Projects: Data Analytics Plattform, Cloud based IoT operating system (AWS, MS Azure), Migration to
the Cloud, multiple smaller projects
Role: IT Security Architect / Technical Project Lead
* Defining and designing platforms to comply with International Security Standards
* Security concept for a Big Data and for a IoT platform with multiple Stakeholders
* Support of the management by technical questions
* Cyber Security Trainings for International Siemens Top Management
* Ensure cross-divisional collaboration and coordination with internal departments
* Communication and coordination with suppliers
* Representing the security requirements in the implementation programs as well as
mediating between the requirements and the technically and commercially sensible
options
* Coordination of off- and nearshore developers
* Leading of Java projects
* Safety analysis of the products used
* Product evaluation in the cloud and on premise
* Review of rollout concepts
* Evaluation of results with regard to the state of the art
* Development of tenant separation concepts
* Consulting on the evaluation of developed components
* Hardening Guidelines for Teradata Data Warehouse, Hortonworks Hadoop, Tibco
Spotfire, Tableau, Talend, KNIME Server
* Architecture of the central user management (IAM)
* Architecture of Single Sign On
* Responsibility for the functional and technical architecture and further
development of the multitenant Identity and Access Management infrastructure (IAM)
(CloudFoundry UAA, MitreID Connect, Auth0)
* Integration of multiple applications with IAM (SAML 2.0, oAuth 2.0, OIDC, LDAP,
SCIM)
* Adaptation of corresponding processes with dependence on the Identity and Access
Management
* Development of a security concept for the streaming architecture.
Security measures to protect the stored, processed and transmitted data, to
control data usage, for the secure design and configuration
* Integration of components into the platform
* Security architecture, code and process reviews for ACP2 projects
* Review of the data encryption and integrity (in-rest, in-motion)
* Review of the application code responsible for data processing, transfer and
storage
* Review of the software component configuration responsible for data processing,
transfer and storage
* Review of the applicability of multitenant deployments