IT Cyber Security, SIEM, ISMS, ISO27001, Telematics Autosar, OBDII, CAN LIN. Cryptography Signature, encryption, SoC, CryptoCell, Hypervisor VMM
Aktualisiert am 18.11.2023
Freiberufler / Selbstständiger
Verfügbar ab: 21.11.2023
Verfügbar zu: 100%
davon vor Ort: 100%
IT Security
SoC Automotive
Automotive security
Extensible Authentication Protocol
SoC Encounter
Mother tongue




3 Jahre 2 Monate
2020-09 - 2023-10

Cybersecurity in the field of automotive system SW

  • I am System Cyber Security Automotive Functional Analyst and Architect Responsible for gathering and analysing requirements. Designing, development of Data Migration that involves digital forensics, security analysis threads intelligence, and Investigating multiple attack vectors, and Cloud Anti-Ransomware protection for IT Disaster Recovery, plus Cyber Risk Quantification CRQ.
  • I create Cyber Security System Concepts, Threat Analysis and Risk Assessment TARA, SW architecture with development hands-on activities. On this project used Advanced Threat Protection (FireEye NX). Applied Scripting, plus programming knowledge for tasks automation and provided project planning support.
  • I Provide Agile 1st level, and 3rd Level technical Support tasks for all Stakeholders Teams within the continuous improvement of HLD LLD SOC using Jira, CyberArk privilege access management and support Processes. I configure and customized SAP QM, SAP PLM module. I Performed system configuration, data migration, and data quality activities in SAP QM
  • I have responsibility for Leading Agile technical CRM software teams and customers together with all parallel Stakeholder projects. For the this product, I SW security design a traction/propulsion motor for an electrical car. I lead a team supporting them with the design of a traction motor and l review and troubleshoot the designs to provide solutions.
  • I act as a security Single Point Of Contact (SPOC) for all issues, and specified Automotive & digitalization TARA model, Systematic SOTIF HARA hazardous event model, DIA, SW Enterprise Architecture, AWS, GCP in Identity Access Management IAM for Clouds, within OLAs and SLAs, KPIs End Point security for McAfee Operational Technology(OT). I Participated in SAP PMO, MM, SAP S/4 HANA authorization concept, and SAP GRC Security and Authorisation Access Control Processes.
  • Specified project Plans for Cyber Security SIEM, GCP, MS Azure Sentinel AD Cloud Security IDS strategies, and Implementation for SOC/CDC LAN, SD-WAN(LTE, 4G, MPLS, 5G Encryption), SDN network Infrastructure within Agile DevSecOps Sandboxing, EDR , XDR in Endpoint Security Architecture detection environments. SIEM/SOAR Security Network Automation, Orchestration and Response, was used to detect active threats by analysing all this data, offering real-time monitoring, correlation, pattern recognition, alerting and automated Virtual investigation and responses
  • I specified all Security requirements, architecture, design, development documents , and deployed this architecture for Multicore EmbeddedSystems(hands on). I then preformed vulnerability Pentests, security assessment activities, according to vehicle process communication practices in Cisco Network Service Orchestrator NSO software,, CI/CD pipelines to generate deployments,DevOps, Gitlab, Java, Python, C, C++ , Microcontrollers, NXP, Renesas, Eclipse. Testing of the releases done in virtualized environment using BSI Security standards.
  • I created, document Threat model TARA Data model for SDN Network changes to optimize Web Access Firewalls and protocols in AWS cloud Security Backend Rest Micro Services use cases, search and reporting script using: Splunk, JSON, Jenkins, UDeploy, uRelease, Python, Node JS developer Packages , non SQL db, Oracle, LDAP Active Directory AD, Web application. I implemented automated collection using SE-Linux OS, Autosar Adaptive and Classic layer, Python/Spark Airflow DevOps CI/CD Pipelines, Powershell, Board Housekeeping (Temperature, Battery Monitoring) and Ansible Scripting language for Orchestration. My Security Admin tasks here include ISMS Juniper Firewalls Installation, optimization, issue analysis (error conditions), Configuration, Patching, Monitoring (Splunk and SIEM) with Intrusion Detection and problem management (IDS/IPS).

Continental Teves AG
Frankfurt (Germany)
1 Jahr 11 Monate
2018-11 - 2020-09

Creation - embedded SW system architecture

  • I created ISMS Embedded SW System architecture, design develop for Autonomous eMobility over Central Powertrain Controller(CPC) solutions, and analyze the gaps in existing architecture and develop SIEM Security incidents combining SIM , real time monitoring , events analysis, tracking, logging of data for compliance and TISAX Auditing ISO 5112 and disaster recovery (DR) drill procedures, and AerospaceusingDOORS.
  • I implemented changes to Firewall and its policies and tested using C1 Fuzz Dynamic solution over Connected Secure Cloud , for example WAN,LAN, WLAN, Network architecture protocols(IP, Cisco Checkpoint, TCP/IP, MQTT, MPLS, OSPF, BGP, F5 Load Balancers, vSAN, VM`s) PAC files, DNSSEC, Ansible, CATIA design, Dockers, Containerization, DLP, GIT, BitBucket, ThreatX, and WAF . Afterwards I Lead the coordination with all vendors, OEMS, 3rd parties to deliver the final platform for SW over the air Secure Update, cyber security autonomous driving AD, Access Management Control tasks, and CSA Cloud Migration of Network devices and Policies. Here SAP ABAP programming was deployeing OO approach for EDM EnergyData Management.
  • I evaluated all security vulnerabilities over Edge network devices ( Juniper routers, Firewalls, HIPS,) IAM EPP including CIAM, PAM SaaS, CyberArk(identitity security platform protection of all identities, human and machine across all devices in hybrid environment within IAM Sailpoint IIQ solution and integration project team . ForgeRock, BeyondTrust, Compliance were using , Splunk ACME, ThreatX API together with AEM Adobe and DTM.
  • All Sensor technologies data like Radar, Lidar,Camera, Ultrasonic Sensor inputs, with GNSS Data from Cisco devices, Security Manager CSM to secure Container was focusing on the availability and resiliency using, vMotion, load balancing and ASA, PaloAlto, SOAR Next Generation firewall, ESXi virtualization based, vCenter, and firewall tools. Task here include Organizational planning and preparation together with the Palo Alto , Checkpoint Firewall- Support for firewall and site-2-site VPN architecture concepts.
  • I defined PKI Certificate based operation services within DevSecOps , Chef InSpec toolset. Chef InSpec was to automate compliance, security, and other policy features into automated tests. The OWASP process, Certificate, Encryption and implemented
  • PKI Certificate Policies for End-2-End security for clients to establish a Root Of Trust in development and production using HSM TrustZone, Zscaler and Certificate Manager(Zero Trust Architecture, PKI Crypto) and align with ISO/IEC 33002 Process Assessment.
  • I provided Vulnerability Threats support using the application Tenable Nessus and Tenable SC, with planed total measured implementation using Splunk, FireEye HX agent, CodeCommit, Jenkins, Git, Gerrit, and Codebuild. Static Code Analysis, MISRA, and quality was done using Veracode, Codacy, and Fortify. Afterwards, I lead the coordination with all vendors and 3rd party suppliers to deliver the final Server security Configured SW using Tracking/Monitoring tools. I used FireEye HX EDR , XDR tool to detect signature and behavior based machine learning detection communication with base teams and stakeholders.
  • I Participate in forensic tools, industry best practices, analyzing associated threat actors Tools, Techniques, and Procedures (TTPs), SOPs, RACI, and DevOps, Apigee API management procedures for Cyber Security, and SOC, MSSP, activity log creation, reviewing(Secure Code Reviews), and maintenance. Regular performance tuning and filtering of SIEM alerts. Provide Vendor and internal team trainings as requested by management.
  • My role with OTA SW Update and Diagnostics was to develop and support Compliances; CISA, together with ISO 14229, ISO 15765, ISO 15031, CSMS, SUMS, UNECE WP.29, R155 R156 including using own Processes and Tools and to integrate UNECE/CSMS requirements into existing ISMS/GICSP platform. Tableau tool was used for data analysis and business intelligence. These are align according to General Data Protection Regulations(GDPR), with DPIA Data Protection Impact Assessment incorporated, PCI, and GSMA. I guide technical teams on usage of PKI/Certificate process and services to achieve this level.
  • Scope of Secure SW update was to align with ISO 21434, TARA using SABSA, Audit Certification R155/156, ISO X.509, Active Directory Security( MFA Identity Protection, Conditional Access) development and Continuous Monitoring, Vulnerability Scanning and Fuzz Testing. SW was deployed on Autonomous Connected Vehicle ECU.
  • On this project carried out analysis, optimization and creation of PowerShell scripts in the Azure policy (Restriction by compliance & Security Best Practices) environment and onpremise.
Valeo Siemens
Erlangen (Germany)
2 Jahre 11 Monate
2016-01 - 2018-11

Creation - OEM eAutomotive SW requirements and architecture

  • I created OEM eAutomotive SW requirements and architecture, afterwards I implemented and deployed all SW solutions for Valeo Sensor, Acutators, Powertrain module, ECU, TCU in an Automotive Systems.
  • Using ADAS Scrum/agile process environment, I created embedded real time Automotive System Security architecture, acted as Scrum Master, and acted as design technical lead, on vSoC(Virtual Security Operation Center), TUC Powertrain system architectures with sub-systems employing blocks such as IPS, IDS, HIPS, Zone Models, Firewall concept, Intrusion protection, as cryptographic engines Root of Trust using security and cryptographic standards, with Tanium and systems implementation using (Windows Crypto Lib, Java, NIST, PKCS12, FIPS-140, Tufin, Algosec). All endpoints within CI/DI Git, Node JS, MacOS Systems, Docker, Spring Boot/ Terraform, (HCL) ACME, Kafka, in AWS Kubernetes Environment , and Bitbucket pipeline process.
  • The secure solutions, were for SIEM SOC analyst within IDE Environment, CryptoCell, Quantum Cryptography over Quantum key distribution QKD, and Hash Engine, digital Key Signatures, Encryption controls applying OWASP (Top 10) Application Security Verification Standard ASVS.
  • These services used RSA Archer 5.x/6.x applications , RSA Archer used for access control and event notification with 2 factor authentication based on one-time token devices and TOTP authentication.
  • All within Cockpit, Instrument Clusters, Virtualization (VMWare, Hyper-V) and head-up displays(HuD) ? as well as core technologies such as augmented reality (AR) and artificial intelligence, on STAR 2/3 architecture. I Translate assessment results into Security Specification (Security plan). I develop and manage the IT Security policy standards and baselines for conforming to Policy Framework to prevent IDS, IPS (Snort, Suricata,Sourcefire), Web Application Firewalls ThreatX for Connected services within Network Topology, ISO 27001 (KRITIS, ISO 21434, CSMS, SUMS, ISO 26262, specified structure procedure for a Hazard Analysis And Risk Assessment HARA, evaluation of a radar-based DAS (driver assistance system) with ASIL (A-D), AEM Adobe, DTM Pixel and ISO/IEC ASPICE Processes.
  • All the development was done within DevOps Continuous Delivery toolchain (Eclipse, Git, Jenkins, JFrog, Ansible, Puppet, Chef) with Aurix SAK-TC233LP-32F200F AC Tricore process environment, together with CANoe, CAPL, and PROVEtech.
  • I supported and acted as point of contact for security Compliance ISO 14001, SOC2 Audit, Hands-on Penetration Testing (AppSec, application Security testing) specification and standardized Hypervisor security platform for Virtualization.  The multi OS?s (AUTOSAR Crypto Stack,  INTEGRITY) were running on SoC, ARM Trusted Zone Firmware Execution Environment(TEE), OP-TEE,  IPSec, NLB, SSL/TLS communication, on high availability infrastructure using Network Security System and applications security (microservices, NLB, SSL) and data security Encryption
  • Common tools like JIRA, Eclipse, Maven, Jenkins, Junit, CANoe. DIVA, ZenZefi (certificate and new key management System KMS ), and CANdela for Secure Diagnostics Rights Management. All within DevOps Agile environment.
  • I have experience of over 5 years of experience as an ICT system engineer with expertise in Exchange 2016/ 2019. I am well-versed in dealing with Exchange migration scenarios. 
Visteon Electrons
Karlsruhe (Germany)
2 Jahre 3 Monate
2013-11 - 2016-01

Implementation - MAC tags with AppArmor and the SELinux security module mac

Agile CAN Automotive Infotainment ...
  • I Project Managed and  implemented MAC tags using AppArmor and SELinux security module   mac.  Afterwards, I created IDS/IPS SIEM  solutions for OEMs using Tools like Splunk Enterprise security. Micro Focus ArcSight ESM
  • Provisioning of Data Storage managed by NetAPP Data Migration and Virtualisation of OTA Cloud hosting environments, IaaS, PaaS, and SaaS Models. I setup and configure Data Centres, with all related routers and switches, CheckPoint Firewall, load balancing and Big-IP F5, in Cloud Foundry compliance toolset.
  • I participate in migration WAN/LAN Troubleshooting, Root Cause Analysis, management, availability, Load balancing, and capacity planning . The Blade system is based on Cisco, using Virtualization VMware Hypervisor, HP, Microsoft, Cisco ASA, Junipers Firewall SRX 240, and EX series for VLAN Routing Switching of all IP traffic.
  • Define and implement Security Identity Management solutions, and define Java Management API optimisation of solutions, including firewalls (Juniper), Reverse Proxy, HPE/Aruba, McAfee. For Remote Access, DHCP, DNS, IP addressing, VPNs (Servers, clients), IPS, LAN/WAN technologies switching, routing, load balance for Broadband Remote Access Routes(BRAS)/BNG . Deployed in DevOps CI/CD pipeline for Continuous Integration and Configuration environments.
  • During project following tools and technologies were used for this Infotainment in client Server Gateways connectivity: CAN bus, CANalyzer, CANoe, CAN-based fault diagnosis, CAN, CAN-FD, FlexRay, ODX, OTX, ISO 20080, 20077/20078, and ISO 22901. Quality Management, FMEA creation and moderation, ? Failure Mode &Effects Analysis, FuSi, FTA, FMEDA, DFA, Vector tools CANoe and CANalyzer Connectcar, CANopen, AUTOSAR, Davincy, DevOps, Matlab, Simulink, MIL, DTC, ECU Inverter, E-Mobility, Powertrain, Security Control SSLv2, CAN OBD Dongle APN, to verify correct function of OBD application scope for different Country variants in CSERS, misfire, diagnosis, lambda sensors and catalyst diagnostics. In addition, for OBD applications used API development Integration REST/SOAP, MIL, ETAS INCA, SE-Linux, Android, and QNX Integrity.
  • I Configured setup with Juniper firewalls (Netscreen), administration and configuring Cisco, Junipers IP SEC for routing and switches using web client/ Server technologies: REST/SOAP JWT, Angular, SAML, OAuth, OIDC. I provided 2nd Level Support when required.
  • I have certifications as CCNA, CCNP, CCIE , CISA/CISM, CISSP, SSCP , CEH and JNCIA. For IT General controls (ITGC) .and for IT Governance Sarbanes-Oxley was strongly complied. 
Agile CAN Automotive Infotainment Network Security
Delphi - Europe Germany
Hildesheim (Germany)
1 Jahr 4 Monate
2011-08 - 2012-11

Network solutions in the virtualisation of cloud data centre servers

  • Network solutions in Virtualization of Cloud Data Centre Servers based on VMWare, vRealize Suite, vSphere EXSi ,VCloud, VMs, EMC, HP System Matrix provisioning . Data Storage was managed by NetAPP Data ONTAP Virtualisation environment. I support all design, deployment, configuration and implementation tasks. I Specified and documented the Secure Network Iaas, PaaS, based System Architecture specification, and development.
  • I design a new Data Centre (HP Super blade) Cluster design with load balancing for redundancy across fire zones, and to integrate this to existing VPN, NAT, VLANS, Layer 2 Layer 3 STP, routing IP MPLS, and BGP, AAA, DHCP, DNS, AD, VPN, Juniper ME/EX Junos, Cisco Firewalls Switches & Routers SRX-240H, Gateways and Infiniband fabrics over F5 Load Balancer Checkpoint, KVM Storage using BGP. I participate in diagnostic Pen-Testing and debugging of embedded devices.
  • The CSA Cloud Hosting Virtualization solution in a Data Centre based on Juniper MX/EX, Cisco router with optimized Clusters for Load balancing ACE, F5 running in Super Blade switching technology. Using tools like ITSM BMC Helix for development, management and configuration. Switching technology used Juniper 4500, Layer 2: 802.1, Ethernet Channel LACP, Audio Video Bridge(AVB), BLE, Layer 3. ASA, PIX, FW, ACS , for all Infrastructure multi-cluster Kubernetes platform deployments (hands-on).
  • I configured and customised all Functional DB(principle sql server and witness sql server) , and services for both SQL (MySQL, MS SQL Server), and NoSQL(MongoDB, HBase, CouchDB) servers for handling DevOps of Big Data archiving and Content Management using Hadoop platform in Client Server environment. Afterwards, I connected these to Junipers EX switches for routing and switching within Domains for all Trunk VLANS .
  • The IT architecture applications as used in BSS/OSS domains for which I was responsible were provisioning, service assurance, service activation, workforce management. These application solutions were developed, tested, delivered, and deployed on Vendor coming from NSN, Ericsson, Alcatel Lucent,Cisco IOS, Cisco Switching/ Routing Catalyst CAT6k5, Juniper, and Checkpoint. IP Protokolle (TCP, Unicast UDP, Multicast UDP) ,during the projects were SIP, IP, H323, MGCP, BGP, OSPF, VoIP, STP, RSTP, IS-IS over IP/MPLS L2, and VPN (SSLIPSec).
  • TCP/IP and UDP stack packets were analysed for Spoofing, Tampering, Repudiation, information disclosure, man-in-the-middle (MitM) and DOS attack, TCP was preferred as UDP is connectionless protocol, with no reliability and integrity, but faster.
  • For the project I used the following embedded software development and test tools and processes: Linux OS, C, C++, Clearcase, CME, CM Synegy, Eclipse, GIT, DebugMux, Python, Tcl, Perl, Lauterbach , Windows Mobile , ClearQuest Test Manager, SDE, Tools, QA Tools and Ethereal (Wireshark) Trace analysis. Agilent Signaling analyzer for Wireless/network traffic, together with Rhode Schwarz Testers. ITIL processes and Agile Scrum were used as project process models.
  • In the Access Network Juniper Firewall Routers were used for VPN concentrators, CheckPoint (Network Security) Cisco HighEnd Router(6500/7600). MS SQL Server 2008, MS AD, MS DNS .
Intel Mobile Communications
Munich (Germany)
3 Jahre 1 Monat
2008-08 - 2011-08

Coordination of all technical issues during certifications

  • I coordinate all technical issues during certifications of PSTN, E1/T1, SS7, QSIG, Avaya IP-PABX to all Vendors during implementation migration NGN to IMS phase for Mobile and NGN, and IMS System Acceptance testing. With the IMS core setup I had involvement Acme SBC, CSCF Function HSS, MGCF/SGF for PSTN, BSS/OSS IT application architecture as used in BSS/OSS Domains, and 2G/3G core networks.
  • I was responsible for Hosting Virtualization solution in a Data Centre . In the Access Network ISG Juniper Firewall(SSL/VPN), NGFW, CheckPoint, Cisco IOS, Juniper Junos, UTM, NIPS/NIDS. Cisco Load balancers, Cisco Routers & Catalysts, Call Manger CUCM, CUBE, CCM 7, VLAN, IPSec Security and DCN were deployed towards NGN , SBC, DNS, SIP Bluecoat Proxy servers. I Design and implementation(hands-on) Avaya IP PABX solutions using Agile SCRUM methodology for this project.
  • Some of technologies used were 3G, 4G, 5G, SIP, H323, DHCP, Megaco, ISDN PRI, Voice, data, IP, Switching, SS7 signaling (ISUP), STP, and TDM.
  • I provide full set of documentation according to ITU, 3GPP and support completing of testing and acceptance activities and decide when Ready For Acceptance. 
Brussels (Belgium)
2 Jahre 2 Monate
2006-07 - 2008-08

Definition of the SW architecture and the information model

  • I am responsible for defining SW Architecture and Information Model for Mobile 3G NMS, NOC,OSS, WCDMA, IMS, VoIP and WiMAX SW and Platform solutions.
  • My tasks include defining System Requirement specifications, Architecture and software Solution for implementations of the Non Access Stratum on Ericsson Next Generation Networks(NGN) for 3G, 4G(LTE) and 5G.
  • I worked with a team to define Network Management Design , and System Architecture for WCDMA, IMS, VoIP, WiMAX NMS Node B and FlexiBTS. These were documented using 3GPP, ETSI other internal standards. I developed Information Models for Network Configuration Control, Performance of 3G IP Networks , IP Routing Protocols, IMS, Ethernet, DWDM, IPSec Security and DCN. I participated in development activities.
  • Responsible for design and development of GSM, UMTS, GPRS, UMTS RNC Node B and BTS SW, for both Mobile WCDMA, and UMTS Networks. 
  • Defined 3G RNC Signaling, HSDAP, HSUPA, Analyse KPI parameters for System Dimensioning, Transmission, and optimization for Startup, System Recovery and Escalation strategies.
Nuremberg (Germany)
1 Jahr 6 Monate
2005-05 - 2006-10

Integration Manager

Project Test Manager
Project Test Manager

  • Project Test Manager  on Network Server division as Test and Integration Manager for  J2EE Portal  
  • My daily  project management tasks include: develop and maintain project plans and schedules
  • Identify interdependencies across projects and propose  how they should be managed
  • To manage project resources. issue resolution, risk mitigation, and escalation. Project forecast and  tracking
  • Proposed a  Strategy for efficient usage of  performance loading tools like QA load, LoadRunner.
  • Together with Enterprise application performance tuning involving BEA WebLogic tuning, JMS Tuning, MQ and Oracle database tuning
  • I wrote the necessary  LoadRunner scripts and Java code to realize the proposal recommendation

Nokia Siemens Networks
Ulm, Germany
10 Jahre 1 Monat
1996-07 - 2006-07

SW specifications for architecture, development, test and integration activities

  • I have been responsible for SW Specifications for Architect, Development, Test and Integration activities on Mobile 2G GPRS, 3G UMTS/W-CDMA Embedded SW Push to Talk over Cellular Project. The project was based on Symbian Series 60/ 80/ 90 PTT. The applications are based on Symbian vOS 6.0/7.0 OS running on various Realtime Embedded Products, including the Application Engine (UI) browser for Mobile Terminal devices.
  • All applications developed in C++ CodeWarrior, MS Visual C++, Continus, CM Synergy and Clearcase, Eclipse IDE, Lauterbach. All testing including Unit testing done to fine tune for Memory and performance optimizations.
  • The core technologies and Network used were, 3GPP R5, IMS, 3G Terminal in SIP architecture, RNC WCDMA Control( CS, PS Core networks RRC, RRM), RTP, SDP, MMF, and XML.
  • The Software was developed as a Server to take care of session management with SIP and SDP-protocols and it controls PoC plug-in of the multimedia framework (MMF), which handles data transfers with RTP. It also provides an API for applications wishing to use PoC Terminal Device.
  • The SW was developed using using Rational Rose EPOC C++, UML, OOD, CodeWarrior, and Continues/CM Synergy CCM. My role has been to define the system concepts for the Mobile and Fixed Access Applications, using some of the ITU, and Nokia specific standards. The technical specifications were used to determine the architecture choice(s) for the Access Node with Multiservice applications.
  • My Development role included being responsible for a subsystem and all its classes, and their interfaces. This software was Real Time, Embedded using OO methodologies, UML, OMT, Rational Rose, C/C++. A more formal use of the GDMO Modelling, MIB and the ASN.1 were used throughout these projects: from specification to implementation. The internal and external communication between these objects was implemented using generic Message Interface classes. Design OS Symbian EPOC Component to provide a Screen Capture Services for Mobile Portal device. The Screen Capture used Symbian EPOC Application Framework UIKON, CON applications, including Comms Infrastructure/ Messaging and Visual C++.
  • I supported development of test tools/ utilities and scripts using (Perl, Python, Tcl, awk, Unix Shell) on these projects. Clearcase with Multisite environment were used for SCM. ClearQuest tool was used for the bug report Generations/ Tracking of appropriate Action Requests.
  • The Technical Specifications, for which I was responsible, were the "core" architecture of the Access Node which was developed. One of the concept from the Technical specification was submitted by NOKIA NET for a Patent as part of the "Invention Report".
Nokia - Telecommunication
Helsink (Finland)
3 Jahre 1 Monat
2002-01 - 2005-01

responsible to manage SW development

Test Project manager
Test Project manager
  • Test Project manager responsible to manage SW  development team, and to ensure assigned project plans are mantained and  priority/visibility are delivered on-time, in line with the scope definition and according to budget. Other daily tasks include participating in  J2EE SW Design, Develop, Test and Integrataton. SW. This SW  was a browser based client  applications using J2EE  BEA WebLogic  application Servers in a J2EE/Oracle/Solaris environment. The application were design using Rational Rose, UML, XML, and RUP. Application were developed using Java, JDBC, JMS, Servlets, JSP, ANT, JUnit, Spring Framework, Hibernate, HTML and JavaScript, LDAP, SQL, and Oracle
  • The testing  included all Portal Functional testing, J2EE  BEA Weblogic  based Performance testing, and Content Validation testing. The automatic testing  which was used on this  project  utilized the following tools and utilities(QA Load, QA Runner, LoadRunner(scripting), WinRunner, Test Director, Junit, and  HttpUnit).My Project  responsibilities include creation of Release Test Plan, coordination, Build, Integration of  all Global SW development and test activities, to ensure Quality and the Release of the product.
  • On other projects,I have been responsible for  Managing and Developing a detailed Product Test Strategy for the applications, to test Automation within the IT  Program. To Develop Test Plans and review Release against Completion Criteria. All applications were  devloped in J2ME, RUP and Sun Solaris, IIS, Windows NT 4, LAN/WAN Network Environment.  
  • Test Automating was done  for all Functional and non-Functional tests for all applications to determine Stability, Performance and Scalibility.
    Responsible for mentoring other testers in this activity during the Test and Gating Acceptance Criteria. This was done for all internal and 3rd Party Projects.             
Integration Manager
Helsink, Finland
7 Monate
2001-07 - 2002-01

Senior Test and Integration Engineer

  • I  am a Senior Test and Integration Engineer  on a project based on GSM/GPRS,  UMTS 3G, Mobile Internet Applications for Node and Handset  Portal  devices. My responsibility was to Develop, Test,  and   Integrate GPRS Protocol/Application and SW.  A Module was  developed  to handle Link Status Connection, for all Connected Mobile Applications. This SW was distributed on the GPRS Nodes  
  • I was responsible for producing Technical Feasibility specification, Design and Implementation of Mobile Internet Portal  SW applications based on Java 2 Micro Edition (J2ME), CLDC MIDP  Platform.  The MIDP MIDlet client was developed to provide both ?push? and ?pull? services, over Internet Web Servers including a server based on J2EE platform.  The Dynamic behaviour of the  MIDP MIDlet was developed   MIDP Platform
Ericsson Eurolab
1 Jahr 3 Monate
2000-05 - 2001-07

Senior Software Engineer

  • I was Senior Software Engineer with responsibility for the Architecture specification for UMTS 3G , Mobile IP , ATM/IP  NMS FCAPS  and Internet Applications.
  • I supported the Software Configuration Management - SCM process development activities for the Node program, and administration of tools. I wrote the SCM and Software Process Improvement process, Methods and Guidelines. This was was part of QA.  
  • I specified  and designed  the components necessary for generic Application Platform (SNMP Proxy Agent/Server, CLI), which support IP Protocols (Signalling, Routing).  This project is part of 3G UMTS  Core Network  Level  for Mobile IP,  and Fixed Access Networks Applications.  This Software is distributed and integrated  on Access Node (AN),  Network Terminal Unit (NTU), and  Integrated Access Node(IAD).   The infra structure for these Access devices is IP/ MPLS Core to  support VPN.
  • My SW development  responsibility,  was for implementing  VoIP  and ATM SW Switching, Routing,  UNI/PNNI for PVCs, and SVC, and VPN. The IP applications supported the requirment for the Internet Access, and the Mobile IP applications.
  • The SW  provides  support for point-to-point and point-to-multipoint connections. The VoIP  for Routing  protocols included BGP-4, OSPF-2, IS-IS and RIP, corresponding Asics were developed to support switching. The IP applications supported QoS, based on DiffServ and MPLS. 
  • I developed  External Management(EM), this  is used in Access Node on the Switching Unit, it  provides interface to communicate with the Platform Components SW,  and to various external sources. This module, is also responsible for Configurations and Controlling of the entire software on the Switching Unit. Thus, providing  a gateway for Management Commands,  to the  Embedded SW  running on the ATM Switching  and Control Units. The SW was developed using  UML Modelling,  Rational Rose ToolSet, OMT, C, C++.
  • Testing was done in NT and Target Environment using TCL, Perl  scripts with support from, in house TestNet utility.  Telelogic/TTCN was used for the specification of the test suite. Thus, involved in all  stages of  full software Process Development Life Cycle on these projects.
Tellabs, Oy
3 Jahre 10 Monate
1996-08 - 2000-05

System Concepts groups

  • I have been working in the System Concepts groups for the Nokia Telecommunications (NTC).   My role has been to define the system concepts for the Mobile and Fixed Access Applications, using some of the ITU, and Nokia specific standards. The technical specifications were used to determine the architecture choice(s) for the Access Node with Multiservice applications.
  • I  supported development of test  tools/ utilities and scripts using (Perl, Tcl,awk, Unix Shell) on  these  projects.  Clearcase with Multisite  environment were used  for SCM.  ClearQuest tool was used for the bug report  Generations/Tracking of appropriate Action Requests. The quality of the SW was produced according to the CCM, and internal Software Process Improvements(SPI) guidelines.  Rational Suite Componets were  used in all development and test  phases.
  • The  Technical Specifications, for which I was responsible, were  the "core" architecture of the Access Node which was developed. One of the concept from the Technical specification  was submitted by NOKIA NET  for  a Patent as  part of the "Invention Report". 
NOKIA -Telecommunications
5 Jahre 11 Monate
1990-10 - 1996-08

Management and Telecommunication

  • Alcatel SEL - Stuttgart, Germany, 1990-10 - 1993-03. I was  Software Engineer on SDH, PDH  Cross Connect  project whose applications were, both Network Management and Telecommunication (4/3/1 cross connects).  My role was to provide SW services for Cross-Connection, using the Termination Points. These were represented as Managed Objects, according to the CM-Information Model, as specified by the Deutsche Bundespost Telekom.
  • For the Network Management, I was involved with: TMN, ROSE, CMISE, ASN.1, GDMO related Applications, Alarm Management, Performance Management, Configuration Management, and Cross Connect Management. The design was produced using the OOD, OOP, with and GNU C++. All the documentation was produced using the CCITT (ITU),IEEE, ETSI, ISO international Standards.
  • Alcatel Telecommunication Systems -ATS, Den Haag (1995-01 - 1996-08). Provide Network Management SW suport for  Provisioning of Data Collection for a Mediation Device, for Fixed Access and IP Networks.
  • Designed a Data Persistency Solution for the applications, using the Relation database (Oracle7.1); this was implemented by a generic C++ base class, which is inherited by the applications which need to make their data persistent. I also, examined an Object Oriented data base (OODBMS) as a possible solution, affecting the TMN applications in the near future.
Stuttgart, Den Haag
2 Jahre
1988-11 - 1990-10

design and implement

  • My role with ICL was to design and implement Secure Office Systems, over Distributed Networks. A network was developed to ensure that Trusted Communication is achieved.
  • The design took a form of a Security Protocol Layer(SPL). The Secure Protocol software receives messages from a LAN or a WAN, with an ENCRYPTION Seal. Latter, is regenerated using a MOD approved algorithms.
  • The DAC and MAC are established by use of multidimensional arrays. The function of the Security Protocol Layer was  to Authenticate, Identify, Mediate,  and Relay messages between Peers.
ICL Bracknell
2 Jahre 3 Monate
1986-09 - 1988-11

design and implementation

  • Majority of work in which I was involved with was a design and implementation of Real Time Applications software for the Ministry of Defence (MOD). The software was developed using z8001/z8003 microprocessors as the target, with Tektronix 8560 as host and 8540 in Circuit Emulators. The Mascot and JSP methods were used in the software design.
  • The developed software used an in-house Mascot Executive to perform Scheduling and to support the Mascot Inter Communication data areas, implemented as real-time  embedded software.
  • Writing a compiler for specifying software to generate tables required by the database access software and z8001 assembler .The generated code was written in C using UNIX System Interfaces.
2 Jahre 8 Monate
1984-02 - 1986-09

integrate a 3 Phase Full Bridge Rectifier

  • CAD package of non-linear circuit to integrate a 3 Phase Full Bridge Rectifier, Inverter, and a Transformer for a non-linear power circuit. Pascal and C were used with some assembly routines. This SW developed further to measure Transient Conditions, by use Inverse Matrix Furrier Analysis and Newton Raphson  mathematical techniques .
2 Jahre 3 Monate
1977-07 - 1979-09

production/ automation

  • Programmer analyst for in house SW production/ automation projects.

Aus- und Weiterbildung

2 Jahre 1 Monat
1996-09 - 1998-09

Study - Software Engineering

Master of Science, Oxford University, England
Master of Science
Oxford University, England

  • Software Formal Specifications, Design, Critical Systems engineering, Advance Software development, Concurrency and Distribute Systems, Software development Management, and Software Engineering Mathematics. 
  • OOD Design Patterns using Java.

2 Jahre 11 Monate
1979-09 - 1982-07

Study - Applied Science with Computing

Bachelor of Science, Kingston University, England
Bachelor of Science
Kingston University, England
1 Jahr 11 Monate
1975-09 - 1977-07

3 GCE A Levels

Mathew Boulton Technical College, England
Mathew Boulton Technical College, England
3 Jahre 11 Monate
1971-09 - 1975-07

8 GCE O Levels

Arden Grammar School, England
Arden Grammar School, England


  • Cyber Security Network Software Design/Architecture Solution, Development configuration, Design, DevOps, ADAS Agile, ASPICE Process
  • Current Position: Cyber Security Analyst, Responsible for defining implementing Threat Vulnerabilities, risk assessment and mitigations within Agile Team



SIEM IT Security SoC Automotive Automotive security Firewall Extensible Authentication Protocol SoC Encounter

Produkte / Standards / Erfahrungen / Methoden

  • Automotive ADAS AD, System SW Architecture, Security Cryptography
  • Security Functional Safety standards ISO26262, ISO27001, CISM, ITGC
  • IT Risk Assessment Framework ISO31000, ISO 21434, MS Office
  • Sensors, Actuators, ODX, OTX, ISO 20080, Istio , COBIT ISACA 
  • VMWare , AD, Cloud, Big Data, VCP, ITSM, ITIL V3 cert, PCI. 
  • Juniper Firewalls SRX240 , EX3200, EX4200, MX, Junos 
  • Cisco Secure, CCNP, CCIE , Netflow, NetScreen, Security Manager CISO
  • Cisco Nexus Routers Switches ,ASA FW, PAM, PIP, IAM, Zscaler 
  • BGP, OSPF, EIGRP, QoS, VoIP, VPN (openSSL, IPSec), AD, DNS 
  • Network LTE, GSM, UMTS Protocols, CS/PS,SDN Networks 
  • CyberArk PSM, Nagos, Groundwork, IPS(Smort, Suricata, Sourcefire 
  • SIP, RTP, SDP, VoIP, MMC,CMS, Node B, BTS, RRC, RNC, L2/3 
  • Object Oriented Analysis and Design, C, C++, Java, ASN.1, GDMO 
  • BGF Acme SBC, CSCF , HSS, MGCF/SGF , PSTN, and 2G/3G Mobile
  • SW System Specification, Test Specifications, Software Architecture 
  • System/Functional Testing, Integration, Test Executions, ISTQB 
  • Security Big Data ElasticSearch,Confluent Kafka, Hadoop ,Syslog-ng 
  • Doors, SVN, CANoe, K2L, MOST, ETH, Puppet + config tool suite 
  • MetroWerks CodeWarrior, MS Visual C++, Linux(Realtime), Android
  • Sun Solaris, Unix, HP UX, C, C++, SOA, Bash, Shell Programming 
  • J2EE Client/Server, Java Web Server, J2ME(MIDP) PDA,eCall 
  • BEA WebLogic, JavaScript, JSP, CEH, CISA EJB, JDBC, XML, HTML , HTTP,  CompTIA security+
  • Software Process Improvement (SPI), ISO9001, ISO 17025, CMM, ASPICE 
  • Vector CANoe Analyser, Vector DaVincy Developer , AppSec, C1 Fuzz,  IREB, CISSP, CISM  
  • MPLS/GMPLS IP Routing protocols BGP-4, OSPF, IS-IS , RIP, I2C
  • TCP/IP IPv4, IPv6 , VPN, IPSec, MacSEC tunnels,nMap 
  • AWS, MS Azure, GCP, Docker, Kubernetes, MongoDB, Rest, IaaS, Paas
  • Telecommunication, PDH, SDH, ITU, BSI, ISO, TMN , POTS, ISDN, V5 
  • Key Management System KMS, PKI, CryptoCell, Secure Boot
  • Java J2ME MIDP, CLDC, MTM, Soap UI ,UIQ Messaging
  • HP-UX , Autonomous, e-Mobility, Powertrain, CISSP, GXPN
  • Oracle Database (RDBM) , MySQL, MS SQL Server 2008, AD, DNS 
  • GNU Tool chain,CME, Eclipse IDE, Lauterbach, EtherReal(Wireshark) 
  • SE-Linux Redhat, CentOS, OmniTracker, Catapult, SOAP, ISO 27701
  • NetAct OMS, FlexiBTS, IP Router, NVIDIA OpenGL, Office 365
  • Arcsight, CMoD, Myra, Modsec WAF, FireEye HX,NX, Symantic, McAfee 
  • LLDM LTE MA Trace Analysis, Jira, GIT, GITLAB, DPIA, DSGVO 
  • SIEM AccelOps, CERT, TOGAF, Amazon S3, MongoDB, MariaDB
  • IRAT, IoT , Artemis, Mobile Analyzer (2G 3G LTE Stack) CCC


  • Telecommunication

Vertrauen Sie auf GULP

Im Bereich Freelancing
Im Bereich Arbeitnehmerüberlassung / Personalvermittlung


Rufen Sie uns an +49 89 500316-300 oder schreiben Sie uns:

Das GULP Freelancer-Portal

Direktester geht's nicht! Ganz einfach Freelancer finden und direkt Kontakt aufnehmen.