About me

Education

• Information Security Management (Msc) at the Danube University Krems
• Computer Engineering (Dipl.-Ing.) at the Vienna University of Technology
• HTL for EDP and Organization (Ing.) at the HTBLuVA Wr. Neustadt

Certifications

• CISSP – Certified Information Systems Security Professional (ISC²), including all three concentrations:
  • CISSP-ISSAP – Information Systems Security Architecture Professional (ISC²)
  • CISSP-ISSMP – Information Systems Security Management Professional (ISC²)
  • CISSP-ISSEP – Information Systems Security Engineering Professional (ISC²)
• CSSLP – Certified Secure Software Lifecycle Professional (ISC²)
• CISA – Certified Information Security Auditor (ISACA)
• CISM – Certified Information Security Manager (ISACA)
• GICSP – Global Industrial Cyber Security Professional (SANS/GIAC)
• GRID – Global Response Industrial Defense (SANS/GIAC)
• GXPN – Exploit Researcher and Advanced Penetration Tester (SANS/GIAC)
• GPEN – Penetration Tester (SANS/GIAC)
• GWAPT – Web Application Penetration Tester (SANS/GIAC)
• GAWN – Assessing and Auditing Wireless Networks (SANS/GIAC)
• GMOB – Mobile Device Security Analyst (SANS/GIAC)
• GCPN – GIAC Cloud Penetration Tester (SANS/GIAC)
• ISA99/IEC 62443 Cybersecurity Fundamentals Specialist (International Society for Automation)
• CMSE – Certified Machinery Safety Expert (TÜV NORD)
• ISO 27001 Certified Information Security Manager (CIS Cert)
• ISO 27001 Certified Information Security Auditor (CIS Cert)
• TSA Trusted Security Auditor (TÜV Austria)
• CDIT – Certified Data & IT Security Expert (Incite)
• Geprüfter Datenschutzexperte (Incite)
• Geprüfter Datenschutzbeauftragter (CIS Cert)
• CEH – Certified Ethical Hacker (EC Coucil)
• CSM – Certified SCRUM Master (Scrum Alliance)
• ITIL V3 Foundation
• zPM – PMA Zertifizierter Projektmanager (IPMA Level C)
• MCSA – Microsoft Certified Systems Administrator
• MCSE – Microsoft Certified Systems Engineer
• MCDBA – Microsoft Certified Database Administrator
• OCP – Oracle Database Administrator Certified Professional
• RHCE – Red Hat Certified Engineer
• Sophos Certified Engineer
• verinice Expert

Memberships and voluntary activities

• OVE – Austrian Association for Electrical Engineering:
  • Chairman of TSK MR 65 (national mirror committee IEC TC 65 – IEC 62443, IEC 61508, etc.)
  • Chairman of working group MR 65 Industrial Automation & Control System Security
  • Member of the board of the “Society for Information and Communication Technology” (GIT)
  • Head of the “Cyber Security” working group at GIT
• ISA – International Society of Automation
  • ISA99 Committee – ISA/IEC 62443 Development
• Austrian Standards
  • AG 001.27 Information security, cybersecurity and privacy protection (ISO JTC 1 SC 27 – ISO 2700x)
  • AG 001.18 Data Protection
  • AG 001.41 Internet of Things, Komitee 001 Informationstechnologie
• (ISC)2 – International Information Systems Security Certification Consortium – Austrian Chapter – Board Member
• ISACA – Information Systems Audit & Control Association – Austrian Chapter
• SANS Institute – GIAC (Global Information Assurance Certification) Advisory Board
• CSP – Cyber Security Platform of the Austrian Federal Government (BKA)
• OCG – Austrian Computer Society
• IT Security Experts Group – Austrian Federal Economic Chamber
• TeleTrusT – Federal Association for IT Security e.V. (Germany)
• Hauptverband der allgemein beeideten und gerichtlich zertifizierten Sachverständigen (Association of sworn and court-certified experts

Career milestones

• Senior Security Architect and Teamlead Security Professional Services at T-Systems Austria, the Austrian subsidiary of Deutsche Telekom
• Establishment of a research group for applied IT security research at the AIT Austrian Institute of Technology, Austria’s largest non-university research institution – applied IT security research in the areas of Smart Grid and Industrial Security, High Assurance Cloud Computing, National Cyber Defense
• System architect and project manager at Austrian Research Centers (later AIT) in the application domains Biogenetics, eHealth, Satellite Remote Sensing, Sensor Networks and eGovernment
• Technical consultant and project manager at Fabasoft AG, management and implementation of software development and infrastructure projects for systems in the areas of enterprise content management, electronic file management, CRM and eGovernment
• IT consulting and software development for small and medium-sized enterprises as freelance consultant