Information Systems Security Architecture Professional (ISSAP) (2023) | |
Certified Cloud Security Professional (CCSP) (2023) | |
Certified Information Systems Security Professional (CISSP) (2013) | |
Sun Certified Enterprise Architect (SCEA) (2008) | |
Sun Certified Java Developer (2001) | |
M.A. Linguistics, Trinity College Cambridge: Double first-class honours (1998) |
Security-related | BSI Grundschutz; Business continuity; Certificates; Compliance; Cryptography; Data protection; DevSecOps; Disaster recovery; Encryption; GDPR/DSGVO; IAM; ISO standards; ISMS; Key management; Legal requirements; Network security; NIST; PKI; Risk management; Security engineering; Security policies; Threat analysis |
Concepts | Application architecture; Big Data; Data lake; DevOps; Distributed systems; EAI; ETL; Integration; Messaging; Stakeholder management |
Programming languages (ordered by experience) | Python; Java; SQL; JEE; Bash; Cython; Javascript; C |
Cloud providers | Azure; AWS; GCP |
General technologies and frameworks | Ansible; Cassandra; Docker; Hadoop; Kafka; Kubernetes; MongoDB; MySQL; PostgreSQL; RabbitMQ |
Operating systems | Unix; Linux; Ubuntu; macOS |
NLP-related | Deep learning; GPU processing; Haystack; Hugging Face; Large Language Models (LLM); Machine learning; Natural language processing (NLP); Neural networks; OpenSearch; Prompt engineering; PyTorch; Retrieval-Augmented Generation (RAG); Spacy |
It’s not the drivers, it’s the road: A plea for secure-by-default infrastructure software, (ISC)2 Magazine, 2022 |
Quanten-Computing: Zukunftstechnologie mit stark eingeschränktem Einsatzfeld, iX Developer, 2020 |
KI-gestützte Textanalyse beim Releasemanagement, Softwareforen Leipzig, 2019 |
Qualitätsfördernde Softwareentwicklungspraktiken, msg systems ag, 2019 |
Censor Robots: Using AI to Redact Confidential Information, (ISC)2 Secure Summit, London, 2019 |
GraphQL and Event-Driven Architectures, Bundesagentur für Arbeit, 2018 |
Cybertwists: Hacking and Cyberattacks Explained, CreateSpace, 2018 |
Die Blockchain jenseits des Hypes, com! Magazin, 2017 |
Securing the Enterprise with Blockchain: Uses Beyond the Hype, (ISC)2 Secure Summit, London, 2017 |
Big Data protection with stable anonymisation, (ISC)2 Secure Summit, Dublin, 2016 |
Big Data und Datenschutz: Überwindung der Gegensätze mit der stabilen Anonymisierung, (ISC)2 Secure Summit, Dublin, 2016 |
Freelance (from 03/2023) | Designed and built a solution to extract text from PDFs and Microsoft Office documents | AI |
Explosion AI, Berlin (11/2021 — 02/2023) | Developed a due diligence process for assessing the creditworthiness of potential consulting clients | AI |
Designed and maintained open-source libraries | AI | |
Managed the development and deployment of a distributed application on AWS | AI | |
msg systems ag, Munich (02/2014 — 01/2021) | Developed a permissioned blockchain strategy focussing on Hyperledger Fabric, and wrote and held training courses to introduce it | Telco |
Designed and developed an application with a Microsoft Word/PowerPoint plugin to recognise confidential text passages in internal documents and to remove them prior to external publication | Automotive | |
Designed a pseudonymisation architecture for a big data lake | Automotive | |
Adapted existing security policies for use in an agile AI setting | Automotive | |
Designed and developed algorithms and systems to detect anomalous wording in contract proposals | Insurance | |
Developed guidelines for adding SaaS products to the enterprise federated identity system | Automotive | |
Wrote training materials on cryptography | Consulting | |
Served on a committee that classified new technology trends and put together presentations to advise the rest of the 8000-person business on them | Consulting | |
1&1, Karlsruhe (08/2009 — 01/2014) | Wrote and managed a roadmap for a new user management service landscape for the brands GMX, web.de and 1&1 ensuring high availability across multiple continents | Telco |
Identified and tracked OKRs to improve the security of the GMX and web.de portals | Telco | |
Built up and managed a distributed team responsible for static source-code analysis and penetration testing | Telco | |
BayernLB, Munich (12/2005 — 07/2009) | Wrote middleware software to ensure the integrity of financial transactions | Banking |
Definiens AG, Munich (06/2001 — 11/2005) | Designed and developed information extraction software | AI |
Worked together with lawyers to write a patent that was awarded in the US | AI | |
John Lewis Partnership, London (09/1998 — 02/2001) | IT trainee programme | Retail |