- Global product cybersecurity executive leadership- led Dana to ISO/SAE 21434 compliance and certification within 1 year - Spearheaded cybersecurity initiatives for regulatory compliance, standard certification, and implementing industry best practices - Created and improved new policies, strategies, directions, requirements, processes, operations, etc. - Protected products from evolving cybersecurity threats - Secured buy-ins and achieving critical cybersecurity milestones- Worked cross-functionally with a many internal organizations to drive product cybersecurity posture - Built a product cybersecurity team and a team-centric environment from scratch - Secured budget and head counts - Changed and fostered corporate cybersecurity culture-Tech savvy, versed on new cybersecurity technologies, trends, and practices - Experienced reviewer and negotiator for contacts and agreements with legal acumen

• Develop comprehensive and cohesive short-, mid-, long-term technology roadmaps for connected vehicle, core, EV, AV, back office security functions• Represent USA and GM as an SAE expert in ISO/SAE 21434 standard development and develop ISO/SAE 21434 industry best practices for Road Vehicle - Cybersecurity Engineering • Develop and influence UN/UNECE Regulation No. 155 - Cyber Security and Cyber Security Management System and support other regulatory activities around the world (US & China) • Stay abreast of cybersecurity, privacy and artificial intelligence regulations and policies and customer data privacy protections• Manage global cross-functional cybersecurity advanced development/innovation teams (team building, personal/professional/career development coaching, setting goals, conducting performance reviews, resolving conflicts within team and with peers, etc.) • With a big picture view, propose team establishment, growth, and optimization to better meet the dynamic nature of cybersecurity landscape and need changes to senior leadership• Lead teams to analyze and identify current cybersecurity deficiencies and gaps in product execution, drive cybersecurity technology development, improvement, and integration • Lead global cybersecurity advanced development teams (in NA, EU, Asia) to explore emerging cybersecurity technologies, identify proper use cases, perform proof of concepts, create business cases, and drive adoption of new technologies • Define, review, prioritize and manage cybersecurity decoupled projects• Drive value-added research collaborations with internal R&D and external industry/academic research entities on advanced security concepts and autonomous driving security related topics (Lidar, Radar, Camera, and GPS spoofing, adversarial artificial intelligence/machine learning)• Participate and drive value-added collaborations with industry partners • Support development of talent pipeline and college recruiting

Developing embedded and server based security solutions from architecture to detailed software requirement specifications for tier 1 suppliers. Responsible for development and execution of security solutions for embedded telematics systems connectivity, service delivery platform, application frameworks, and in-vehicle communication interfaces. • Providing industrial security best practices to security solution design for a variety of technological areas, such as Service Delivery Platform, Wi-Fi, Bluetooth, embedded cellular communications, USB reflash, FOTA, application framework, application development, etc. • Authoring comprehensive security requirement specifications to be implemented by suppliers• Responsible for overall security architecture design for Uconnect telematics head units, telematics control units, Service Delivery Platform, and working closely with Chrysler IT to define back end security solutions• Performing threat modeling, vulnerability analysis and risk assessment on existing security solutions and new security proposals• Responsible for short-term, mid-term, and long-term security development strategies and road map, security validation strategies, reviewing and supporting future supplier RFI, RFQ, RFP processes• Working closely with Chrysler's partners, tier 1 and tier 2 suppliers, Chrysler IT and other internal relevant departments on designing telematics embedded systems security and Service Delivery Platform, for both machine-to-machine, server-to-server, and server-to-vehicle interfaces• Leading security decoupled projects such as penetration testing in-vehicle telematics systems• As a security SME, providing security consultancy to cross-functional teams in Chrysler, including Uconnect Engineering, Electrical/Electronic Systems, IT, Power Train, Regulatory Affairs, etc.• Serving as a security technology advocate, providing security training and promoting security awareness in the company

Designed, developed, and validated security solutions for end-to-end OnStar telematics systems and GM's infotainment systems, which include in-vehicle telematics/infotainment ECUs, wireless network interfaces and back office, providing connectivity to the Internet through cellular network, Bluetooth, and Wi-Fi technologies. • Led a team of test engineers to validate security solutions for end-to-end OnStar telematics systems, GM infotainment systems, and IT back office call center• Designed security solutions with best practices; authored, reviewed, and audited functional requirement specifications for OnStar telematics and GM infotainment systems, such as air interface, SMS, packet data, FOTA, USB reflash, Bluetooth, Wi-Fi, etc.• Conducted vulnerability and threat analysis during security during solution design, proposed and authored engineering change proposal to improve systems security • Conducted Design/Process Failure Mode and Effects Analysis (DFMEA/PFMEA)• Conducted penetration testing and fuzz testing on OnStar telematics and GM infotainment systems to identify security vulnerabilities and software defects• Led a team of test engineers to validate security solutions for end-to-end OnStar telematics system, GM infotainment system, and IT back office call center• Conducted code review on embedded systems running real-time operating systems for software security vulnerabilities, helped suppliers understand security defects and recommended fixes• Troubleshot technical issues with SSL/TLS, certificates, encryption/decryption, authentication, digital signature, code signing, software reflash, etc.• Supported Public Key Infrastructure, Certificate Authority, certificate generation and management• Served on Security Council of the company, participated in future security strategy development, provided security training and promoted security awareness in the company

- Conducted research in Ethernet-based Passive Optical Network Security, analyzed security vulnerabilities and attacks in EPON system and developed comprehensive authentication protocols and key distribution protocols to provide communication security and protect user privacy.- Conducted research in Mobile Ad Hoc Network and Wireless Sensor Network Security, reviewed and evaluated the security aspect of the MANET and WSN as a whole, with focus on security requirements and constraints, vulnerabilities, threats and attacks, authentication, encryption, key distribution and key management, secure routing, secure data aggregation, and intrusion detection.- Conducted research in Quantum Key Distribution, proposed the concept of a dual-quantum channel and a novel basis selection rules, developed fast convergent key distribution algorithms, improved the efficiency and security of the key distribution process, and designed real-time intrusion detection mechanisms and intelligent attack avoidance mechanisms.- Conducted research in Cargo Transportation Security Risk Assessment, built a mathematical model by using log-normal distribution to assess the risk a cargo would face as it traverses through consecutive transportation channels where natural or man-made disasters may be possible.- etc.

- Configured DNS, Certificate Authority, Active Directory, PKI, Sun Java System Directory Server- Configured SAP NetWeaver Identity Management System on Windows Server 2003 with Oracle 11g Database- Troubleshot technical problems, wrote technical documentation- etc.

- Conducted R&D in fuzzy logic control and artificial neural network- etc.

- Gave numerous lectures and presentations to a group of 200+ students; provided personal, academic, and career counseling services to students- Managed a team of 20+ student leaders; responsible for event planning, organizing, and managing- etc.