Principal Cyber Consultant · Thales

Cybersecurity,
engineered in
not bolted on.

12+ years helping OEMs, Tier-1 suppliers, and critical-infrastructure operators turn regulation into resilient, certifiable engineering — across automotive and industrial systems (ICS/OT).

In plain terms — I help vehicle makers, industrial operators & component manufacturers keep their connected products safe from attack, and meet the regulations that let them sell those products worldwide.

ISO/SAE 21434 UNECE R155/R156 IEC 62443 AIS-189/190 CRA / RED
See what I do Resume
Maharaj Shree Kumar Sood
4OEMs
20+Vehicle & ECU TARAs
2CSMS / SUMS programmes
AutomotiveOEM · Tier-1 · Tier-2 · 2W · 4W · ICE · EV
OT / IndustrialSCADA · DCS · SIS · Level-1
DevicesECU · Gateways · Firmware · IoT
What I do

Engagements, from a single review to a full programme

Point advisory through end-to-end cybersecurity delivery — scoped to your standard, your stage, and your stakeholders.

01

TARA & Risk Assessment

Vehicle- and component-level threat analysis with risk-driven security requirements your teams can act on.

so you find the gaps before attackers do.

ISO/SAE 21434 · IEC 62443-3-2
02

Type Approval & Homologation

CSMS/SUMS build-out, work-product validation, and audit readiness all the way to approval.

so your products clear regulation and reach market.

UNECE R155/R156 · AIS-189/190
03

Security Architecture

Security-by-design for connected ECUs and OT — from concept definition to system-level controls.

so security is built in, not bolted on.

Security-by-Design · PKI · Secure Boot
04

OT / ICS Programmes

End-to-end industrial security: gap analysis, segmentation, policy, and ongoing compliance.

so your plants stay running and protected.

IEC 62443 · NIST CSF · NERC-CIP
05

Pen Testing & Cyber FAT/SAT

ECU-level penetration testing and OT cyber-validation during factory and site acceptance.

so flaws surface in the lab, not the field.

VAPT · Cyber FAT · Cyber SAT
06

Advisory & RFI/RFP Support

Early-stage scoping, solution architecture, and bid support for complex cybersecurity tenders.

so you go to bid with a solution that wins.

Scoping · Solution Architecture
End to end

Security across the whole lifecycle

Wherever you are — a fresh concept, a system mid-development, or a fleet already in the field — I can pick up the cybersecurity thread and carry it through to compliance and beyond.

Select a phase to see what's involved
01 · Assess
Understand the risk before designing the fix
Vehicle & ECU TARARisk registerGap analysis · ISO 21434 / IEC 62443Threat modelling
02 · Architect
Turn risk into a concrete, defensible security design
Security conceptSecurity goals & requirementsZones & conduitsReference architecture
03 · Build & harden
Engineer the controls into the product, not around it
Secure boot & debugCryptography / PKISecure firmware updateMISRA / CERT-C
04 · Validate
Prove it holds up before it ships
Penetration testingVulnerability assessmentCyber FAT / SATValidation evidence
05 · Comply & sustain
Carry it through approval and keep it secure in the field
CSMS / SUMSR155/R156 & AIS-189/190 work productsMonitoring & responseSecurity updates
How I work Regulation → engineering translation · Stakeholder & supplier alignment · Training & enablement · Bid & solution shaping
Domains served

Where I work

From connected vehicles to industrial plants to embedded and medical devices — security-by-design across the systems the world is putting online.

Automotive Cybersecurity

ISO/SAE 21434 · UNECE R155/R156 · AIS-189/190

From early TARA and security concepts through CSMS/SUMS implementation and type-approval readiness for OEMs and suppliers.

TARACSMS / SUMSType Approval ECU SecuritySecure BootFOTA

ICS / OT Security

IEC 62443 · NIST CSF 2.0 · NERC-CIP · NCIIPC

Risk assessments, architecture reviews, and cyber validation across SCADA, DCS, SIS, and Level-1 control environments.

OT RiskSCADA / DCSSIS SegmentationCyber FAT/SATArchitecture

IoT, Embedded & Medical

RED · CRA · IEC 81001-5-1 · Secure SDLC

Security-by-design for connected devices and firmware — cryptographic controls, secure boot, and hardening from silicon to update path.

PKI / TLSSecure BootFirmware Update MISRA / CERT-CDevice HardeningCryptography

automotive  ·  industrial  ·  devices    secured by design across everything that's becoming connected

Selected work

Proof, not just capability

A sample of programmes across automotive and industrial cybersecurity — challenge, approach, outcome. Client details anonymised.

Automotive · Vehicle-level TARACS-01

Threat analysis for a connected vehicle platform

Challenge
A connected platform spanning multiple ECUs needed a defensible, vehicle-level risk picture before security requirements could be set.
Approach
Ran structured TARA workshops across ECU, system, and vehicle layers; mapped attack paths and derived risk-rated security goals.
Outcome
A prioritised security-requirement set the engineering and program teams could act on, feeding directly into the security concept. 100+ attack scenarios analysed & cyber-controlled
ISO/SAE 21434 · IEC 62443-3-2
Automotive · CSMS / SUMSCS-02

Type-approval readiness for an OEM programme

Challenge
An OEM needed CSMS and SUMS frameworks in place to demonstrate UNECE R155/R156 readiness ahead of type approval.
Approach
Built the management-system processes, prepared and validated the required cybersecurity work products, and ran a gap review against the regulation.
Outcome
A complete, audit-ready work-product set aligned to R155/R156 and AIS-189/190. CSMS/SUMS audit-readiness stage reached in ~4 years
UNECE R155/R156 · AIS-189/190
ICS / OT · Risk assessmentCS-03

Cyber risk review of a critical-infrastructure plant

Challenge
A process-industry operator needed to understand cyber risk across SCADA, DCS, and SIS without disrupting live operations.
Approach
Performed an IEC 62443-aligned risk assessment and architecture review; defined zones and conduits and prioritised remediation.
Outcome
A risk-ranked roadmap and segmentation plan that strengthened posture while keeping production running. Multiple geographically distributed sites assessed
IEC 62443 (3-2, 4-1, 4-2) · NIST CSF
Embedded · Secure-by-designCS-04

Secure boot & FOTA for ECU software integrity

Challenge
Connected ECUs needed verifiable software integrity and a trustworthy update path, built in from concept rather than bolted on.
Approach
Designed and validated secure boot, secure debug, and FOTA mechanisms through hands-on proof-of-concept; embedded the controls in the dev lifecycle.
Outcome
A demonstrated secure-update chain and a reduced vulnerability surface ahead of production. Attack scenarios mapped: connected → gateway → powertrain ECUs
Secure Boot · FOTA · PKI
Advisory · Pre-sales & solution scopingCS-05

Shaping the technical win in a cybersecurity bid

Challenge
A complex cybersecurity programme tender (RFI / RFP / RFQ) needed a credible technical solution and a defensible scope before bid submission.
Approach
Evaluated requirements, scoped the security solution architecture, and shaped the technical response alongside delivery and program teams.
Outcome
A structured, compliant proposal with a clear solution and effort estimate that engineering and commercial teams could stand behind. Diverse RFI/RFP responses shaped from forecast to bid submission
RFI / RFP / RFQ · Solution Architecture · Project Scoping
The path here

From embedded firmware to cybersecurity strategy

A decade-long trajectory through the full stack — silicon to standards.

2022now
Principal Cyber Consultant
Thales
Automotive + OT programmes — TARA, CSMS/SUMS, IEC 62443.
202122
Technical Lead
HCL Technologies
TARA, secure boot & FOTA for connected vehicles.
201821
Senior Security Developer
Marelli India
Secure embedded software; keyless & immobiliser security.
201518
Embedded Research Engineer
Hi-Tech Robotics
Defence robotics & CAN architectures; Army-recognised.
2014
M.Tech, Embedded Systems
Amity · Silver Medal
Where the engineering foundation began.
Credentials

Certified across both domains

Validated expertise spanning automotive cybersecurity, ICS/OT, and information-security frameworks.

TÜV SÜD
ISO/IEC 27001:2022 Lead Auditor
TÜV SÜD
IEC 62443 Cybersecurity Professional
OMNEX
ISO/SAE 21434 Automotive Cyber Engineer
ITCERTS
NIST CSF Lead Implementer
ISC²
Certified in Cybersecurity (CC)
IBM
Cybersecurity Analyst Professional
Cisco
Cybersecurity Essentials
Cert-In × FCRF
Cyber Crisis Management Professional
Insights & engagements

Speaking, writing, and teaching the field

At the intersection of automotive cybersecurity, OT, and regulatory policy.

Conference · Apr 2026

CAEV 2026 — Connected, Autonomous & Electric Vehicle Expo

Represented Thales in Bengaluru, engaging OEMs and regulators on cybersecurity strategy and India's AIS-189/190 roadmap.

Read on LinkedIn
Speaking · Jul 2025

Automotive ISAC — Securing OT in a Connected World

Invited speaker on the IT/OT convergence reshaping connected-vehicle and manufacturing ecosystems.

View on Automotive ISAC
Article · LinkedIn

The Practitioner's Guide to the EU Cyber Resilience Act

What CRA compliance means in practice for product manufacturers across automotive and industrial ecosystems.

Read on LinkedIn
Course · CyberFrat

ICS/OT Cyber Security — Published Training

A practitioner course on industrial fundamentals, OT risk assessment, and IEC 62443-aligned practice.

View on CyberFrat
Let's work together

Navigating compliance, or building a programme?

Whether it's a TARA, a homologation push, or a full OT security programme — I'd be glad to help.

securewithshree63@gmail.com +91-9711391314 LinkedIn
Send a message