Thomas Kupfer - Automotive Consultant/Coach...

Q: Where is Thomas based?

Thomas is based in Bad Kissingen, Germany and can operate in on-site , hybrid , and remote work models.

Q: What languages does Thomas speak?

Thomas speaks the following languages: German (Native), English (Advanced) .

Q: How many years of experience does Thomas have?

Thomas has at least 19 years of experience. During this time, Thomas has worked in at least 17 different roles and for 8 different companies . The average length of individual experience is 1 year and 10 months . Note that Thomas may not have shared all experience and actually has more experience.

Q: What is Thomas's latest experience?

Thomas's most recent position is Consultant/Coach Risk Management, Automotive SPICE, Functional Safety, Automotive Security, Processes at Tier-1 Automotive Supplier .

Q: What companies has Thomas worked for in recent years?

In recent years, Thomas has worked for Tier-1 Automotive Supplier , Tier 1 , datenschutz cert GmbH , Tier 1 (Sweden / China) , and Tier 1 (England / Poland / Germany) .

Q: Which industries is Thomas most experienced in?

Thomas is most experienced in industries like Automotive , Professional Services , and Utilities . Thomas also has some experience in Information Technology .

Q: Which business areas is Thomas most experienced in?

Thomas is most experienced in business areas like Quality Assurance , Product Development , and Audit . Thomas also has some experience in Information Technology , Operations , and Project Management .

Q: Which industries has Thomas worked in recently?

Thomas has recently worked in industries like Automotive , Professional Services , and Utilities .

Q: Which business areas has Thomas worked in recently?

Thomas has recently worked in business areas like Audit , Quality Assurance , and Product Development .

Recommended expert

Bad Kissingen, Germany

Experience

Apr 2023 - Sep 2025

2 years 6 months

Hybrid

Consultant/Coach Risk Management, Automotive SPICE, Functional Safety, Automotive Security, Processes

Tier-1 Automotive Supplier

Establishing a risk management framework
Consolidating management systems (UMS/QMS/EMS/TISAX) including integrating automotive processes (A-SPICE, functional safety, automotive cybersecurity)
Planning the necessary approach for implementing Automotive SPICE
Designing strategies for processes: SYS.1-5, MAN.3, SUP.1, SUP.8-10, ACQ.4, SWE.1-4
Process analysis and design for SYS.1-5, MAN.3, SUP.1, SUP.8, SUP.9, SUP.10, ACQ.4

Jan 2023 - Present

3 years 3 months

Consultant/Coach ISO/SAE 21434 / UNECE R-155

Tier 1

Supporting the development and expansion of the cyber security process landscape according to ISO 21434 and UNECE R-155
Coaching cybersecurity engineers
Merging requirements from ISO 21434 and TISAX into an integrated management system
Support in conducting the TARA
Support in developing the security concept
Support in building the production process
Highest cybersecurity assurance level: CAL1
Project is carried out almost entirely from home office

Jun 2022 - Present

3 years 10 months

Auditor

datenschutz cert GmbH

Conducting audits according to ISO 27001 (information security)
Conducting audits according to the IT security catalog §11 (1a) EnWG
Conducting audits for intrusion detection systems (SzA)

Jan 2022 - Dec 2023

2 years

Consultant/Coach A-SPiCE – SQIL (Software Quality Improvement Leader)

Tier 1 (Sweden / China)

Conducting coaching sessions to achieve SPiCE Level 1 for software development processes SWE.1–SWE.3, quality assurance SUP.1 and SUP.8 (Configuration Management)
Training an employee to take on the role of quality assurance engineer
Creating templates for project management, quality assurance, and software development
Defining requirements for documents to be produced under A-SPICE
Highest A-SPiCE Level: 1–2
Project is carried out entirely from home office

Jan 2020 - Dec 2021

2 years

Consultant/Coach A-SPiCE – SQIL (Software Quality Improvement Leader)

Tier 1

Conducting coaching sessions to achieve SPiCE Levels 1 and 2 for software development processes SWE.1–SWE.6 and quality assurance SUP.1
Co-assessor for VDA-scope processes and SYS.1 (requirements elicitation)
Highest A-SPiCE Level: 1–2
Project was carried out entirely from home office

Jan 2020 - Dec 2021

2 years

Consultant/Coach A-SPiCE – SQIL (Software Quality Improvement Leader)

Tier 1 (England / Poland / Germany)

Scope of activities within Automotive SPiCE
Conducting internal A-SPiCE Level 1 assessments based on the VDA scope for gap analysis in various projects and comparison with the VDA guidelines
Developing measures to achieve Level 1 for all processes in the VDA scope within the projects
Conducting incremental internal assessments
Coaching project teams through continuous reassessments
Training a software quality engineer on the role of SQA, conducting assessments, and the requirements for each process
Reporting to the Quality Manager Europe
Highest safety integrity level in the project: ASIL QM(B)
Highest A-SPiCE level: 1
Project was carried out entirely from home office

Jan 2020 - Dec 2020

1 year

Consultant for Cybersecurity

Tier 1

Analyzing customer requirements to determine needs
Introduction to cybersecurity based on ISO 27001 and ISO/SAE DIS 21434 standards
Training on automotive cybersecurity fundamentals, comparing functional safety and cybersecurity, and executing Threat and Risk Analysis (TARA)
Highest cybersecurity assurance level: not defined

Jan 2020 - Dec 2020

1 year

Consultant for Functional Safety and Cybersecurity

Tier 1

Developing documentation for safety culture and suggestions for practical implementation
Creating a guideline for drafting the item definition for ISO 26262 and ISO/SAE DIS 21434, as well as additional support in document creation
Assisting in building the security case for cybersecurity
Highest safety integrity level in the project: ASIL QM(B)
Highest cybersecurity assurance level: not defined
Project was carried out almost entirely from home office

Jan 2019 - Dec 2020

2 years

Consultant for Functional Safety ISO 26262

Tier 1

Evaluating the functional safety deliverables for completeness, correctness, and consistency, and developing improvement proposals
Assessing the organizational structure for the functional safety of the overall system and developing suggestions
Supporting the collection and derivation of safety goals and requirements from higher-level system safety analysis
Converting architectures into functional and timing diagrams
Developing safety paths and identifying ISO 26262 classification levels within the system software architecture
Developing a decomposition strategy for functional safety
Assessing and aligning the SOTIF concept applied to the overall system (ISO PAS 21448 / ISO WD 21448 – SOTIF)
Building a sensor data catalog to assess environmental influences on object detection and possible countermeasures
Aligning the sensor data catalog with driving scenarios and operational design domains (SOTIF) to clarify the impact of SOTIF safety requirements on the implementation of safety goals
Highest safety integrity level in the project: ASIL D
Autonomous driving SAE Level 4

Jan 2019 - Dec 2019

1 year

Consultant for Functional Safety ISO 26262

Tier 1

Requirement-based personalized training for the safety manager regarding the OEM's requirements
Explaining the structure of the hazard analysis and risk assessment
Clarifying the content requirements for the functional safety concept and ways to implement them
Showing the "red thread" from the safety goal to the component-level requirements
Describing requirements for components in the context of each safety function
Deriving test requirements
Transferring test requirements into the safety plan
Reviewing a hazard analysis and risk assessment
Highest safety integrity level in the project: ASIL D
Coaching via Microsoft Teams

Jan 2019 - Dec 2019

1 year

Consultant for Cybersecurity and Functional Safety

Tier 1

Definition of requirements for the design of a process to implement cybersecurity in the overall V-model based on ISO/SAE 21434, including detailed descriptions of each process step at the project level
Creation of a guideline for the cybersecurity process
Development of the necessary requirements for a TARA and proposal for implementation
Support in defining requirements for the description of assumptions for a Cybersecurity/Safety Element out of Context
Support in defining the methods to be applied for the Cybersecurity Assurance Levels (CAL) (ISO 15408 / IEC 62443-3)
Mapping of alignment points for documentation between the cybersecurity process and the functional safety process according to ISO 26262
Safety Integrity Level in the project: ASIL B
Cybersecurity Assurance Level: not defined

Jan 2018 - Dec 2018

1 year

Senior Process Consultant

OEM

Optimization of the type approval process for various subdivisions of a corporate group with the following objectives:
Process must be demonstrably implemented
Compliance requirements must be met
Addressing the cross-cutting topic "Special Characteristics" (safety/approval relevance)
Advisory role on "Functional Safety" in further processes

Jan 2018 - Dec 2018

1 year

Manager Functional Safety ISO 26262

Tier 1

Development of a self-assessment for system, hardware, and software to uncover gaps in the documentation of the functional safety process
Conducting document reviews
Training on conducting the self-assessment
Support in further developing the maturity of the process documentation
Support in further developing the content of technical safety concepts
Highest Safety Integrity Level in the project: ASIL D

Jul 2017 - Jul 2019

2 years 1 month

Technical Auditor

DQS GmbH

Conducting technical reviews of completed audits for completeness, consistency, and proper execution
Reviewing audits for ISO 9001, ISO 27001, and combined audits of ISO 9001 and ISO 27001

Jan 2017 - Dec 2017

1 year

Functional Safety Release Manager ISO 26262

Tier 1

Coaching of the Safety Manager
Development and integration of methods to improve system overview, system boundaries, and system flows into the development process
Support in defining subsystem boundaries for evaluation in the FMEA according to their interfaces for hazard and risk analysis
Reviewing documents for content completeness according to the requirements of ISO 26262
Reviewing system FMEAs
Reporting
Highest Safety Integrity Level in the project: ASIL D
Distributed product development OEM/OES without defined system boundaries

Jan 2017 - Dec 2017

1 year

Functional Safety Manager ISO 26262

Tier 1

System analysis in the area of safety-relevant vehicle functions
Reviewing supplier documentation for safety validation and making approval decisions
Optimizing evidence management for ISO 26262
Highest Safety Integrity Level in the project: ASIL D
SOP: 07.2017

Jun 2016 - Oct 2024

8 years 5 months

On-site

Auditor

DQS GmbH

Conducting audits according to ISO 9001 (quality management)
Conducting audits according to ISO 27001 (information security)
Conducting audits according to TISAX (information security)
Conducting audits according to IT Security Catalog §11 para. 1a EnWG

Jan 2015 - Dec 2016

2 years

Safety Manager / Functional Safety Engineer ISO 26262

Tier 1

Assessing a system development workflow in electronics for transfer to the design department
Advising on item definition and system requirements analysis according to ISO 26262 and ISO 15504 (SPiCE) for a new product
Creating planning documents (safety plan and related documents) for this new product development
Conducting impact analyses
Deriving safety-related requirements for system, hardware, and software
Qualifying hardware components
Preparing project documentation (hazard & risk analysis, functional safety concept, etc.)
Conducting on-demand training for project participants
Coordinating relevant functional safety tasks within the team and the project
Reporting
Highest Safety Integrity Level in the project: ASIL D

Jan 2013 - Dec 2014

2 years

Functional Safety Engineer ISO 26262

OEM

Reviewing functional safety documentation of various projects for full compliance with standards, completeness, and consistency
Conducting functional safety assessments

Nov 2012 - Jul 2019

6 years 9 months

Auditor

DQS GmbH / DQS Bit GmbH

Conducting audits according to ISO 9001 (quality management)
Conducting audits according to ISO 27001 (information security)
Conducting audits according to ISO 27001 including IT Security Catalog §11 para. 1a EnWG

Jan 2010 - Dec 2014

5 years

Functional Safety Engineer ISO 26262

OEM

Developing the system boundary of subsystems to derive the required work packages for functional safety in collaboration with the involved departments
Consolidating and aligning existing FMEAs as well as hazard and risk analyses to identify open issues
Performing hazard assessments
Conducting hazard and risk analyses
Creating the safety plan
Developing the functional and technical safety concept
Drafting other necessary documentation
Determining test requirements for verification and validation of safety requirements
Checking test requirements for correct description in the test catalogs
Reviewing test results for deviations and assessing their safety relevance
Preparing the safety case
Highest Safety Integrity Level in the project: ASIL C

Jan 2008 - Dec 2010

3 years

Functional Safety Engineer ISO 26262 / IEC 61508

Tier 1

Working on the safety concept for an electric motor
Preparing project documents for the functional safety process
Deriving safety-related requirements for system, hardware and software
Highest Safety Integrity Level in the project: ASIL C

Jan 2008 - Dec 2008

1 year

Functional Safety Engineer ISO 26262 / IEC 61508

Tier 1

Introducing the team to functional safety and training them on the process workflow and resulting requirements
Creating a system and operations analysis
Analyzing the system FMEA to carry out the hazard and risk analysis
Implementing the gathered data in the safety concept, which was approved after the final FSM assessment
Execution based on IEC 61508

Jan 2005 - Dec 2005

1 year

Quality Management Representative

Tier 1

Building a quality management system according to ISO 9001
Integrating development processes based on the SPICE process maturity model (16 main software development processes) into the core processes
Successful initial certification with no nonconformities
Continued successful support of the QMS over a total period of three years
Permanent employment

Industry Experience

See where this freelancer has spent most of their professional time.

Experienced in Automotive, Professional Services, Utilities, and Information Technology.

Automotive

Professional Services

Utilities

Information Technology

Business Area Experience

See which departments and functions this freelancer has contributed to most.

Experienced in Quality Assurance, Product Development, Audit, Information Technology, Operations, and Project Management.

Quality Assurance

Product Development

Audit

Information Technology

Operations

Project Management

Skills

Process Management, Analysis, Development
Quality Management – Iso 9001
Information Security Management Iso 27001 And Industry-specific Extensions
Tisax – Vda Isa
Cybersecurity Management Iso/sae 21434 / Unece R155
Business Continuity Management (Emergency Management) Iso 22301 / Bsi 200-4
Integrating Management Systems And Process Models
Process Management, Analysis, Development
Automotive Spice – Iso 3300x
Automotive Functional Safety – Iso 26262 / Sae J3061
Safety Of The Intended Functionality (Sotif) – Iso/sae 21448
Automotive Cybersecurity – Iso/sae 21434
Linking Automotive Development Processes
Software Quality Assurance

Languages

German

Native

English

Advanced

Education

Dipl.-Ing. in Telecommunications Engineering (FH) · Telecommunications Engineering

Certifications & licenses

BSI IT Baseline Protection Practitioner.

Expertree Academy

TeleTrust Professional for Secure Software Engineering

TeleTrust & TÜV Rheinland

Business Continuity Manager – Emergency Manager (BCM)

Bitkom Akademie

Quality Assurance Management Professional (QAMP®)

iSQI GmbH – International Software Institute

Certified Tester (Foundation Level)

International Software Architecture Qualifications Board – ISTQB

Cybersecurity for Automotive SPiCE

intacs

ICO ISMS Foundation according to TISAX

ICO – International Certification Organisation AG

Certified Automotive Cyber Security Engineer (CSMS ISO/SAE 21434)

TÜV Nord

Automotive Security Combined Training: Security Technologies

Kugler Maag Cie GmbH

Practical Training SOTIF – Safety of the Intended Functionality

Kugler Maag Cie GmbH

Certified Automotive Cyber Security Professional

SGS-TÜV Saar

Certified Industry Cyber Security Professional

SGS-TÜV Saar

TÜV Rheinland Functional Safety Engineer (HW/SW Design)

TÜV Rheinland

Cyber Security according to IEC 62443-4 for components in industrial automation and control systems

TÜV Rheinland

Introduction to Cryptography and Data Security

ISITS AG / Ruhr Universität Bochum

Auditor ISO/IEC 27001 according to IT Security Catalog §11 (1a) EnWG

Suhm - Zulassung durch Bundesnetzagentur – Anerkennungsbesch.

TÜV Rheinland Functional Safety Engineer (Automotive)

TÜV Rheinland

Software Quality Improvement Leader (SQIL)

Volkswagen

ISO/IEC 15504 Provisional Assessor (Automotive SPiCE)

intacs

ISO 27001 Lead Implementer (Information Security Management) / ISO 27001 Lead Auditor (Information Security Management)

Professional Evaluation and Certification Board – PECB

DQS Quality Auditor

Deutsche Gesellschaft für Qualität e.V.

Certified Professional for Software Architecture (Foundation Level)

International Software Architecture Qualifications Board – iSAQB

Certified Professional for Requirements Engineering (Foundation Level)

International Requirements Engineering Board – IREB

ISO/IEC TR 15504 Process Assessment (SPiCE)

intacs

Project Management Specialist

Deutsche Gesellschaft für Projektmanagement – GPM/IPMA

Test Track Driving License Type B

ATP Automotive Testing Papenburg GmbH

Statistics

Experience

Total positions 24

Experience in Automotive 19 y

Avg length 2 y 3 m

Longest experience 8 y 4 m

Expertise

Recent roles Consultant/Coach Risk Management, Automotive SPICE, Functional Safety, Automotive Security, Processes, Consultant/Coach ISO/SAE 21434 / UNECE R-155, Auditor

Main industries Automotive, Professional Services, Utilities

Main business areas Quality Assurance, Product Development, Audit

Qualifications

Highest degree Bachelor

Certifications earned 26

Profile

Created

September 2023

Last Update

March 2026

Need a freelancer? Find your match in seconds.

Try FRATCH GPT

Frequently asked questions

Do you have questions? Here you can find further information.

Where is Thomas based?

Thomas is based in Bad Kissingen, Germany and can operate in on-site, hybrid, and remote work models.

What languages does Thomas speak?

Thomas speaks the following languages: German (Native), English (Advanced).

How many years of experience does Thomas have?

Thomas has at least 19 years of experience. During this time, Thomas has worked in at least 17 different roles and for 8 different companies. The average length of individual experience is 1 year and 10 months. Note that Thomas may not have shared all experience and actually has more experience.

What roles would Thomas be best suited for?

Based on recent experience, Thomas would be well-suited for roles such as: Consultant/Coach Risk Management, Automotive SPICE, Functional Safety, Automotive Security, Processes, Consultant/Coach ISO/SAE 21434 / UNECE R-155, Auditor.

What is Thomas's latest experience?

Thomas's most recent position is Consultant/Coach Risk Management, Automotive SPICE, Functional Safety, Automotive Security, Processes at Tier-1 Automotive Supplier.

What companies has Thomas worked for in recent years?

In recent years, Thomas has worked for Tier-1 Automotive Supplier, Tier 1, datenschutz cert GmbH, Tier 1 (Sweden / China), and Tier 1 (England / Poland / Germany).

Which industries is Thomas most experienced in?

Thomas is most experienced in industries like Automotive, Professional Services, and Utilities. Thomas also has some experience in Information Technology.

Which business areas is Thomas most experienced in?

Thomas is most experienced in business areas like Quality Assurance, Product Development, and Audit. Thomas also has some experience in Information Technology, Operations, and Project Management.

Which industries has Thomas worked in recently?

Thomas has recently worked in industries like Automotive, Professional Services, and Utilities.

Which business areas has Thomas worked in recently?

Thomas has recently worked in business areas like Audit, Quality Assurance, and Product Development.

What is Thomas's education?

Thomas holds a Bachelor in Telecommunications Engineering.

Does Thomas have any certificates?

Thomas has 26 certificates. Among them, these include: BSI IT Baseline Protection Practitioner., TeleTrust Professional for Secure Software Engineering, and Business Continuity Manager – Emergency Manager (BCM).

What is the availability of Thomas?

Thomas will be available part-time from April 2026.

What is the rate of Thomas?

Thomas's rate depends on the specific project requirements. Please use the Meet button on the profile to schedule a meeting and discuss the details.

How to hire Thomas?

To hire Thomas, click the Meet button on the profile to request a meeting and discuss your project needs.

Average rates for similar positions

Rates are based on recent contracts and do not include FRATCH margin.

1000

750

500

250

Market avg: 768-928 €

The rates shown represent the typical market range for freelancers in this position based on recent contracts on our platform.

Actual rates may vary depending on seniority level, experience, skill specialization, project complexity, and engagement length.

Similar Freelancers

Discover other experts with similar qualifications and experience

Experts recently working on similar projects

Freelancers with hands-on experience in comparable project as a Consultant/Coach Risk Management, Automotive SPICE, Functional Safety, Automotive Security, Processes