IoT Security Architect
- Verfügbarkeit einsehen
- 0 Referenzen
- auf Anfrage
- 14197 Berlin
- Europa
- de | en | es
- 07.11.2024
Kurzvorstellung
Qualifikationen
Projekt‐ & Berufserfahrung
4/2021 – 7/2024
TätigkeitsbeschreibungAbsicherung der Linux-Systeme als Teil der kritischen Infrastruktur in Bahnhofsgebäuden, zB TPM, Secure Boot, High-Assurance-Boot, Container, DevOps
Eingesetzte QualifikationenCyber Security
1/2020 – 2/2020
TätigkeitsbeschreibungAs Software Security Engineer processing the specification and requirements.
Eingesetzte QualifikationenCyber Security
2/2019 – 12/2019
TätigkeitsbeschreibungAs Security Software Engineer joined the VARTA-team developing an energy/power storage system, integrating with photo-voltaic systems and e-vehicle charging stations. This system is a Linux-based system on iMX6 embedded hardware, controlling/monitoring the batteries vie GPIOs, CANBUS, and FLEXBUS. After performing a risk analysis/FMEA, I integrated High Assurance Boot (HAB) into the manufacturing process of the system, I hardened the access control of on-board services and the remote backend-services.
Eingesetzte QualifikationenCyber Security, Internet of Things (IoT)
7/2018 – 10/2018
TätigkeitsbeschreibungAs Security Software Engineer, I joined the team at Experimental Game. My task was to perform a risk analysis of the Node.JS/Graph QL/MongoDB system in AWS Cloud, covering security issues and performance issues. Part of the task was to develop and integrate continuous performance monitoring.
Eingesetzte QualifikationenCyber Security, Testen
5/2018 – 7/2018
TätigkeitsbeschreibungI joined the DFINITY blockchain-team as WebAssembly expert, implementing a WebAssembly toolchain for the SDK, porting elliptic-curve ciphers from C and Rust to WebAssembly and measuring performance in docker-based SDK.
Eingesetzte QualifikationenBlockchain (allg.)
7/2017 – 10/2018
TätigkeitsbeschreibungAs Security Software Engineer I joined the Kritis-team, the department for critical infrastructures, developing the GEMATIK-Konnektor (a secure VPN-router connecting a medical office with national health/billing services). My task was to integrate security related network services into the Linux-System (C/C++) and to verify/test/debug the system behavior using the TTCN3 acceptance test-suite provided by the governmental organization GEMATIK. The requirements had to be derived from corresponding specification of GEMATIK for the Konnektor and overall expected behavior.
Eingesetzte QualifikationenCyber Security, Router / Gateways
1/2017 – 6/2017
TätigkeitsbeschreibungI joined the team at Preh developing the infotainment system for a volume-model of the auto-manufacturer Volkswagen, based on the MIB3-framework. Preh was in charge to develop the full stack, containing hardware, operating-system and the graphical user interface. My task was to develop/design (C++11) a clock-framework, dealing with various times and time zones the car might pass, and dealing with related services such as the solar position. Also, my task was to integrate the system with the Japanese toll collect system ETC2.0, including the smartcard-system. The requirements and overall expected behavior had to be derived from corresponding specification of Volkswagen. The requirements have been managed using Jira/Confluence, Polarion and Enterprise Architect.
Eingesetzte QualifikationenTesten, Enterprise Architect (EA), C++
5/2016 – 12/2016
TätigkeitsbeschreibungHERE provides maps and navigation-service to manufactures like Audi, Mercedes, Honda, BMW, etc. I joined the system-integration team at HERE, developing the 3D-navigation-service and ADAS for a large executive car of Audi. My responsibility was to design and develop the architecture interfacing the HERE-navigation-modules with the message-bus and state machine of the MIB2+ framework of Volkswagen. The underlying operating system was QNX-6.6. Later I integrated into the continues integration (CI) process the automated system-deployment and testing tasks (Jenkins). In final phase of the project I supported/automated the processing of crash-reports from test-drives being performed by the customer and classifying each incident and creating a report for error-managers.
Eingesetzte QualifikationenContinuous Delivery, QNX (Software), C++
9/2013 – 4/2015
TätigkeitsbeschreibungI joined the team “Connected Car” at T-Systems, working in a national funded project together with Volkswagen, Hubject, and Bosch. My tasks were to develop back-end services in Java for the e-vehicle battery management and monitoring system, receiving telemetry data via MQTT from test e-vehicles in the field and also develop the backend for the charge-point management.
Eingesetzte QualifikationenJ2EE
5/2013 – 8/2013
TätigkeitsbeschreibungI joined the team at OpenSynergy, integrating on a SoC an hypervisor, managing a partition of AUTOSAR and other partitions with rich applications. My task was to design test-framework capable to deal with the bring-up phase and later with virtualized services.
Eingesetzte QualifikationenContinuous Delivery, Testen, Technisches Qualitätsmanagement / QS / QA
1/2013 – 8/2013
TätigkeitsbeschreibungJoining the team, implementing a collision detection system for a vessel. My role was to coach the team regarding the RTPS middleware and based on the estimated the network/CPU-load and did the system-sizing of the required system-hardware. I created high-level documents regarding the integration of the message-bus with overall communication system of the vessel.
Eingesetzte QualifikationenEnterprise Architect (EA), Enterprise Service Bus, C++
1/2012 – 4/2013
TätigkeitsbeschreibungI joined the SiMKo3-team at T-Systems, developing a high-secure smartphone for governmental purposes. The underlying hardware was a Samsung Galaxy S2 with Exynos/ARM-Architecture. The team ported the L4 micro-kernel (hypervisor) onto the hardware of the Samsung Galaxy S2, creating isolated partitions for 3 different Android systems. My task was to virtualize certain network capabilities, audio-services and smartcard-services, creating stubs for the Android-environments and services/drivers in L4-runtime-environment. I did the technical documentation and providing support for the evaluation team. The project team was in contact with the technical department of Samsung, South-Korea.
Eingesetzte QualifikationenAndroid, Linux (Kernel), Qualitätsmanagement / QS / QA (IT), C++
9/2011 – 1/2012
TätigkeitsbeschreibungI provided support for German customers of the US-vendor of RTPS-middleware, located in San Francisco.
Eingesetzte QualifikationenAndroid, Linux (Kernel), Enterprise Service Bus, C++, CORBA
8/2010 – 8/2011
TätigkeitsbeschreibungNexus is a Swedish company providing solutions for PKI and VPN. My task was to provide support for German customers’ such as Bundesdruckerei, Deutsche Rente & various governmental organizations.
Eingesetzte QualifikationenIdentitätsmanagement
1/2002 – 8/2010
Tätigkeitsbeschreibung
Xtradyne was CORBA-Security startup in Berlin, later integrated into PrismTech/UK. I did work as CORBA/RTPS-Security Engineer in the fields of finance and mil-aero, developing high available/highly scalable security-gateways on Linux, Solaris, zOS and Windows-Server.
Projects were located in; Germany, UK, France, US & Scandinavia.
Continuous Delivery, CORBA, Java Message Service
Zertifikate
Ausbildung
Berlin
Über mich
F. is an experienced full stack engineer, in using Java Sprint-Boot or Quarkus, C++, Angular, VueJS. F. is experienced in setting up secure micro-services, and minimizing attack surfaces of containers in kubernetes frameworks.
F. is an IoT security and network expert, for example for BMS and public displays, preventing code manipulation and physical attacks against; realizing secure boot on embedded devifces with SoC of Intel, NXP, or STM32 and protecing system software and data. F. is working according to ISA 62443 and intents to achieve certification.
F. has been working with Cloud systems since 2015 in various projects, and became an expert for cloud security concepts.
F. is promoting the safe programming language Rust since 2016, F. maintains the SPA crate (Solar Position Crate), performing the first project in 2018 for DFINITY blockchains, analyzing PCB floor plans for Mitai in 2023, implementing sensor data processing in 2024. In early 2019 F. published the fastest N-Body implementation in the context of the Computer Language Benachmarks Game (Rust #7), and has been speaker at various conferences.
F. attended as speaker multiple conference, list attached, highlights are FOSDEM 2018 Rust Dev-Room, and Speaker at Hagenberg Security Forum (Austria) 2024
Weitere Kenntnisse
IoT Security Erfahrung aus vielen Projekten
Persönliche Daten
- Deutsch (Muttersprache)
- Englisch (Fließend)
- Spanisch (Grundkenntnisse)
- Französisch (Grundkenntnisse)
- Europäische Union
- Schweiz
Kontaktdaten
Nur registrierte PREMIUM-Mitglieder von freelance.de können Kontaktdaten einsehen.
Jetzt Mitglied werden