Cyber Security Consultant

Key Responsibilities

Cybersecurity Governance & Standards

- Drive cybersecurity activities in accordance with ISO/SAE 21434 across the full product

lifecycle.

- Support establishment, rollout, and maintenance of Cybersecurity Management System

(CSMS) aligned with UNECE R155.

- Contribute to internal and external cybersecurity audits, assessments, and compliance

reviews.

Cybersecurity Engineering & Feature Development

- Lead and support cybersecurity feature design and implementation for automotive

middleware, systems, and software.

- Work closely with software architects and system teams to translate cybersecurity

requirements into secure architectures for AUTOSAR Classic, Adaptive, and bare-metal

platforms.

- Hands-on involvement in areas such as secure boot, secure OTA updates, secure

diagnostics (UDS), HSM/SHE, secure key and certificate management, and in-vehicle /

backend secure communication (TLS, IPsec, SecOC, SOME/IP Security).

Threat Analysis, Risk Assessment & Vulnerability Management

- Perform and support TARA activities including asset identification, threat scenario

definition, attack path analysis, and risk evaluation.

- Derive cybersecurity goals, claims, and requirements from TARA outcomes.

- Conduct vulnerability analysis, design-level security reviews, and support mitigation

planning.

- Assist teams in vulnerability handling including root-cause analysis, remediation, and

verification of fixes.

AI & Advanced Cybersecurity

- Define and trace cybersecurity requirements for AI/ML and data-driven components.

- Ensure secure design and deployment of AI-enabled systems, including data protection,

access control, model integrity, and secure pipelines.

- Identify and manage AI-specific cybersecurity risks such as data poisoning, model theft,

adversarial attacks, and misuse.

Project Consulting & Stakeholder Management

- Act as a cybersecurity point of contact for assigned projects.

- Collaborate with development, testing, functional safety, quality, and DevOps teams.

- Support planning, estimation, tracking, and reporting of cybersecurity activities and risks

within project plans.

Process Improvement, Knowledge Sharing & Training

- Develop and maintain standard templates, checklists, and guidelines to improve

cybersecurity maturity and repeatability.

- Stay current with emerging automotive security threats, AI security risks, tools, and

regulations.

- Contribute to internal trainings on ISO/SAE 21434, UNECE R155, automotive

cybersecurity, and AI security best practices.

Qualifications & Experience

- Bachelors degree in Engineering, Computer Science, or a related field.

- 8+ years of experience in automotive or embedded systems, with 4+ years of dedicated

automotive cybersecurity experience.

- Strong hands-on experience in automotive cybersecurity feature development.

- Solid foundation in embedded systems and microcontrollers (e.g., ARM, TriCore,

PowerPC).

- Strong understanding of SDLC, Agile/Scrum development, and cross-functional

collaboration.

AI & Data Security Exposure

- Experience working with AI/ML or data-driven platforms.

- Awareness of secure AI development concepts, including data security, model robustness,

and secure deployment pipelines.

Standards & Technical Expertise

- Proven experience with ISO/SAE 21434 including TARA and work product reviews.

- Working knowledge of UNECE R155 requirements.

- Good knowledge of AUTOSAR Classic and/or Adaptive from a cybersecurity perspective.

- Strong understanding of cryptographic algorithms and primitives (AES, RSA, ECC, SHA,

HMAC) and their correct application.

Certifications (Mandatory / Preferred)

- ISO/SAE 21434 Automotive Cybersecurity certification or equivalent demonstrated

competence (Mandatory).

- Additional certifications in automotive cybersecurity, embedded security, or cloud/AI

security are a plus.

Key Competencies

- Automotive cybersecurity engineering expertise

- AI and data security awareness

- Strong analytical, documentation, and problem-solving skills

- Excellent communication and stakeholder management skills