André Schaller

Information Security Engineer at EUMETSAT

Frankfurt Rhine-Main Metropolitan Area

About

I am a freelance cyber security specialist and penetration tester with passion and 5+ years of experience both in academia and industry. My services comprise reviewing the security of your web application by means of exhaustive penetration tests. Furthermore, I provide consultancy services regarding security architectures of existing projects or support during the design of a new security architecture. Finally, I provide support implementing crypto primitives and/or secure protocols and applications.

Experience

  • Information Security Engineer at EUMETSAT
    Jul 2021 - Present · 5 yrs 1 mo

  • Freelance Cyber Security Specialist and Penetration Tester at Self-Employed - Cyber Security Consultant
    Jan 2018 - Present · 8 yrs 7 mos

  • Security Engineering Consultant at GMV Insyen AG
    Dec 2018 - Jun 2021 · 2 yrs 7 mos

    Security Engineering Consultant at EUMETSAT Headquarters. Responsibilities include, but are not limited to: 1. Security-related anomaly full life-cycle management; 2. Security engineering activities: - Setup and running of asset discovery and vulnerability scans; - Monitoring of vulnerability patching activities; - Review of anomaly reports as well as firewall and threat prevention solution reports; 3. Deployment and Maintenance of security solutions / frameworks, including: - Privileged Access Management, Endpoint Protection, Identity and Access Management solutions. 4. Regression testing; 5. Generation of security-related reports; 6. Security-focused documentation drafting, review and updates of guidelines design reviews, and or documentation updates. 7. Performing of auditing activities: - Inspection of deliveries for compliance to security requirements; - Ad-hoc auditing where required. Products/Vendors - Highlights: CyberArk, Palo Alto NGFW, Qualys, Trend Micro Deep Security, OpenVAS

  • Scientific Assistant at CYSEC Darmstadt / Technische Universität Darmstadt at Technische Universität Darmstadt
    Jun 2012 - Dec 2017 · 5 yrs 7 mos

    Since 2012 I have been working as research associate within the Security Engineering Group at Technische Universität Darmstadt. Working in the computer science department, my special research was about cyber security, with special focus on hardware-based security and privacy. My particular focus was on establishing hardware-based security anchors of trust in standard hardware components that are implemented in commercial off-the-shelf devices. Hence, my professional interests are about the security and privacy of embedded devices and the Internet-of-Things as well as lightweight cryptographic protocols and applications. During my doctoral studies I was mainly working as part of EU-funded FP-7 projects as well as collaborative research centre projects and was able to acquire experience in project management related tasks that also involved collaboration with partners from the industry. As part of my technical work, I was engaged in low-level programming and interfacing of embedded microprocessor-based devices in order to establish interfaces that allowed for the design, implementation and evaluation of lightweight secure protocols and applications, specifically tailored for the capabilities of such low-cost commercial off-the-shelf embedded platforms. Results of my scientific work have been successfully published at renowned journals (TIFS, TDSC) and conferences (HOST, CHES, ESORICS, TRUST) and cumulated in my doctoral thesis that I passed with highest honors (summa cum laude). The collegiate aspect of my PhD studies involved the supervision of students as part of various lectures, i.e., the preparation, supervision and correction of exams and the management of those lectures. Furthermore, I supervised the process of writing and finishing the Bachelor as well as Master thesis of multiple students.

  • Founder & CEO at ShopDefenders
    Sep 2012 - Oct 2013 · 1 yr 2 mos

    Founding and leading of a IT security service provider that delivers penetration tests and audits of web applications, specifically tailored towards medium-sized online eCommerce companies.