PpbRole purpose: /b Ensure the TCU is conceived and developed according to a security-by-design approach, fully compliant with automotive cybersecurity standards (ISO 21434, UNECE R155/R156). The role drives security architecture definition, influencing early system and software decisions to safeguard data, communication channels, and the boot path. /p pbKey accountabilities and decision ownership: /b /p ul liTARA Mitigation – Perform and maintain Threat Analysis and Risk Assessment, converting risks into actionable security requirements. /li liSecurity architecture definition – Configure Secure Boot, integrate HSM, set firewall rules and Secure Storage in close partnership with System and Software Architects. /li liSecure protocol cryptography integration – Support TLS, IPsec, MACsec; advise on crypto libraries (wolfSSL, PKCS#11) and crypto hardware. /li liKey trust management – Implement root-of-trust, manage X.509 certificates, authenticated OTA and firmware rollback protection. /li liDocumentation compliance – Author Cybersecurity Concept, Security Case; prepare for audits/certifications (UNECE R155/R156). /li liSecurity testing vulnerability management – Lead pen-testing, fuzzing, SBOM-based vulnerability mitigation within a DevSecOps framework. /li /ul pbCore competencies, knowledge and experience: /b /p ul liStandards regulations: Mastery of ISO/SAE 21434, UNECE R155/R156, AUTOSAR Security. /li liSecurity architectures: Secure Boot, HSM/TPM, Secure Element, key provisioning strategies. /li liHW/SW integration: Close work with Linux, AUTOSAR developers and hardware teams. /li liSecurity testing: Pen-testing, fuzzing, embedded vulnerability scanning. /li liSoft skills: Clear communication, technical negotiation, cross-functional teamwork. /li /ul pbMust have technical / professional qualifications: /b /p ul liDegree in Computer or Electronics Engineering (or equivalent). /li li8–10 years in embedded/automotive cybersecurity roles. /li liHands-on expertise with Secure Boot, HSM/TPM, embedded crypto libraries. /li liFluent English for technical documentation and international audits. /li liFamiliarity with DevSecOps processes, SBOM, pen-test and fuzzing tools. /li /ul /p #J-18808-Ljbffr