I'm an information security engineer at a company a lot of people like. I am mostly working on security reviews today, and lead an engineering team that owns and scales this process.
2013 - current Information Security Engineer | Manager at Google Inc., Mountain View, CA, USA.
2012 Post-doc student with Prof. Dr. Christoph Meinel at Hasso-Plattner-Institute, University of Potsdam.
2008 - 2011 PhD student with Prof. Dr. Christoph Meinel at Hasso-Plattner-Institute, University of Potsdam, doctor rerum naturalium (Dr. rer. nat.)
2003 - 2008 Study of Software Systems Engineering at Hasso-Plattner-Institute (HPI), University of Potsdam, Bachelor of Science (B.Sc.), Master of Science (M.Sc.) (Outstanding).
2002 - 2003 Civil service with Deutsches Rotes Kreuz (DRK).
2002 A-Levels (Abitur) at Albert-Schweitzer-Gymnasium Vetschau (Outstanding).
2013 - now Information security engineer | Manager at Google, vulnerability management and remediation, security reviews / pentesting of Google products and infrastructure, tool development
2012 Software Security Surveillance Research Projects with SAP
2011 (Aug-Nov) Internship at Google, Inc. as Information Security Engineer
2010 (Apr-Aug) Internship at Google, Inc. as Software Engineer in Security
2010 - 2011 Security audit and risk assessment for a European energy provider
2009 - 2011 Projects with the German Federal Office for Information Security (BSI), such as co-authoring "Metrics for SOA Security" and "SOA Security Compendium"
2008 - 2010 Projects with the Police of Brandenburg: Infrastructure Analysis, Study on Virtualization, Forensic Analysis
2009 - 2010 Host of bi-weekly hands-on security sessions
2006 - 2008 Student assistant at HPI, Research & Development for the Lock-Keeper, a high level network security device implementing physical separation
2005 - 2006 Project with Siemens AG Switzerland - Civil an National Security, "Secure Database Replication by Lock-Keeper"
2004 - 2006 Founding member of "Respontec GmbH" - EU sponsored startup with focus on IT-Security (IDS/IPS)
2000 - 2005 Voluntary work as network adminstrator for a school
Programming Java, Python, C, JS, HTML, CSS
Tools & Systems Linux in various flavors, metasploit, skipfish, ratproxy, vim, eclipse, gdb, wireshark, ettercap, john, radare, IDA, BinNavi, Prelude-IDS, snort, samhain, iptables, nmap, amap, thcrut, nessus, etc.
skipfish web application security scanner with focus on speed (here)
ratrpoxy security proxy for penetration testing (here)
Nothing recently! Former publications and teaching activities can be found here.
For some reason, I do like playing guitar every once in a while, and occasionally record things:
Impro on II-V-I - this video recording is part of a performance by the lyrics group (Sprecherkreis) at University of Potsdam in 2008.
Nardis - this demo recording was done in 2006 with Ramona Geissler on bass and Dana Leichsenring on vibraphone. In this line of recordings, we managed to do several tracks, such as Freddie Freeloader, Have you met Miss Jones, and Black Orpheus.
s.roschke (at) gmail.com
PGP Key Information:
KeyID: D8B5998F
Fingerprint: 07E5 F856 BF87 8FCC 3FBB 5D8C 7836 3555 D8B5 998F