Work

Scout24 AG

Senior Security Engineer Mar 2020 - Sep 2021
  • Penetration tests (mainly web applications)
  • Internal workshops for the Security team
  • Implementation of own custom SCA solution using AWS, Serverless, GitHub and Golang
  • Meanwhile focus more on monitoring, observability but also engineering of custom tools for AWS using Golang, Python, CDK
Professional Security Engineer Mar 2016 - Dec 2016
  • Penetration tests: Web applications/services, network vulnerability scanning
  • Evaluate attack vectors/surfaces
  • Code reviews (mainly Java, PHP, JavaScript)
  • Architecture design reviews
  • Create, implement and communicate security requirements
  • Develop and hold inhouse security workshops
    • DAST with BurpSuite
  • Maintain security concepts
  • Technical consultancy aimed at securing the global infrastructure of the Scout24 Group

Vodafone Kabel Deutschland GmbH

Application Security Specialist Sep 2015 - Jan 2016
  • Penetration tests
    • Web applications/services
    • Mobile applications (Android, iOS)
    • Vulnerability scanning
  • Code / architecture reviews
  • Risk/threat assessments
  • Definition of security requirements and application security best practices
  • Automation of scanning tools (IBM Rational AppScan, Burp Suite, HP Fortify)
  • Reporting and vulnerability management
  • Static Code Analysis
  • Technical consultancy and providing of expertise for internal departments and external partners
  • Technical assistance to the incident management team and security operation center

Kabel Deutschland GmbH

Application Security Specialist Dec 2012 - Sep 2015
  • Penetration tests
    • Web applications/services
    • Mobile applications (Android, iOS)
    • Vulnerability scanning
  • Code / architecture reviews
  • Risk/threat assessments
  • Definition of security requirements and application security best practices
  • Automation of scanning tools (IBM Rational AppScan, Burp Suite, HP Fortify)
  • Reporting and vulnerability management
  • Static code analysis
  • Technical consultancy and providing of expertise for internal departments and external partners
  • Technical assistance to the incident management team and security operation center

IBM Deutschland GmbH

Working student Jun 2012 - Jun 2012

Research for my Bachelor final degree thesis “Technische Aspekte bei der Portierung einer Gebäudemanagement-Software“‘ (engl. “Technical aspects regarding the migration of a bulding management software”) done for IBM and a global player specialized on building management and automation.

DGI AG

Working student Oct 2011 - Aug 2012
  • Research work for seminar contents
  • Penetration tests of own infrastructure
  • Server hardening
  • Web development using Drupal

VSP TU Berlin

System Administrator Jun 2010 - Sep 2011
  • Server / Network / RAID administration
  • IT assistance / technical support for the students at the institute
  • Expansion and support of internal IT infrastructure

VZnet Netzwerke Ltd.

Full-Time Student Apprentice Apr 2009 - Sep 2009
  • Worked as part of the internal IT security team
  • Penetration tests
  • Development of own in-house security scanner for web applications
  • Code reviews

Golden Immobilo GmbH

Full-Time Student Apprentice Sep 2008 - Feb 2009
  • Resposible for the backend
  • XML/XSD/XSLT/XQuery/XPath
  • SQL / pgSQL / PostgreSQL / pgBash / Dynamic SQL
  • DB / Server administration