Cracow, Małopolskie, Poland
Embedded within a project for a leading Swedish Automotive OEM, specializing in product security compliance, risk assessment, and vulnerability management across automotive embedded systems in accordance with ISO/SAE 21434 and UN R155 frameworks. Key responsibilities: Quality Assurance & Reviews: Conducting thorough reviews of technical documentation and security logs to verify compliance, readiness, and resilience against potential automotive exploit vectors. Compliance & Maturity Tracking: Managing and updating project maturity trackers and Cyber Security Management System (CSMS) documentation, ensuring full alignment with OEM cybersecurity release criteria. Vulnerability & Defect Management: Driving the identification, documentation, and resolution of open security vulnerabilities and system flaws; coordinating with cross-functional engineering teams to close open points before major project gateways.
Deployed across Europe as a field test engineer on an overseas vehicle acceptance programme for a Chinese OEM plug-in hybrid (PHEV). Responsible for structured test case execution covering ADAS, IVI, powertrain behaviour, and charging systems, as well as exploratory defect identification across the full vehicle stack. Conducted validation of driver assistance systems (ACC, LKA, LDP, AEB, DMS, ISA, TSR), infotainment and connectivity features (CarPlay, Android Auto, voice assistant, DAB/FM), and EV/HV powertrain logic across varied European road and climate conditions. Logged and reported issues using structured defect reports with CAN bus data capture via Kunyi VG5008. Operated within a cross-cultural engineering environment, coordinating daily with a Chinese PM team via Lark and producing formal test reports aligned with OEM acceptance criteria.
Supporting cybersecurity activities in automotive projects with a focus on compliance with UN Regulation No. 156 for connected vehicle software updates. Collaborating with development teams to integrate cybersecurity requirements into the vehicle lifecycle and ensure alignment with organizational processes.
Embedded at Aptiv as a Resident Engineer to support the development of a next-generation infotainment system and cockpit display for new Porsche models. Acted as the primary technical liaison between eSolutions (Germany) and Aptiv, managing cross-company communication via email and Microsoft Teams, tracking issues across dual Jira environments, and participating in testing processes by connecting to vehicle modules via CAN bus to collect and deliver diagnostic logs using specialised software.
Developed internal software tools based on ISO 21434 to streamline the Threat Analysis and Risk Assessment (TARA) process, significantly improving efficiency and consistency across projects. Gained in-depth knowledge of ISO 21434, UN R155, and UN R156 standards. Collaborated with cybersecurity and engineering teams to ensure compliance and process automation.
Developed a Python desktop application compliant with ISO/SAE 21434, implementing WP-09-01 (Item Definition) and WP-09-02 (TARA) work products. Designed risk calculation algorithms based on industry-standard matrices with openXSAM integration for standardised security data exchange. Built architecture visualisation module using PlantUML integration. Created automated unit and integration tests using pytest framework.
Provided technical support and managed IT infrastructure tasks, including hardware setup, software installation, and asset management in Confluence.