Mar 2023 – now

Deutsche Telekom Cyber Security Austria GmbH
Vienna, Austria.
https://telekom.com/security

Cyber Defense Services; Computer forensics and malware analysis, 3rd level incident response and in-house software development for our security operation center (SOC) and other projects.

Mar 2010 – now

T-Systems Austria GesmbH
Vienna, Austria.
https://www.t-systems.at/

Cyber Defense Services; Computer forensics and malware analysis, 3rd level incident response and in-house software development for our security operation center (SOC) and other projects.

Sep 2009 – Feb 2010

University of Applied Sciences – Research & Development Ltd
Wels, Austria.
https://www-en.fh-ooe.at/research-cooperation/research/

Responsible for Common Criteria evaluation (EAL5+) and certification at NXP for a MIFWARE DESFire IC variant with contact and contactless interface (Gratkorn, Austria)

Sep 2008 – Feb 2009

European Microsoft Innovations Center GmbH (EMIC)
Aachen, Germany.
http://research.microsoft.com/en-us/labs/atle/

Reviewed and analyzed existing management systems for virtual organizations as part of the Security Team.
Research on Claims-Based Security (Geneva) and Windows Communication Foundation (WCF) in close collaboration with Microsoft Redmond.
The resulting prototype of the “security management system for virtual organizations” was further analyzed as part of my master thesis.

Feb 2007 – May 2007

Federal Office for Information Security
Bundesamt für Sicherheit in der Informationstechnik (BSI)
Bonn, Germany. http://www.bsi.bund.de/

Analyzed functionality and security of web2.0 components
Developed and demonstrated several attacking scenarios for web applications and browsers by exploiting the trust relationship through active content. Results were (in a shortened version) officially published (see Publications)
Developed graphical web front end for analyzation and prognostication of collected network data used as early warning system by the CERT
Researched and developed a customized web parser scanning for injected code or data on official site

Dec 2003 – Jan 2007

Creative Computer Technology
Salzburg, Austria
Responsible for security and availability of national network infrastructure and services Administration and design of high available linux clusters using low cost equipment NIDS implementation in customer networks and server / firewall hardening.
Establish a monitoring service for VPN to customers using Juniper (Netscreen) appliances along with remote access through OpenVPN
Developed and implemented several web applications for a CMS used by 3000+ clients and business partners daily.
Designed and implemented an interface for Unify databases used by nationwide well-known gastronomy clients.
Developed a web-based front end for an international gastronomy system which was based on a Unix cli.

Jun 2002 – Dec 2003

Con:t:act
Salzburg, Austria
Developed and implemented solutions to securely transfer and backup databases of a magazine company with more than 15000 customers and 2000 updates a day.
Designed and developed a dynamic personalized newsletter mailing system (for sending out magazines) with a web front end for administrators, publishers and customers.

Oct 2001 – May 2002

Internet & System Products
Salzburg, Austria
Responsible for the security and availability of the local ISP with more than 200 customers.
Planned and introducted a web based monitoring service for productive servers and network services.
Designed and developed customized web solutions for customers.