05/10/2026 updated
verified
Premium member
100 % availableSenior Cybersecurity Consultant - Embedded Systems & Automotive Security
Cluj-Napoca, Romania
Worldwide
Post Graduate Program in Cybersecurity, University of Texas at Austin, 2022About me
I advise OEMs, Tier-1 suppliers, and R&D organisations on how to build security in from the start — not patch it on before an audit. That includes security concepts, TARA, architecture reviews, compliance readiness, and increasingly, helping teams understand what AI means for their threat model.
Embedded CEmbedded SystemsEmbedded SoftwareTesting (Hardware)
Embedded Systems Cybersecurity
End-to-end security expertise for safety-critical embedded platforms in automotive, rail, medtech, and industrial sectors, covering the full product lifecycle from threat modeling and secure architecture to certification and long-term maintenance.
Cybersecurity Compliance & Certification
Deep knowledge of ISO/SAE 21434, UN R155/R156, IEC 62443, EU Cyber Resilience Act (CRA), and ISO 27000 series, enabling full compliance readiness and successful certification of complex embedded products.
Threat Analysis & Risk Assessment (TARA)
Comprehensive risk identification, evaluation, and treatment strategies for embedded and connected systems, including authoring and delivering all key ISO/SAE 21434 artifacts such as TARA, Technical Security Concept, and Cybersecurity Case.
Secure-by-Design Architecture & Product Security Engineering
Designing secure systems from concept through certification and into production, including SecOC concepts, cryptographic key management, and architectural gap analysis for regulatory compliance.
Security Concept Development & Requirements Engineering
Creating clear, actionable, and negotiable security requirements for OEMs and suppliers, including Cybersecurity Interface Agreements and Compliance Matrices negotiated directly with major OEMs.
Technical Leadership & Team Enablement
Leading and upskilling engineering teams of 25 to 30 or more people in secure development practices, managing cross-functional and multi-supplier environments, and acting as central technical interface between OEMs and Tier-1 suppliers.
Secure Development Lifecycle
Integrating cybersecurity into V-Model, ASPICE, Agile, and hybrid processes, with hands-on experience delivering full SOP software and achieving A-SPICE Level 1 certification.
Secure OTA & Update Management
End-to-end secure update strategies for connected embedded systems, including design and implementation of Rauc-based update mechanisms and secure OTA capabilities for Software Defined Vehicles.
Embedded Software Development (C++, Linux, AUTOSAR)
Hands-on embedded C++ development on Linux (Ubuntu) and STM32MP1 platforms, AUTOSAR 4.x implementation including secure boot, signature validation, hashing algorithms, and Hardware Security Module (HSM) integration.
Penetration Testing & Power Analysis
Practical penetration testing training including ChipWhisperer Power Analysis 101, supporting hardware security assessments of embedded platforms.
End-to-end security expertise for safety-critical embedded platforms in automotive, rail, medtech, and industrial sectors, covering the full product lifecycle from threat modeling and secure architecture to certification and long-term maintenance.
Cybersecurity Compliance & Certification
Deep knowledge of ISO/SAE 21434, UN R155/R156, IEC 62443, EU Cyber Resilience Act (CRA), and ISO 27000 series, enabling full compliance readiness and successful certification of complex embedded products.
Threat Analysis & Risk Assessment (TARA)
Comprehensive risk identification, evaluation, and treatment strategies for embedded and connected systems, including authoring and delivering all key ISO/SAE 21434 artifacts such as TARA, Technical Security Concept, and Cybersecurity Case.
Secure-by-Design Architecture & Product Security Engineering
Designing secure systems from concept through certification and into production, including SecOC concepts, cryptographic key management, and architectural gap analysis for regulatory compliance.
Security Concept Development & Requirements Engineering
Creating clear, actionable, and negotiable security requirements for OEMs and suppliers, including Cybersecurity Interface Agreements and Compliance Matrices negotiated directly with major OEMs.
Technical Leadership & Team Enablement
Leading and upskilling engineering teams of 25 to 30 or more people in secure development practices, managing cross-functional and multi-supplier environments, and acting as central technical interface between OEMs and Tier-1 suppliers.
Secure Development Lifecycle
Integrating cybersecurity into V-Model, ASPICE, Agile, and hybrid processes, with hands-on experience delivering full SOP software and achieving A-SPICE Level 1 certification.
Secure OTA & Update Management
End-to-end secure update strategies for connected embedded systems, including design and implementation of Rauc-based update mechanisms and secure OTA capabilities for Software Defined Vehicles.
Embedded Software Development (C++, Linux, AUTOSAR)
Hands-on embedded C++ development on Linux (Ubuntu) and STM32MP1 platforms, AUTOSAR 4.x implementation including secure boot, signature validation, hashing algorithms, and Hardware Security Module (HSM) integration.
Penetration Testing & Power Analysis
Practical penetration testing training including ChipWhisperer Power Analysis 101, supporting hardware security assessments of embedded platforms.
Languages
EnglishFluentFrenchBasic knowledgeRomanianNative speakerSpanishGood
Project history
Deployed as lead technical authority to rescue a critically delayed and high-risk comfort seat project for the new Porsche Cayenne. Took full ownership of the Vibe ECU on behalf of P3 and Porsche, acting as the central technical interface between Porsche, Forvia, and Idneo. Performed end-to-end supplier monitoring, technical audits, architecture reviews, and risk assessments. Successfully turned around a project on the verge of failure into a successful series production launch.
Contracted by P3 Group to support Porsche in strengthening the cybersecurity posture of an existing vehicle platform (MQB/MLBevo architecture) to meet upcoming EU7 regulatory requirements. Led development of an updated Technical Security Concept, designed a comprehensive updated SecOC concept and Key Management concept, and performed detailed gap analysis between existing architecture and EU7 cybersecurity expectations.
Served as OEM-side Cybersecurity Responsible for Renault's first Software Defined Vehicle program, overseeing cybersecurity for the complete vehicle architecture including the high-performance central PCU and safety-critical PIU ECUs. Acted as primary cybersecurity interface between Renault and Continental Automotive. Led negotiation and implementation of the full set of ISO/SAE 21434 deliverables and performed comprehensive technical acceptance of PCU and PIU platforms.