IT-Sicherheit, PKI, IoT, Linux, Kubernetes, Cloud- und Software-Architektur
Aktualisiert am 15.08.2024
Profil
Freiberufler / Selbstständiger
Remote-Arbeit
Verfügbar ab: 15.08.2024
Verfügbar zu: 100%
davon vor Ort: 25%
PKI
Kubernetes
IoT
Linux
Cloud- und Software-Architektur
IT-Sicherheit
Java
Kotlin
ISO 2700
IT-Grundschutz
IEC 62443
Azure
Docker
AS4
DevOps
Hashicorp
GitLab
OpenShift
Keycloak
IAM
TPM
Verschlüsselung
MQTT & OPC UA
German
native language
English
fluent
French
basic knowledge
Dutch
basic knowledge

Einsatzorte

Einsatzorte

Deutschland, Schweiz, Österreich
möglich

Projekte

Projekte

3 Jahre 8 Monate
2021-01 - heute

Product development and operation of own device onboarding

Business Executive and Chief Technical Officer Linux Java Kotlin ...
Business Executive and Chief Technical Officer
  • Product development and operation of own device onboarding and secret management solution for manufacturers of industrial sensors, edge devices and PLCs. Management of an international seven member software developer team. 
  • Industry-focused consulting on IT-Security (PKI, CRA, NIS, IEC 62443) and Kubernetes for sensor & edge manufacturer, energy provider and industrial production operators.
Linux Java Kotlin Spring Angular Kubernetes (Native OpenShift) Azure Services (IoT Hub DPS AD) AWS Keycloak PKI Systems (Hashicorp Vault Azure Key Vault) HSM TPM SE Scrum CI/CD Git Lab Docker Ansible Terraform Helm Project Management DevOps Monitoring (Prometheus) & Logging IT Security operation (OWASP ISO 27001 BSI Grundschutz) Testing Code Review
DEVITY GmbH - former: Uthe, Milder GbR
5 Monate
2022-10 - 2023-02

Development of a security architecture

IT Security Architect & IT Solution Architect (Freelancer) IT Security Architecture Risk Analysis Requirement document (BSI KritisV ...
IT Security Architect & IT Solution Architect (Freelancer)
  • Development of a security architecture for transmitting critical data in critical infrastructure.
  • Deployed a redundant Smart Meter PKI conformant HSM solution in Data Center.
  • Consulting on the introduction of the use of elliptic curve cryptography with certificates for the transmission of secured data and conception of a solution for the storage of the private key material in a hardware-based enclave in compliance with the specifications for smart meter PKI of the German Federal Ministry for Security in Information Technology (BSI).
IT Security Architecture Risk Analysis Requirement document (BSI KritisV Smart Meter PKI) Threat Modelling PKI supplier selection AS4 HSM Secret Management Design Project Mmanagement Technology Consulting
Elia Group/ 50 Hertz
1 Jahr 9 Monate
2021-01 - 2022-09

research project responsible for the automation of the initial distribution

Researcher IT Security (OWASP BSI Grundschutz) Edge computing ...
Researcher
  • Technical lead in a research project responsible for the automation of the initial distribution as well as the lifecycle of x.509 certificates in (I)IoT use cases. 
  • Integrated various (I)IoT platforms with different key management systems while the devices? identities were managed in TPMs along the supply chain. 
  • Automated setup of a 3 tier PKI (incl. offline root) for OPC UA and MQTT use cases. Maintained deployments of services on self managed Kubernetes Cluster on VMWare. 
  • Integrated multi-tenancy system using Keycloak as well as integrations to cloud services like AWS IAM and Azure AD. 
  • Management of an international 7 member software developer team. Master?s thesis mentoring.
IT Security (OWASP BSI Grundschutz) Edge computing Key Management Systems (Hashicorp Vault Azure Key Vault) Keycloak PKI (openssl EST SCEP OCSP) TPM (I)IoT Deployments Linux Java Kotlin Kafka Typescript Docker Ansible Terraform Azure AWS ThingsBoard Grafana Jira Scrum Kubernetes (OpenShift VMWare) CI/CD Git Lab DevOps Monitoring Testing Code Review Leadership
University of Paderborn
1 Jahr 1 Monat
2019-12 - 2020-12

Developed the security concept

Software Architect, Product Owner, Project Manager Cloud Architecture (I)IoT Deployments ITSecurity ...
Software Architect, Product Owner, Project Manager
  • Worked as product owner of a customized (I)IoT Platform for a customer from the environmental protection and work safety sector. 
  • Acquired requirements in close collaboration with the client as the main contact person and formulated technical requirements.
  • Developed the security concept for the device connectivity. 
  • Managed and supervised the international development team as well as reviewed their deliveries.
Cloud Architecture (I)IoT Deployments ITSecurity Azure Services (IoT Hub DPS AD) Auth0 .Net Angular Grafana Keycloack Jira Project Management Consulting
ROBIOTIC GmbH
6 Jahre 9 Monate
2013-04 - 2019-12

Technical consulting on Web Applications

Web Development and Consulting PHP Laravel Angular ...
Web Development and Consulting
  • Technical consulting on Web Applications. Planed, coordinated and developed tailormade Web Applications on project bases with a small team.


Projects:

  • Finca & Ferienhaus-Urlaub ? 2013
  • FILMOND ? 2017 - 2018
  • Cornelsen Verlag GmbH ? 2014 - 2017, 2019

PHP Laravel Angular Web Applications Leadership
GuUthe IT
1 Jahr 1 Monat
2018-09 - 2019-09

5G mobile network NFV/ SDN

Research Assistant Network routing SDN NFV ...
Research Assistant
Projects:
  • 5G mobile network NFV/ SDN
  • RealNFV: reinforcement learning within 5G mobile network NFV orchestration
Network routing SDN NFV reinforcement learning Tensorflow Keras Keras-rl Q-Learning Deep Deterministic Policy Gradient (DDPG)
University of Paderborn
3 Monate
2018-04 - 2018-06

Konzepte und Methoden der Systemsoftware (KMS)

Tutor
Tutor
Lecture:
  • Konzepte und Methoden der Systemsoftware (KMS)
University of Paderborn
2 Jahre
2012-01 - 2013-12

Automated the installation of dedicated hosts

Backend Developer, Software Engineer, System Engineer, System Administrator Linux Java MongoDB ...
Backend Developer, Software Engineer, System Engineer, System Administrator
  • Automated the installation of dedicated hosts for a container virtualization system as well as the installation of Mail- and DNS-Servers. 
  • Developed monitoring systems and migration tools for transparent container migration between host systems. Introduced an infrastructure wide host and employee authentication service based on Kerberos. 
  • Managed two interns. 
  • Because of the small number of employees, I got close insights in team government and team management while the company was growing.
Linux Java MongoDB Web Application Development Container Virtualization DNS Mail Kerberos Firewall Configuration Management Monitoring High Availability Hosting Backup Systems Leadership
maxcluster GmbH
Paderborn
2 Jahre
2012-01 - 2013-12

various project tasks

Data Analyst
Data Analyst
Atos IT Solutions and Services GmbH
Paderborn
7 Monate
2011-05 - 2011-11

Database Engineering

Database Engineer
Database Engineer
NEXOMA / INTERMOVES
Paderborn
1 Jahr 2 Monate
2009-03 - 2010-04

Military Service

Panzergrenadier Basic
Panzergrenadier Basic
Panzergrenadierlehrbataillon
Munster
2 Jahre 5 Monate
2007-02 - 2009-06

Application Development

Application Developer .Net .NET Compact Framework Basic ...
Application Developer
.Net .NET Compact Framework Basic stocktaking software RFID and barcode systems
cosys Ident GmbH
Holle

Aus- und Weiterbildung

Aus- und Weiterbildung

2022

ISO 27001 and IT-Grundschutz (IT-Sicherheitsbeauftragter gemäß ISO 27001 und IT-Grundschutz)

Information Security Officer


2015 - 2019

Computer Science

M.Sc

University of Paderborn


Key Focus:

  • majoring in Embedded Systems and System Software
  • minoring in Media Studies
  • total grade 1.8
  • Master Thesis: 2.0 (Title on request)


Project Group:
  • OpenBarista ? Open source cloud orchestration framework

Kompetenzen

Kompetenzen

Top-Skills

PKI Kubernetes IoT Linux Cloud- und Software-Architektur IT-Sicherheit Java Kotlin ISO 2700 IT-Grundschutz IEC 62443 Azure Docker AS4 DevOps Hashicorp GitLab OpenShift Keycloak IAM TPM Verschlüsselung MQTT & OPC UA

Produkte / Standards / Erfahrungen / Methoden

Personal Profile
  • As a cryptography and Linux enthusiast, I have about 15 years of professional experience in ITsecurity, software architecture, software development and software operation. Therefore, I have an extraordinary expertise in building end-to-end software related to customers? business requirements for secure operation. Currently, I am Business Executive and CTO at DEVITY GmbH, where I build and operate a customized solution for HSM backed PKI automation (On-Premises and SaaS) in our own Kubernetes Cluster. 
  • I am responsible for managing a team of seven software developers with the goal to implement new standards on authentication and certificate distribution. Besides that, I consult software engineers on secure Kubernetes architectures, IT security and (I)IoT deployments. 
  • I have over five years of experience in highavailability hosting, putting me in position to set up and host critical services in virtualized infrastructures. As certified Information Security Officer (TÜV), I am also able to analyze and categorize cyber security risks and requirements.


Known technologies

  • Angular
  • Ansible
  • aws (IoT, PKI, IAM)
  • Azure (IoT, PKI, AD)
  • CI/CD
  • Docker
  • Ejabberd
  • FIDO Standards
  • GitLab
  • Grafana
  • Hashicorp Vault
  • Kafka
  • Kubernetes (native, VMWare, OpenShift)
  • Kerberos
  • Keycloak (IAM)
  • Linux (RHEL/Debian/ Ubuntu)
  • LoRaWAN
  • MongoDB
  • NFC
  • Nginx
  • Node.js
  • OPC UA
  • OpenSSL (CLI, lib)
  • OpenStack
  • PKI (x509, ACME, EST, OCSP, SCEP)
  • PowerDNS
  • Prometheus
  • pulumi
  • Secure Elements (SE/ TPM/ HSM)
  • Spring (Reactive), Java
  • Terraform

Programmiersprachen

Bash
C
C#.NET
Java / Kotlin / XTEND
JavaScript
PHP
Python
TypeScript

Einsatzorte

Einsatzorte

Deutschland, Schweiz, Österreich
möglich

Projekte

Projekte

3 Jahre 8 Monate
2021-01 - heute

Product development and operation of own device onboarding

Business Executive and Chief Technical Officer Linux Java Kotlin ...
Business Executive and Chief Technical Officer
  • Product development and operation of own device onboarding and secret management solution for manufacturers of industrial sensors, edge devices and PLCs. Management of an international seven member software developer team. 
  • Industry-focused consulting on IT-Security (PKI, CRA, NIS, IEC 62443) and Kubernetes for sensor & edge manufacturer, energy provider and industrial production operators.
Linux Java Kotlin Spring Angular Kubernetes (Native OpenShift) Azure Services (IoT Hub DPS AD) AWS Keycloak PKI Systems (Hashicorp Vault Azure Key Vault) HSM TPM SE Scrum CI/CD Git Lab Docker Ansible Terraform Helm Project Management DevOps Monitoring (Prometheus) & Logging IT Security operation (OWASP ISO 27001 BSI Grundschutz) Testing Code Review
DEVITY GmbH - former: Uthe, Milder GbR
5 Monate
2022-10 - 2023-02

Development of a security architecture

IT Security Architect & IT Solution Architect (Freelancer) IT Security Architecture Risk Analysis Requirement document (BSI KritisV ...
IT Security Architect & IT Solution Architect (Freelancer)
  • Development of a security architecture for transmitting critical data in critical infrastructure.
  • Deployed a redundant Smart Meter PKI conformant HSM solution in Data Center.
  • Consulting on the introduction of the use of elliptic curve cryptography with certificates for the transmission of secured data and conception of a solution for the storage of the private key material in a hardware-based enclave in compliance with the specifications for smart meter PKI of the German Federal Ministry for Security in Information Technology (BSI).
IT Security Architecture Risk Analysis Requirement document (BSI KritisV Smart Meter PKI) Threat Modelling PKI supplier selection AS4 HSM Secret Management Design Project Mmanagement Technology Consulting
Elia Group/ 50 Hertz
1 Jahr 9 Monate
2021-01 - 2022-09

research project responsible for the automation of the initial distribution

Researcher IT Security (OWASP BSI Grundschutz) Edge computing ...
Researcher
  • Technical lead in a research project responsible for the automation of the initial distribution as well as the lifecycle of x.509 certificates in (I)IoT use cases. 
  • Integrated various (I)IoT platforms with different key management systems while the devices? identities were managed in TPMs along the supply chain. 
  • Automated setup of a 3 tier PKI (incl. offline root) for OPC UA and MQTT use cases. Maintained deployments of services on self managed Kubernetes Cluster on VMWare. 
  • Integrated multi-tenancy system using Keycloak as well as integrations to cloud services like AWS IAM and Azure AD. 
  • Management of an international 7 member software developer team. Master?s thesis mentoring.
IT Security (OWASP BSI Grundschutz) Edge computing Key Management Systems (Hashicorp Vault Azure Key Vault) Keycloak PKI (openssl EST SCEP OCSP) TPM (I)IoT Deployments Linux Java Kotlin Kafka Typescript Docker Ansible Terraform Azure AWS ThingsBoard Grafana Jira Scrum Kubernetes (OpenShift VMWare) CI/CD Git Lab DevOps Monitoring Testing Code Review Leadership
University of Paderborn
1 Jahr 1 Monat
2019-12 - 2020-12

Developed the security concept

Software Architect, Product Owner, Project Manager Cloud Architecture (I)IoT Deployments ITSecurity ...
Software Architect, Product Owner, Project Manager
  • Worked as product owner of a customized (I)IoT Platform for a customer from the environmental protection and work safety sector. 
  • Acquired requirements in close collaboration with the client as the main contact person and formulated technical requirements.
  • Developed the security concept for the device connectivity. 
  • Managed and supervised the international development team as well as reviewed their deliveries.
Cloud Architecture (I)IoT Deployments ITSecurity Azure Services (IoT Hub DPS AD) Auth0 .Net Angular Grafana Keycloack Jira Project Management Consulting
ROBIOTIC GmbH
6 Jahre 9 Monate
2013-04 - 2019-12

Technical consulting on Web Applications

Web Development and Consulting PHP Laravel Angular ...
Web Development and Consulting
  • Technical consulting on Web Applications. Planed, coordinated and developed tailormade Web Applications on project bases with a small team.


Projects:

  • Finca & Ferienhaus-Urlaub ? 2013
  • FILMOND ? 2017 - 2018
  • Cornelsen Verlag GmbH ? 2014 - 2017, 2019

PHP Laravel Angular Web Applications Leadership
GuUthe IT
1 Jahr 1 Monat
2018-09 - 2019-09

5G mobile network NFV/ SDN

Research Assistant Network routing SDN NFV ...
Research Assistant
Projects:
  • 5G mobile network NFV/ SDN
  • RealNFV: reinforcement learning within 5G mobile network NFV orchestration
Network routing SDN NFV reinforcement learning Tensorflow Keras Keras-rl Q-Learning Deep Deterministic Policy Gradient (DDPG)
University of Paderborn
3 Monate
2018-04 - 2018-06

Konzepte und Methoden der Systemsoftware (KMS)

Tutor
Tutor
Lecture:
  • Konzepte und Methoden der Systemsoftware (KMS)
University of Paderborn
2 Jahre
2012-01 - 2013-12

Automated the installation of dedicated hosts

Backend Developer, Software Engineer, System Engineer, System Administrator Linux Java MongoDB ...
Backend Developer, Software Engineer, System Engineer, System Administrator
  • Automated the installation of dedicated hosts for a container virtualization system as well as the installation of Mail- and DNS-Servers. 
  • Developed monitoring systems and migration tools for transparent container migration between host systems. Introduced an infrastructure wide host and employee authentication service based on Kerberos. 
  • Managed two interns. 
  • Because of the small number of employees, I got close insights in team government and team management while the company was growing.
Linux Java MongoDB Web Application Development Container Virtualization DNS Mail Kerberos Firewall Configuration Management Monitoring High Availability Hosting Backup Systems Leadership
maxcluster GmbH
Paderborn
2 Jahre
2012-01 - 2013-12

various project tasks

Data Analyst
Data Analyst
Atos IT Solutions and Services GmbH
Paderborn
7 Monate
2011-05 - 2011-11

Database Engineering

Database Engineer
Database Engineer
NEXOMA / INTERMOVES
Paderborn
1 Jahr 2 Monate
2009-03 - 2010-04

Military Service

Panzergrenadier Basic
Panzergrenadier Basic
Panzergrenadierlehrbataillon
Munster
2 Jahre 5 Monate
2007-02 - 2009-06

Application Development

Application Developer .Net .NET Compact Framework Basic ...
Application Developer
.Net .NET Compact Framework Basic stocktaking software RFID and barcode systems
cosys Ident GmbH
Holle

Aus- und Weiterbildung

Aus- und Weiterbildung

2022

ISO 27001 and IT-Grundschutz (IT-Sicherheitsbeauftragter gemäß ISO 27001 und IT-Grundschutz)

Information Security Officer


2015 - 2019

Computer Science

M.Sc

University of Paderborn


Key Focus:

  • majoring in Embedded Systems and System Software
  • minoring in Media Studies
  • total grade 1.8
  • Master Thesis: 2.0 (Title on request)


Project Group:
  • OpenBarista ? Open source cloud orchestration framework

Kompetenzen

Kompetenzen

Top-Skills

PKI Kubernetes IoT Linux Cloud- und Software-Architektur IT-Sicherheit Java Kotlin ISO 2700 IT-Grundschutz IEC 62443 Azure Docker AS4 DevOps Hashicorp GitLab OpenShift Keycloak IAM TPM Verschlüsselung MQTT & OPC UA

Produkte / Standards / Erfahrungen / Methoden

Personal Profile
  • As a cryptography and Linux enthusiast, I have about 15 years of professional experience in ITsecurity, software architecture, software development and software operation. Therefore, I have an extraordinary expertise in building end-to-end software related to customers? business requirements for secure operation. Currently, I am Business Executive and CTO at DEVITY GmbH, where I build and operate a customized solution for HSM backed PKI automation (On-Premises and SaaS) in our own Kubernetes Cluster. 
  • I am responsible for managing a team of seven software developers with the goal to implement new standards on authentication and certificate distribution. Besides that, I consult software engineers on secure Kubernetes architectures, IT security and (I)IoT deployments. 
  • I have over five years of experience in highavailability hosting, putting me in position to set up and host critical services in virtualized infrastructures. As certified Information Security Officer (TÜV), I am also able to analyze and categorize cyber security risks and requirements.


Known technologies

  • Angular
  • Ansible
  • aws (IoT, PKI, IAM)
  • Azure (IoT, PKI, AD)
  • CI/CD
  • Docker
  • Ejabberd
  • FIDO Standards
  • GitLab
  • Grafana
  • Hashicorp Vault
  • Kafka
  • Kubernetes (native, VMWare, OpenShift)
  • Kerberos
  • Keycloak (IAM)
  • Linux (RHEL/Debian/ Ubuntu)
  • LoRaWAN
  • MongoDB
  • NFC
  • Nginx
  • Node.js
  • OPC UA
  • OpenSSL (CLI, lib)
  • OpenStack
  • PKI (x509, ACME, EST, OCSP, SCEP)
  • PowerDNS
  • Prometheus
  • pulumi
  • Secure Elements (SE/ TPM/ HSM)
  • Spring (Reactive), Java
  • Terraform

Programmiersprachen

Bash
C
C#.NET
Java / Kotlin / XTEND
JavaScript
PHP
Python
TypeScript

Vertrauen Sie auf Randstad

Im Bereich Freelancing
Im Bereich Arbeitnehmerüberlassung / Personalvermittlung

Fragen?

Rufen Sie uns an +49 89 500316-300 oder schreiben Sie uns:

Das Freelancer-Portal

Direktester geht's nicht! Ganz einfach Freelancer finden und direkt Kontakt aufnehmen.