to the laws and accessible to the courts, law enforcement and national security authorities of such jurisdictions.

Please note that we are currently not accepting applications from third party application services.

Apply for this Job

• Required

First Name *

Last Name *

Email *

Phone

Location (City) *

Resume/CV *

Drop files here

Attach or enter manually

(File types: pdf, doc, docx, txt, rtf)

When autocomplete results are available use up and down arrows to review

If selected \'other\' school, please provide school name.

LinkedIn Profile

Website

Have you ever worked at Rivian? *

Who is your most recent employer? (Type N/A if not applicable). *

Are you currently authorized to work for any employer in Canada? *

Will you now, or in the future, require employer immigration sponsorship (e.g., Work Permit, PR)? *

To help us assess any potential U.S. export control restrictions, please indicate if you are currently a citizen of any of the following countries: Iran, Syria, N. Korea, Cuba, China, or Crimea. *

I confirm that I have read the complete Candidate Data Privacy Notice, which contains additional details and important information about the collection, use, disclosure and other handling of my Candidate Personal Data as summarized above. *

For details please see our

Yes

Please retain my Candidate Personal Data for up to two years so that Rivian may consider me for other positions for which I may be eligible and qualified.

Yes

I certify that the information and supporting documents provided are true and correct. I understand that any false or misleading representations will be grounds for non-hire or termination at any time during my employment. *

Yes

Voluntary Self-Identification

For government reporting purposes, we ask candidates to respond to the below self-identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

As set forth in Rivian Automotive\'s Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law.

Gender

Are you Hispanic/Latino?

Please identify your race

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to the Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran\'s discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.

Veteran Status

Form CC-305

OMB Control Number 1250-0005

Expires 05/31/2023

Voluntary Self-Identification of Disability Why are you being asked to complete this form?

We are a federal contractor or subcontractor required by law to provide equal employment opportunity to qualified people with disabilities. We are also required to measure our progress toward having at least 7% of our workforce be individuals with disabilities. To do this, we must ask applicants and employees if they have a disability or have ever had a disability. Because a person may become disabled at any time, we ask all of our employees to update their information at least every five years.

Identifying yourself as an individual with a disability is voluntary, and we hope that you will choose to do so. Your answer will be maintained confidentially and not be seen by selecting officials or anyone else involved in making personnel decisions. Completing the form will not negatively impact you in any way, regardless of whether you have self-identified in the past. For more information about this form or the equal employment obligations of federal contractors under Section 503 of the Rehabilitation Act, visit the U.S. Department of Labor\'s Office of Federal Contract Compliance Programs (OFCCP) website at . How do you know if you have a disability?

You are considered to have a disability if you have a physical or mental impairment or medical condition that substantially limits a major life activity, or if you have a history or record of such an impairment or medical condition.

Disabilities include, but are not limited to:

• Autism
• Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, or HIV/AIDS
• Blind or low vision
• Cancer
• Cardiovascular or heart disease
• Celiac disease
• Cerebral palsy
• Deaf or hard of hearing
• Depression or anxiety
• Diabetes
• Epilepsy
• Gastrointestinal disorders, for example, Crohn\'s Disease, or irritable bowel syndrome
• Intellectual disability
• Missing limbs or partially missing limbs
• Nervous system condition for example, migraine headaches, Parkinson\'s disease, or Multiple sclerosis (MS)
• Psychiatric condition, for example, bipolar disorder, schizophrenia, PTSD, or major depression

Disability Status

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.

Rivian