Fachlicher Schwerpunkt dieses Freiberuflers

Security Solution Architekt Java .NET, MS, IIS WebSphere JEE SOA OWASP Top 10 Pen Testing ebanking SAML SSO Apache PKI IBM Tivoli LDAP AD SWIFT T2S

verfügbar ab
01.07.2019
verfügbar zu
20 %
davon vor Ort
20 %
PLZ-Gebiet, Land

D3

D4

D5

Kontaktwunsch

Ich möchte bevorzugt für Projekte in diesen Einsatzorten kontaktiert werden.

Projekte

01/2013 - Heute

6 Jahre 5 Monate

Federation Services, Identity Management

Rolle
Technical Security Architect
Kunde
Bank, Brussels
Projektinhalte

Services: Renovation of Web Security for existing
and new applications (ASP.NET on IIS)

  • OWASP Top 10 Development
    Guidelines
  • E2E security architecture for 3 tier
    applications
  • Exchange of authentication platform
  • SSO design
  • Security middleware engineer for MQ, HSM platform, IIS, Filetransfer

Federated authentication for payment
network platform (Swift)

  • Wrote technical architecture for Swift Browse federation connectivity
  • Product specification for home grown Security Service (Microsoft Custom STS)
  • Project Management up to production
    integration
  • Wrote and implemented technical architecture for Transaction Signing Federation Service endpoint for 3 rd party Cloud Services and internal applications
  • Integration of Federation Architecture for cloud services such SalesForce and Oracle eBusiness systems
  • 2nd phase integration of internal applications into federation model
  • Definition and Documentation of Technical E2E Security Architecture
  • Integration of Identity Management
    platform

IIS 7.5, ASP.NET, MVC3, JQuery, JSON, .NET Framework 4.0, 4.5 WCF, ADFS 2.0, WIF, Tomcat, Shibboleth (mod_shib2), Component Space, SAML1.1,SAML2, Microsoft WIF, WS-Security, WS-Federation, Active Directory

03/2008 - 03/2014

6 Jahre 1 Monat

Line Organization Work X-Net Portal

Rolle
Senior Consultant and Technical Architect
Kunde
Insurance, Zürich
Projektinhalte

Services: Review of current WAS 6.1 Technical Architecture. Provided Technical Architecture and Guidance to project- and
infrastructure teams including:

  • Cell- and High Availability Setup
  • Gap analysis of Infrastructure (Documentation, Configuration, Configuration Management)
  • Development Guidelines and Development Documentations (e.g. Coding Standards, Naming Standards)
  • Security Review and Setup
  • Implementation of Custom Password Encryption Plug-in
  • Disaster Recovery Concept
  • Team Management Infrastructure and Guidance
  • Perl Scripting, Monitoring Support
  • Application Support, Troubleshooting

X-Net Portal -

  • Corrected various architecture decisions
  • Guidance of Technical Architect
  • Guidance of IT Security organization regarding Web Security Requirements
  • Support SSO Project to WebSphere Portal Server and WAS 6.1 including TAMeB 7.0 POC
  • WebSphere 7.0 Security Engineering
  • WPS 6.1 Security Engineering
  • Kerberos Sign-on to Citrix Applicationset

IBM WebSphere Application Server 6.0.2, 6.1, 7.0
WebSphere Portal Server 6

01/2012 - 12/2012

1 Jahr

New application

Rolle
Technical Security Architec
Kunde
Bank, Brussels
Projektinhalte

Services: Web Security for Microsoft-based Web 2.0
Application

  • Development of POC application
  • Verification of Security Requirements and OWASP Top 10 against Microsoft Product stack
  • Application of Security Requirements using MS APIs (VB.NET, MVC3, IIS configuration)
  • Documentation of Technical E2E Security Architecture
  • Security Design of Strong Authentication and Web Transaction Verification
  • Lead architect for Technical Architecture for Federation Platform. Product engineering ADFS 2.0, WIF
    3.5, 4.5, .NET 4.5, SAML2P and WS Federation protocols including Federation Broker approach

IIS 7.5, ASP.NET, MVC3, JQuery, JSON,
.NET Framework 4.0, 4.5, WCF, ADFS, WIF

03/2010 - 12/2011

1 Jahr 10 Monate

Common Communication Infrastructure (CCI)

Rolle
Technical Security Architect
Kunde
Bank, Brussels, London
Projektinhalte

Services: Development and Maintenance of Java
Frameworks including:

  • Development of HTTP Resource Adapter
  • Java Security Frameworks
  • Integration of Swift standards
  • Migration to WAS 7
  • PKI Services
  • Production support, Troubleshooting

WebServices Security Architect, IBM WebSphere Application
Server 6.1, 7.0

03/2010 - 03/2010

1 Monat

Electronic Voting Hub

Rolle
Senior Consultant and Technical Architect
Kunde
Bank Finland, Helsinki
Projektinhalte

Services: Review of current WAS 6.1 Technical Architecture, Application and Security Architecture for electronic voting hub
application:

  • Review of existing architecture
  • Redesign for SSO across various security domains
  • Technical Security Architecture Documentation, current- and redesigned target architecture

IBM WebSphere Application Server 6.1
Tivoli Access Manager 6.1

06/2008 - 03/2010

1 Jahr 10 Monate

Common Communication Infrastructure (CCI)

Rolle
WebServices Security Architect
Kunde
Bank London
Projektinhalte

Services: WebSphere Security Frameworks
Development including:

  • Basic security of a WAS 6 based infrastructure
  • WAS 6.1 Security Enablement
  • WebServices Security
  • PKI
  • Apache Commons HTTPS Client
  • WebServices XML Crypto
  • CICS JCA Resource Adapter
  • CICS Transaction Gateway
  • CICS Security
  • SAML SSO
  • WS-Trust, WS-Federation
  • WebSphere TAI and LoginModules
  • Design and implementation of WAS Authentication Server (WebServices based)
  • Development of PKI scripts and PKI procedure
  • Documentation Work
  • Non Repudiation using Signature Verification within Vordel Validation Engine
  • WebServices Development
  • Java Obfuscation
  • Java Development (Resource Adapter,WebServices, JUnit Tests)

Middleware Technology Review - assessment of Customer’s cross division IT systems including:

  • MQ, DB/2, Application Server, .NET, Directory Services, Mainframe Middleware
  • Assessment and Roadmap

IBM WebSphere Application Server 6.0.2, 6.1, 7.0
WebServices Security OASIS1.1 WS-Federation, WS-Trust, SAML WebSphere Authentiation Server, Active Directory, Active Directory Application Mode (ADAM), AIX Security, Apache 2.0, XML Security, Java WebStart
Active Directory / ADAM, PKI, CICS Transaction Gateway
CICS Transaction Server, RACF, Maven, Eclipse 3.3 – 3.6
Vordel 4, 5

09/2007 - 05/2008

9 Monate

New Web System

Rolle
Security Architect
Kunde
Credit Information, Zurich
Projektinhalte

Services: Security Audits on behalf of the company
for various customer sites connecting to the application system (MQ and Browser based channel)

12/2005 - 05/2008

2 Jahre 6 Monate

Common Communication Infrastructure (CCI)

Rolle
Technical Security Architect WebServices Security Architect
Kunde
Bank, Brussels, Paris, London,
Projektinhalte

Services: Provided Technical Security Architecture
and Security Requirements for targeted J2EE- and WebSphere based System platform for a Single Settlement Engine including:

  • Basic security of a WAS 6 based infrastructure
  • Fat Java Client Application
  • WebServices
  • PKI
  • CICS JCA Resource Adapter
  • CICS Transaction Gateway
  • CICS Security
  • MQ Security
  • DB/2 Security

E2E Security Architecture including

  • Fat Java Client Architecture
  • WebServices Middle Tier
  • CICS TG backend integration
  • CICS and RACF Security
  • CICS TG backend integration
  • SAML SSO
  • WS-Trust, WS-Federation

Engineering of WAS 6 including

  • Configuration Management
  • Admin Scripting (JACL)
  • Security Enablement
  • PKI implementation, Scripting
  • SSO enablement
  • WebServices Authentication POC

WebSphere Frameworks Development

  • WebSphere TAI and LoginModules
  • Design and implementation of WAS Authentication Server (WebServices based)
  • Development of PKI scripts and PKI procedure

XML Security Appliance Evaluation and Testing

  • Datapower, Vordel, Forum Sentry
  • Apache mod_security

Security Standardization – Major support for IT Security Architecture Department in standardization Security Policies for

  • RACF
  • Active Directory, Active Directory Application Mode (ADAM)
  • CICS Transaction Server, CTG, CPSM
  • AIX Security
  • DB/2 Security
  • Web- and Application Servers,
  • MQ Security

IBM WebSphere Application Server 6.0.2, IBM DataPower XI50, WebServices Security OASIS1.1, WS-Federation, WS-Trust, SAML, WebSphere Authentiation Server
Active Directory, Active Directory Application Mode (ADAM), AIX Security, Apache 2.0 XML Security, Java WebStart, Active Directory / ADAM, PKI, CICS Transaction Gateway, CICS Transaction Server, RACF

10/2007 - 11/2007

2 Monate

Portal Web Site

Rolle
WebSphere Security Architect
Kunde
Research Organization, Davos
Projektinhalte

Services: Provided Target Architecture for Portal 6
Infrastructure. Installation and Configuration of WebSphere 6, Portal 6, TAM 6. Engineering and Setup of target Infrastructure.

03/2007 - 03/2007

1 Monat

Security Review

Rolle
Security Architect J2EE Security Engineer
Kunde
Retail Bank, Germany

Projekthistorie

-- Weitere Projekte auf Anfrage --

Kompetenzen

Hardware
SPARC
Windows Platforms
z/OS

Betriebssysteme
HP-UX
Solaris
SunOS
Windows
Windows Server

Datenkommunikation

IPC, shared memory / semaphore, named pipes, unnamed pipes, message queues, Berkley Sockets,
RPC, TCP/IP, HTTP, IIOP


Programmiersprachen

Assembler (3270, 6520, 68xxx), Pascal, ANSI-C, C++, Java, Visual Basic, VB.Net,, GW Basic, Prolog, TCL/TK, Skripting (csh, ksh, sh)

Java / Web Technologies:

J2EE, EJB, RMI, JDK, JSP, Java Servlets, Java Portlets (JSR 168), JNDI, JDBC, JTS, JTA, JSSE,
JCA, J2C, JAAS, JCE, Java Swing, Struts, Java Script , ASP.NET MVC3


Produkte / Standards / Erfahrungen

Development Environments

vi, make, Sun Workshop, Sun Forte, Sniff, Visual Age for Java, WebSphere Application (WSAD), IBM Rational Application Developer (RAD), Eclipse, Visual Café, WebGain Studio, MS Visual Studio, Metamata Quality Analyzer, Macromedia Dreamweaver, Rationa, WebGain Structure Builder, CVS, Clearcase, SVR4 Packaging

Security Products:

OpenSSL, IBM Tivoli Access Manager for e-Business (WebSEAL Reverse Proxy, TAM,
AccessManager for WebSphere) ,2AB,RACF Security Server, Hardware Security Modules

Middleware Security

CORBA Security, CORBA 3.0 CSIv2, GSS, DCE, Kerberos, SASL, SSL, TLS, JSSE, JCE, HSM, IBM GSKit, IBM Tivoli, OMG RAD-F, PKI, X.500, X.509, RSA, PKCS#7 – PKCS#12, WebServices Security, .NET Security, WS Federation, SAML2P

Middleware Architectures

OMG CORBA, Oracle J2E, EJB, IBM MOFW, BEA TP-F, COM/CORBA Bridging

Middleware Products

  • CORBA IONA Orbix, Inprise VisiBroker, IBM ComponentBroker, Unisys OTM 2200, BANK ISI
    Framework, non-commercial ORBs
  • Web Server Apache, IBM HTTP Server, Microsoft IIS
  • App Server BEA Weblogic Server / Enterprise, IBM WebSphere Application Server 3.0 – 7.0, IBM WebSphere Business Integration Foundation Server 5.x, 6, 6.1
    ISBuMn WiPleabnSept,h IeOrNe AP oiPrtoarlt aSle, rInveprr is4e.2 A, 5p.p0li.c2a, t5io.1n, 6.0,
    Server, Gemstone/J Application Server
  • App Firewall Vordel XML SecureGateway, Apache mod_security
  • OO/REL TOPLink for Java, TOPLink for WebLogic Server, TOPLink for WebSphere
  • MOM IBM MQSeries, AMBI, CORBA Messaging, Sybase OpenClient-/Server
  • TPM BEA Tuxedo

Sprachkenntnisse
Deutsch
Muttersprache
Englisch
fließend
Französisch
Basics
Spanisch
fließend

Ausbildungshistorie

Education

  • 2012 Windows Identify Foundation
  • 2009 VordelSecure XML Gateway
  • 2007 Co-Author of IBM Redpiece WebSphere Portal 6 Security
  • 2006 IBM WebSphere Application Server 6.1 (as part of WebSphere Beta Program)
  • 2005 IBM Tivoli Access Manager for e-Business 6.0, IBM ESP
  • 2004 IBM Tivoli Federated Identity Manager (TFIM), IBM ESP
  • 2003 IBM WebSphere Portal Server 4.0 / 5.0 / 5.1 / 6.0
  • 2002 Web Services IBM WebSphere 5.0 (as part of WebSphere Beta Program)
  • 2001 WebGain Studio TOPLink for Java / WebLogic Server / WebSphere
    Application Composer BEA Weblogic Server 2000 IBM 390 Architecture and Base Systems
    Advanced Java Programming
  • 1999 Sun SVR4 Packaging
  • 1998 Business Basics of Investment Banking
×
×