Victor Dorneanu

Victor Dorneanu

Professional Security Engineer

Name:Victor Dorneanu
Date of birth:1988
Address:Berlin
Phone:
Email:no-spam__ÄÄT__ dornea.nu
If I had to describe myself in one word, that would be: diversity. I love/live life in its entirety! Life’s so terribly short, so don’t waste your time :) Originally I come from Romania Oneşti jud. Bacău), but nowadays I live in Berlin, Germany. At the moment I work as an Application Security Specialist at the biggest broadband cable Internet provider in Germany. Typical computer enthuasiast, you say? Farfetched! Indeed my main and most important affection are computer systems, networks and security etc. Yet there are some domains like Code Auditing, IT Security, Unix/Linux Kernel/Network/System programming and last but not least Software Engineering I’m especially interested in.

Activities

Jan 2018 - Dec 2018

1. 2018

  • Returned from my sabbatical in August
  • Started dealing with AWS at Scout24
Jan 2017 - Dec 2017

2. 2017

  • I’ve married 🙂
  • I’ve started my sabbatical together with my wife (you can read more on our coffeebanana.de blog)
Jan 2014 - Dec 2014

5. 2014

Papers

Feb 2012 - Jul 2012

1. Binary analysis – Brief overview

This article was written during an IT security related seminar at the university. It deals with several binary analysis techniques and introduces the BitBlaze project. Also have a look at the final presentation.

 

Read the article at

Sep 2011 - Dec 2011

2. Concurrent annotations

The article introduces a new way to “convert” sequential programming languages to non-sequential ones using concurrent annotations. It looks at CEiffel (Concurrent Eiffel) and JAC (Declarative Java Concurrency) for language specific annotations to establish the concurrency aspect. Also have a look at the final presentation.

 

Read the article at

2007 - 2007

3. Viral infections under Linux

This skilled work from 2007 deals with malware (especially viruses) on Linux. You’ll get a pretty good introduction to the world of viruses, how they work and how they are built. Finally my work focuses on ELF (Executable and Linking Format) since this is de-facto the standard for executable files not only for Linux. This is was my final paper in order to get my school leaving examination (german: Abitur).

 

Read the work at

Work Experience

Mar 2016 - present

1. Immobilien Scout GmbH

Professional Security Engineer
  • Penetration tests: Web applications/services, network vulnerability scanning
  • Evaluate attack vectors/surfaces
  • Code reviews (mainly PHP, Java, JavaScript)
  • Architecture design reviews
  • Create, implement and communicate security requirements
  • Develop and hold inhouse security workshops
  • Maintain security concepts
  • Technical consultancy aimed at securing the global infrastructure of the Scout24 Group
Sep 2015 - Feb 2016

2. Vodafone Kabel Deutschland GmbH

Application Security Specialist
  • Penetration tests
  • Code reviews
  • Scan automation
  • Implementing own application vulnerability management system

Link: http://vodafone.de

Dec 2012 - Sep 2015

3. Kabel Deutschland GmbH

Application Security Specialist
  • Penetration tests
  • Code reviews
  • Scan automation
  • Implementing own application vulnerability management system

Link: http://www.kabeldeutschland.de/

Jun 2012 - Jun 2012

4. IBM Deutschland GmbH

Working student

Research for my Bachelor final degree thesis “Technische Aspekte bei der Portierung einer Gebäudemanagement-Software“‘ (engl. “Technical aspects regarding the migration of a bulding management software”) done for IBM and a global player specialized on building management and automation.

Link: http://www.ibm.com/de/de/

Oct 2011 - Aug 2012

5. Deutsche Gesellschaft für...

Working student
  • Research work for seminar contents
  • Penetration tests of own infrastructure
  • Server hardening
  • Web development using Drupal

Link: http://dgi-ag.de/

Jun 2010 - Sep 2011

6. VSP TU Berlin

System administrator
  • Server / Network / RAID administration
  • IT assistance / technical support for the students at the institute
  • Expansion and support of internal IT infrastructure

Link: http://www.vsp.tu-berlin.de/

Apr 2009 - Sep 2009

7. VZnet Netzwerke Ltd.

Full-time student apprentice
  • Penetration tests
  • Development of own in-house security scanner for web applications
  • Code reviews

Link: http://www.meinvz.net/

Sep 2008 - Feb 2009

8. Golden Immobilo GmbH

Full-time student apprentice
  • Resposible for the backend
  • XML/XSD/XSLT/XQuery/XPath
  • SQL / pgSQL / PostgreSQL / pgBash / Dynamic SQL
  • DB / Server administration

Link: http://www.classmarkets.com/