I am currently working as a Senior IT Security Engineer at ConnectedCare GmbH (Berlin / Telgte, Germany, formerly Bewatec GmbH), where I significantly contribute to the IT security of the ConnectedCare platform and serve as the contact person for all topics related to IT security & data protection.
My activities address two important areas: a) technical security and b) regulatory activities. Both areas interact closely (e.g. fulfilling vulnerability management for the Cyber Resilience Act or risk management for NIS-2) and must always be planned together. They fundamentally include data protection topics as well as constant communication with various stakeholders (internal teams in technology / marketing / sales, management, data protection officers, legal counsel, supervisory authorities, etc.)
In the area of technical security, I am responsible for the design and implementation of measures to enhance the IT security of the ConnectedCare platform. This includes general roadmap planning, technology evaluations, as well as the execution of projects / measures and in-house software developments (Terraform, Python, GoLang). Examples of relevant activities are:
+In the area of technical security, I am responsible for the design and implementation of measures to enhance the IT security of the ConnectedCare platform. This includes general roadmap planning, technology evaluations, as well as the conduction of projects / measures and in-house software developments (Terraform, Python, GoLang). Examples of relevant activities are:
I was involved as IT Security Analyst at Verimi GmbH (digital identity and trust platform) in the areas of security, risk & workflow analysis as well as technology & architecture security (e.g. vulnerability scans, coordination of pentests). Before my position at Verimi GmbH I was, worked as researcher at the INSA de Lyon in applied research projects with international industrial partners. My work focused on research & development activities (particularly the architectural design & development of a distributed infrastructures, data traceability, security and reputation) as well as fostering relations with international IT partners.
-I was developing a blockchain based data processing platform for data traceability (particularly big data und machine learning models), data anonymization & privacy-preserving analytics in a project with a big industrial partner. For the realization I used only modern & free technologies, some of them are Java / Maven / Gitlab (+ CI) / Spring (Boot, Data etc.) / Apache Cassandra / Apache Kafka / Swagger REST) / Angular2 / TypeScript etc. The R&D activity comprised the whole software development lifecycle starting from research, vision, specification, software development up to the deployment with modern technologies such as Docker / Kubernetes / AWS etc.
+I was involved as IT Security Analyst at Verimi GmbH (digital identity and trust platform) in the areas of security, risk & workflow analysis as well as technology & architecture security (e.g. vulnerability scans, coordination of pentests). Before my position at Verimi GmbH, I worked as researcher at the INSA de Lyon in applied research projects with international industrial partners. My work focused on research & development activities (particularly the architectural design & development of a distributed infrastructures, data traceability, security and reputation) as well as fostering relations with international IT partners.
+Previously, I was involved in an R&D project with big industrial partners where I developed a blockchain system based on a fully new “democratic consensus” approach, where a set of trusted consortium nodes vote for block storage validity. The development was conducted in the context of data traceability, data anonymization & privacy-preserving analytics and for the realization I only used modern & free technologies, some of them are Java / Maven / Gitlab (+ CI) / Spring (Boot, Data etc.) / Apache Cassandra / Apache Kafka / Swagger REST) / Angular2 / TypeScript. The R&D activity comprised the whole software development lifecycle starting from research, vision, specification and software development up to the deployment with modern technologies such as Docker / Kubernetes / AWS.
My research activities after the PhD combine efforts at WHO, applied research in industrial projects and EU projects.
-The last research activity was conducted alongside my work and targeted on the creation of a secure digital voting system based on homomorphic encryption (which was published in Springer Nature in 2024). Previously, I was involved in an R&D project where I developed a blockchain system based on a fully new “democratic consensus” approach, where a set of trusted consortium nodes vote for block storage validity. +
The last research activity was conducted alongside my work and targeted on the creation of a secure digital voting system based on homomorphic encryption (published in Springer Nature, 2024). At the WHO, I applied my experiences as IT specialist at the Dietary Exposure Assessment (DEX) group of the International Research Agency for Research on Cancer (IARC), Lyon, France, to design a new secure and privacy-preserving data analytics infrastructure for worldwide use. Right after the PhD, I was implied in several European projects (e.g. Nathcare, Sphera) as postdoctoral researcher at the INSA de Lyon where I assessed hospital information systems in the alpine space in Europe.
The PhD thesis was conducted in a bi-national supervision (cotutelle de thèse) at the University of Passau (Prof. Kosch) and INSA de Lyon (Prof. Brunie) within the MDPS doctoral college, which evolved to the International Research and Innovation Center in Intelligent Digital Systems (IRIXYS). During the PhD, I adopted a game theoretic approach to communication systems in order to ensure a secure collaborative operation of complex distributed system. In more detail it enables the analysis of the strategic choices of rational selfish individuals. During the PhD in the French-German doctoral college I got the wonderful possibility to combine my scientific curiosity and interest in other cultures and languages.
@@ -139,10 +139,10 @@