Freelancer: Architekt, Sicherheit, Java, .NET, MS, IIS IBM ISAM, JEE SOA OWASP Top 10 Pen Testing IAM, ebanking, SAML SSO Apache PKI IBM Tivoli LDAP AD SWIFT T2S

Freiberufler / Selbstst�ndiger

Verf�gbar ab: 01.01.2023

Verf�gbar zu: 100%

davon vor Ort: 100%

Top-Skills

Security, Architektur, Engineering

OWASP, Web Security

SAML, OIDC, Oauth

SWIFT, TARGET"

Sprachen

Deutsch

Englisch

Franz�sisch

Spanisch

Einsatzorte

St�dte

H�xter (+100km) Haldensleben (+75km) Schwalmstadt (+75km) Essen (+75km) Ibbenb�ren (+75km) Cochem (+75km) Bonn (+75km) Soest (+50km)

Remote-Arbeit

nicht m�glich

Projekte

11 Jahre 3 Monate

2013-01 - heute

Federation Services, Identity Management

Technical Security Architect

Rolle

Technical Security Architect

Projektinhalte

Services: Renovation of Web Security for existing
and new applications (ASP.NET on IIS)

OWASP Top 10 Development
Guidelines
E2E security architecture for 3 tier
applications
Exchange of authentication platform
SSO design
Security middleware engineer for MQ, HSM platform, IIS, Filetransfer

Federated authentication for payment
network platform (Swift)

Wrote technical architecture for Swift Browse federation connectivity
Product specification for home grown Security Service (Microsoft Custom STS)
Project Management up to production
integration
Wrote and implemented technical architecture for Transaction Signing Federation Service endpoint for 3 rd party Cloud Services and internal applications
Integration of Federation Architecture for cloud services such SalesForce and Oracle eBusiness systems
2nd phase integration of internal applications into federation model
Definition and Documentation of Technical E2E Security Architecture
Integration of Identity Management
platform

IIS 7.5, ASP.NET, MVC3, JQuery, JSON, .NET Framework 4.0, 4.5 WCF, ADFS 2.0, WIF, Tomcat, Shibboleth (mod_shib2), Component Space, SAML1.1,SAML2, Microsoft WIF, WS-Security, WS-Federation, Active Directory

Kunde

Bank, Brussels

6 Jahre 1 Monat

2008-03 - 2014-03

Line Organization Work X-Net Portal

Senior Consultant and Technical Architect

Rolle

Senior Consultant and Technical Architect

Projektinhalte

Services: Review of current WAS 6.1 Technical Architecture. Provided Technical Architecture and Guidance to project- and
infrastructure teams including:

Cell- and High Availability Setup
Gap analysis of Infrastructure (Documentation, Configuration, Configuration Management)
Development Guidelines and Development Documentations (e.g. Coding Standards, Naming Standards)
Security Review and Setup
Implementation of Custom Password Encryption Plug-in
Disaster Recovery Concept
Team Management Infrastructure and Guidance
Perl Scripting, Monitoring Support
Application Support, Troubleshooting

X-Net Portal -

Corrected various architecture decisions
Guidance of Technical Architect
Guidance of IT Security organization regarding Web Security Requirements
Support SSO Project to WebSphere Portal Server and WAS 6.1 including TAMeB 7.0 POC
WebSphere 7.0 Security Engineering
WPS 6.1 Security Engineering
Kerberos Sign-on to Citrix Applicationset

IBM WebSphere Application Server 6.0.2, 6.1, 7.0
WebSphere Portal Server 6

Kunde

Insurance, Z�rich

Rolle

Technical Security Architec

Projektinhalte

Services: Web Security for Microsoft-based Web 2.0
Application

Development of POC application
Verification of Security Requirements and OWASP Top 10 against Microsoft Product stack
Application of Security Requirements using MS APIs (VB.NET, MVC3, IIS configuration)
Documentation of Technical E2E Security Architecture
Security Design of Strong Authentication and Web Transaction Verification
Lead architect for Technical Architecture for Federation Platform. Product engineering ADFS 2.0, WIF
3.5, 4.5, .NET 4.5, SAML2P and WS Federation protocols including Federation Broker approach

IIS 7.5, ASP.NET, MVC3, JQuery, JSON,
.NET Framework 4.0, 4.5, WCF, ADFS, WIF

Kunde

Bank, Brussels

1 Jahr 10 Monate

2010-03 - 2011-12

Common Communication Infrastructure (CCI)

Technical Security Architect

Rolle

Technical Security Architect

Projektinhalte

Services: Development and Maintenance of Java
Frameworks including:

Development of HTTP Resource Adapter
Java Security Frameworks
Integration of Swift standards
Migration to WAS 7
PKI Services
Production support, Troubleshooting

WebServices Security Architect, IBM WebSphere Application
Server 6.1, 7.0

Kunde

Bank, Brussels, London

1 Monat

2010-03 - 2010-03

Electronic Voting Hub

Senior Consultant and Technical Architect

Rolle

Senior Consultant and Technical Architect

Projektinhalte

Services: Review of current WAS 6.1 Technical Architecture, Application and Security Architecture for electronic voting hub
application:

Review of existing architecture
Redesign for SSO across various security domains
Technical Security Architecture Documentation, current- and redesigned target architecture

IBM WebSphere Application Server 6.1
Tivoli Access Manager 6.1

Kunde

Bank Finland, Helsinki

1 Jahr 10 Monate

2008-06 - 2010-03

Common Communication Infrastructure (CCI)

WebServices Security Architect

Rolle

WebServices Security Architect

Projektinhalte

Services: WebSphere Security Frameworks
Development including:

Basic security of a WAS 6 based infrastructure
WAS 6.1 Security Enablement
WebServices Security
PKI
Apache Commons HTTPS Client
WebServices XML Crypto
CICS JCA Resource Adapter
CICS Transaction Gateway
CICS Security
SAML SSO
WS-Trust, WS-Federation
WebSphere TAI and LoginModules
Design and implementation of WAS Authentication Server (WebServices based)
Development of PKI scripts and PKI procedure
Documentation Work
Non Repudiation using Signature Verification within Vordel Validation Engine
WebServices Development
Java Obfuscation
Java Development (Resource Adapter,WebServices, JUnit Tests)

Middleware Technology Review - assessment of Customer’s cross division IT systems including:

MQ, DB/2, Application Server, .NET, Directory Services, Mainframe Middleware
Assessment and Roadmap

IBM WebSphere Application Server 6.0.2, 6.1, 7.0
WebServices Security OASIS1.1 WS-Federation, WS-Trust, SAML WebSphere Authentiation Server, Active Directory, Active Directory Application Mode (ADAM), AIX Security, Apache 2.0, XML Security, Java WebStart
Active Directory / ADAM, PKI, CICS Transaction Gateway
CICS Transaction Server, RACF, Maven, Eclipse 3.3 – 3.6
Vordel 4, 5

Kunde

Bank London

Rolle

Security Architect

Projektinhalte

Services: Security Audits on behalf of the company
for various customer sites connecting to the application system (MQ and Browser based channel)

Kunde

Credit Information, Zurich

2 Jahre 6 Monate

2005-12 - 2008-05

Common Communication Infrastructure (CCI)

Technical Security Architect WebServices Security Architect

Rolle

Technical Security Architect WebServices Security Architect

Projektinhalte

Services: Provided Technical Security Architecture
and Security Requirements for targeted J2EE- and WebSphere based System platform for a Single Settlement Engine including:

Basic security of a WAS 6 based infrastructure
Fat Java Client Application
WebServices
PKI
CICS JCA Resource Adapter
CICS Transaction Gateway
CICS Security
MQ Security
DB/2 Security

E2E Security Architecture including

Fat Java Client Architecture
WebServices Middle Tier
CICS TG backend integration
CICS and RACF Security
CICS TG backend integration
SAML SSO
WS-Trust, WS-Federation

Engineering of WAS 6 including

Configuration Management
Admin Scripting (JACL)
Security Enablement
PKI implementation, Scripting
SSO enablement
WebServices Authentication POC

WebSphere Frameworks Development

WebSphere TAI and LoginModules
Design and implementation of WAS Authentication Server (WebServices based)
Development of PKI scripts and PKI procedure

XML Security Appliance Evaluation and Testing

Datapower, Vordel, Forum Sentry
Apache mod_security

Security Standardization – Major support for IT Security Architecture Department in standardization Security Policies for

RACF
Active Directory, Active Directory Application Mode (ADAM)
CICS Transaction Server, CTG, CPSM
AIX Security
DB/2 Security
Web- and Application Servers,
MQ Security

IBM WebSphere Application Server 6.0.2, IBM DataPower XI50, WebServices Security OASIS1.1, WS-Federation, WS-Trust, SAML, WebSphere Authentiation Server
Active Directory, Active Directory Application Mode (ADAM), AIX Security, Apache 2.0 XML Security, Java WebStart, Active Directory / ADAM, PKI, CICS Transaction Gateway, CICS Transaction Server, RACF

Kunde

Bank, Brussels, Paris, London,

Rolle

WebSphere Security Architect

Projektinhalte

Services: Provided Target Architecture for Portal 6
Infrastructure. Installation and Configuration of WebSphere 6, Portal 6, TAM 6. Engineering and Setup of target Infrastructure.

Kunde

Research Organization, Davos

1 Monat

2007-03 - 2007-03

Security Review

Security Architect J2EE Security Engineer

Rolle

Security Architect J2EE Security Engineer

Kunde

Retail Bank, Germany

Aus- und Weiterbildung

Education

2012 Windows Identify Foundation
2009 VordelSecure XML Gateway
2007 Co-Author of IBM Redpiece WebSphere Portal 6 Security
2006 IBM WebSphere Application Server 6.1 (as part of�WebSphere Beta Program)
2005 IBM Tivoli Access Manager for e-Business 6.0, IBM ESP
2004 IBM Tivoli Federated Identity Manager (TFIM), IBM ESP
2003 IBM WebSphere Portal Server 4.0 / 5.0 / 5.1 / 6.0
2002 Web Services�IBM WebSphere 5.0 (as part of WebSphere Beta Program)
2001 WebGain Studio�TOPLink for Java / WebLogic Server / WebSphere
Application Composer�BEA Weblogic Server 2000 IBM 390 Architecture and Base Systems
Advanced Java Programming
1999 Sun SVR4 Packaging
1998 Business Basics of Investment Banking

Kompetenzen

Top-Skills

Security, Architektur, Engineering OWASP, Web Security SAML, OIDC, Oauth SWIFT, TARGET"

Produkte / Standards / Erfahrungen / Methoden

Development Environments

vi, make, Sun Workshop, Sun Forte, Sniff, Visual�Age for Java, WebSphere Application (WSAD), IBM Rational Application�Developer�(RAD), Eclipse, Visual Caf�, WebGain Studio, MS�Visual Studio, Metamata Quality Analyzer,�Macromedia Dreamweaver, Rationa, WebGain�Structure Builder, CVS, Clearcase, SVR4�Packaging

Security Products:

OpenSSL, IBM Tivoli Access Manager for e-Business (WebSEAL Reverse Proxy, TAM,
AccessManager for WebSphere) ,2AB,RACF Security Server, Hardware Security Modules

Middleware Security

CORBA Security, CORBA 3.0 CSIv2, GSS, DCE,�Kerberos, SASL, SSL, TLS, JSSE, JCE, HSM, IBM�GSKit, IBM Tivoli, OMG RAD-F, PKI, X.500, X.509,�RSA, PKCS#7 ? PKCS#12, WebServices Security,�.NET Security, WS Federation, SAML2P

Middleware Architectures

OMG CORBA, Oracle J2E, EJB, IBM MOFW, BEA�TP-F, COM/CORBA Bridging

Middleware Products

CORBA IONA Orbix, Inprise VisiBroker, IBM�ComponentBroker, Unisys OTM 2200, BANK ISI
Framework, non-commercial ORBs
Web Server Apache, IBM HTTP Server, Microsoft IIS
App Server BEA Weblogic Server / Enterprise, IBM WebSphere�Application Server 3.0 ? 7.0, IBM WebSphere�Business Integration Foundation Server 5.x, 6, 6.1
ISBuMn WiPleabnSept,h IeOrNe AP oiPrtoarlt aSle, rInveprr is4e.2 A, 5p.p0li.c2a, t5io.1n, 6.0,
Server, Gemstone/J Application Server
App Firewall Vordel XML SecureGateway, Apache mod_security
OO/REL TOPLink for Java, TOPLink for WebLogic Server,�TOPLink for WebSphere
MOM IBM MQSeries, AMBI, CORBA Messaging, Sybase�OpenClient-/Server
TPM BEA Tuxedo

Betriebssysteme

HP-UX

Solaris

SunOS

Windows

Windows Server

Programmiersprachen

Assembler (3270, 6520, 68xxx), Pascal, ANSI-C,�C++, Java, Visual Basic, VB.Net,, GW Basic,�Prolog, TCL/TK, Skripting (csh, ksh, sh)

Java / Web Technologies:

J2EE, EJB, RMI, JDK, JSP, Java Servlets, Java�Portlets (JSR 168), JNDI, JDBC, JTS, JTA, JSSE,
JCA, J2C, JAAS, JCE, Java Swing, Struts, Java�Script , ASP.NET MVC3

Datenkommunikation

IPC, shared memory / semaphore, named pipes, unnamed pipes, message queues, Berkley Sockets,
RPC, TCP/IP, HTTP, IIOP

Hardware

SPARC

Windows Platforms

z/OS

Einsatzorte

St�dte

H�xter (+100km) Haldensleben (+75km) Schwalmstadt (+75km) Essen (+75km) Ibbenb�ren (+75km) Cochem (+75km) Bonn (+75km) Soest (+50km)

Remote-Arbeit

nicht m�glich

Projekte

11 Jahre 3 Monate

2013-01 - heute

Federation Services, Identity Management

Technical Security Architect

Rolle

Technical Security Architect

Projektinhalte

Services: Renovation of Web Security for existing
and new applications (ASP.NET on IIS)

OWASP Top 10 Development
Guidelines
E2E security architecture for 3 tier
applications
Exchange of authentication platform
SSO design
Security middleware engineer for MQ, HSM platform, IIS, Filetransfer

Federated authentication for payment
network platform (Swift)

Wrote technical architecture for Swift Browse federation connectivity
Product specification for home grown Security Service (Microsoft Custom STS)
Project Management up to production
integration
Wrote and implemented technical architecture for Transaction Signing Federation Service endpoint for 3 rd party Cloud Services and internal applications
Integration of Federation Architecture for cloud services such SalesForce and Oracle eBusiness systems
2nd phase integration of internal applications into federation model
Definition and Documentation of Technical E2E Security Architecture
Integration of Identity Management
platform

Kunde

Bank, Brussels

6 Jahre 1 Monat

2008-03 - 2014-03

Line Organization Work X-Net Portal

Senior Consultant and Technical Architect

Rolle

Senior Consultant and Technical Architect

Projektinhalte

Services: Review of current WAS 6.1 Technical Architecture. Provided Technical Architecture and Guidance to project- and
infrastructure teams including:

Cell- and High Availability Setup
Gap analysis of Infrastructure (Documentation, Configuration, Configuration Management)
Development Guidelines and Development Documentations (e.g. Coding Standards, Naming Standards)
Security Review and Setup
Implementation of Custom Password Encryption Plug-in
Disaster Recovery Concept
Team Management Infrastructure and Guidance
Perl Scripting, Monitoring Support
Application Support, Troubleshooting

X-Net Portal -

Corrected various architecture decisions
Guidance of Technical Architect
Guidance of IT Security organization regarding Web Security Requirements
Support SSO Project to WebSphere Portal Server and WAS 6.1 including TAMeB 7.0 POC
WebSphere 7.0 Security Engineering
WPS 6.1 Security Engineering
Kerberos Sign-on to Citrix Applicationset

IBM WebSphere Application Server 6.0.2, 6.1, 7.0
WebSphere Portal Server 6

Kunde

Insurance, Z�rich

Rolle

Technical Security Architec

Projektinhalte

Services: Web Security for Microsoft-based Web 2.0
Application

Development of POC application
Verification of Security Requirements and OWASP Top 10 against Microsoft Product stack
Application of Security Requirements using MS APIs (VB.NET, MVC3, IIS configuration)
Documentation of Technical E2E Security Architecture
Security Design of Strong Authentication and Web Transaction Verification
Lead architect for Technical Architecture for Federation Platform. Product engineering ADFS 2.0, WIF
3.5, 4.5, .NET 4.5, SAML2P and WS Federation protocols including Federation Broker approach

IIS 7.5, ASP.NET, MVC3, JQuery, JSON,
.NET Framework 4.0, 4.5, WCF, ADFS, WIF

Kunde

Bank, Brussels

1 Jahr 10 Monate

2010-03 - 2011-12

Common Communication Infrastructure (CCI)

Technical Security Architect

Rolle

Technical Security Architect

Projektinhalte

Services: Development and Maintenance of Java
Frameworks including:

Development of HTTP Resource Adapter
Java Security Frameworks
Integration of Swift standards
Migration to WAS 7
PKI Services
Production support, Troubleshooting

WebServices Security Architect, IBM WebSphere Application
Server 6.1, 7.0

Kunde

Bank, Brussels, London

1 Monat

2010-03 - 2010-03

Electronic Voting Hub

Senior Consultant and Technical Architect

Rolle

Senior Consultant and Technical Architect

Projektinhalte

Services: Review of current WAS 6.1 Technical Architecture, Application and Security Architecture for electronic voting hub
application:

Review of existing architecture
Redesign for SSO across various security domains
Technical Security Architecture Documentation, current- and redesigned target architecture

IBM WebSphere Application Server 6.1
Tivoli Access Manager 6.1

Kunde

Bank Finland, Helsinki

1 Jahr 10 Monate

2008-06 - 2010-03

Common Communication Infrastructure (CCI)

WebServices Security Architect

Rolle

WebServices Security Architect

Projektinhalte

Services: WebSphere Security Frameworks
Development including:

Basic security of a WAS 6 based infrastructure
WAS 6.1 Security Enablement
WebServices Security
PKI
Apache Commons HTTPS Client
WebServices XML Crypto
CICS JCA Resource Adapter
CICS Transaction Gateway
CICS Security
SAML SSO
WS-Trust, WS-Federation
WebSphere TAI and LoginModules
Design and implementation of WAS Authentication Server (WebServices based)
Development of PKI scripts and PKI procedure
Documentation Work
Non Repudiation using Signature Verification within Vordel Validation Engine
WebServices Development
Java Obfuscation
Java Development (Resource Adapter,WebServices, JUnit Tests)

Middleware Technology Review - assessment of Customer’s cross division IT systems including:

MQ, DB/2, Application Server, .NET, Directory Services, Mainframe Middleware
Assessment and Roadmap

Kunde

Bank London

Rolle

Security Architect

Projektinhalte

Services: Security Audits on behalf of the company
for various customer sites connecting to the application system (MQ and Browser based channel)

Kunde

Credit Information, Zurich

2 Jahre 6 Monate

2005-12 - 2008-05

Common Communication Infrastructure (CCI)

Technical Security Architect WebServices Security Architect

Rolle

Technical Security Architect WebServices Security Architect

Projektinhalte

Services: Provided Technical Security Architecture
and Security Requirements for targeted J2EE- and WebSphere based System platform for a Single Settlement Engine including:

Basic security of a WAS 6 based infrastructure
Fat Java Client Application
WebServices
PKI
CICS JCA Resource Adapter
CICS Transaction Gateway
CICS Security
MQ Security
DB/2 Security

E2E Security Architecture including

Fat Java Client Architecture
WebServices Middle Tier
CICS TG backend integration
CICS and RACF Security
CICS TG backend integration
SAML SSO
WS-Trust, WS-Federation

Engineering of WAS 6 including

Configuration Management
Admin Scripting (JACL)
Security Enablement
PKI implementation, Scripting
SSO enablement
WebServices Authentication POC

WebSphere Frameworks Development

WebSphere TAI and LoginModules
Design and implementation of WAS Authentication Server (WebServices based)
Development of PKI scripts and PKI procedure

XML Security Appliance Evaluation and Testing

Datapower, Vordel, Forum Sentry
Apache mod_security

Security Standardization – Major support for IT Security Architecture Department in standardization Security Policies for

RACF
Active Directory, Active Directory Application Mode (ADAM)
CICS Transaction Server, CTG, CPSM
AIX Security
DB/2 Security
Web- and Application Servers,
MQ Security

Kunde

Bank, Brussels, Paris, London,

Rolle

WebSphere Security Architect

Projektinhalte

Services: Provided Target Architecture for Portal 6
Infrastructure. Installation and Configuration of WebSphere 6, Portal 6, TAM 6. Engineering and Setup of target Infrastructure.

Kunde

Research Organization, Davos

1 Monat

2007-03 - 2007-03

Security Review

Security Architect J2EE Security Engineer

Rolle

Security Architect J2EE Security Engineer

Kunde

Retail Bank, Germany

Aus- und Weiterbildung

Education

2012 Windows Identify Foundation
2009 VordelSecure XML Gateway
2007 Co-Author of IBM Redpiece WebSphere Portal 6 Security
2006 IBM WebSphere Application Server 6.1 (as part of�WebSphere Beta Program)
2005 IBM Tivoli Access Manager for e-Business 6.0, IBM ESP
2004 IBM Tivoli Federated Identity Manager (TFIM), IBM ESP
2003 IBM WebSphere Portal Server 4.0 / 5.0 / 5.1 / 6.0
2002 Web Services�IBM WebSphere 5.0 (as part of WebSphere Beta Program)
2001 WebGain Studio�TOPLink for Java / WebLogic Server / WebSphere
Application Composer�BEA Weblogic Server 2000 IBM 390 Architecture and Base Systems
Advanced Java Programming
1999 Sun SVR4 Packaging
1998 Business Basics of Investment Banking

Kompetenzen

Top-Skills

Security, Architektur, Engineering OWASP, Web Security SAML, OIDC, Oauth SWIFT, TARGET"

Produkte / Standards / Erfahrungen / Methoden

Development Environments

Security Products:

OpenSSL, IBM Tivoli Access Manager for e-Business (WebSEAL Reverse Proxy, TAM,
AccessManager for WebSphere) ,2AB,RACF Security Server, Hardware Security Modules

Middleware Security

Middleware Architectures

OMG CORBA, Oracle J2E, EJB, IBM MOFW, BEA�TP-F, COM/CORBA Bridging

Middleware Products

CORBA IONA Orbix, Inprise VisiBroker, IBM�ComponentBroker, Unisys OTM 2200, BANK ISI
Framework, non-commercial ORBs
Web Server Apache, IBM HTTP Server, Microsoft IIS
App Server BEA Weblogic Server / Enterprise, IBM WebSphere�Application Server 3.0 ? 7.0, IBM WebSphere�Business Integration Foundation Server 5.x, 6, 6.1
ISBuMn WiPleabnSept,h IeOrNe AP oiPrtoarlt aSle, rInveprr is4e.2 A, 5p.p0li.c2a, t5io.1n, 6.0,
Server, Gemstone/J Application Server
App Firewall Vordel XML SecureGateway, Apache mod_security
OO/REL TOPLink for Java, TOPLink for WebLogic Server,�TOPLink for WebSphere
MOM IBM MQSeries, AMBI, CORBA Messaging, Sybase�OpenClient-/Server
TPM BEA Tuxedo

Betriebssysteme

HP-UX

Solaris

SunOS

Windows

Windows Server

Programmiersprachen

Assembler (3270, 6520, 68xxx), Pascal, ANSI-C,�C++, Java, Visual Basic, VB.Net,, GW Basic,�Prolog, TCL/TK, Skripting (csh, ksh, sh)

Java / Web Technologies:

J2EE, EJB, RMI, JDK, JSP, Java Servlets, Java�Portlets (JSR 168), JNDI, JDBC, JTS, JTA, JSSE,
JCA, J2C, JAAS, JCE, Java Swing, Struts, Java�Script , ASP.NET MVC3

Datenkommunikation

IPC, shared memory / semaphore, named pipes, unnamed pipes, message queues, Berkley Sockets,
RPC, TCP/IP, HTTP, IIOP

Hardware

SPARC

Windows Platforms

z/OS

Vertrauen Sie auf GULP

Im Bereich Freelancing

Im Bereich Arbeitnehmer�berlassung / Personalvermittlung

Fragen?

Rufen Sie uns an +49 89 500316-300 oder schreiben Sie uns:

Name E-Mail-Adresse Ihre Frage

Telefonnummer Unternehmen

Ich habe die Datenschutzbestimmungen gelesen und bin damit einverstanden.

Das GULP Freelancer-Portal

Direktester geht's nicht! Ganz einfach Freelancer finden und direkt Kontakt aufnehmen.