17.07.2025 aktualisiert
100 % verfügbar
IT Security Experte spezialisiert auf Machine Learning und IT Sicherheit
Dülmen, Deutschland
Dülmen +50 km
PhD Computer ScienceSkills
HTMLJavaBash ShellBootstrapCSSClusteranalyseInformationssicherheitDevopsDNSIncident ResponseIntrusion Detection SystemVPNSpring FrameworkJsonPythonMachine LearningMicrosoft Visual StudioNatural Language ProcessingRoutingNmapNumpyOpen Source IntelligenceOpen System InterconnectionPerformance-TuningPublic-Key-InfrastrukturPredictive ModellingScrumTensorflowSQLStatistikenTCP / IPVulnerability ManagementDrahtlose KommunikationExtensible Markup LanguageBestärkendes LernenScriptingFeature-EngineeringLarge Language ModelsFirewallsJupyterGitAngularJSScikit-learnKubernetesSicherheitsbestimmungenDdosDockerAnalyse der Schwachstellen
- Sprachen: Deutsch (gebürtig), Englisch (fließend)
- Machine Learning: Python, NumPy, scikit-learn, Tensorflow, Jupyter, Neuronale Netze, Lineare Regression, Logistische Regression, Entscheidungsbäume, Random Forests, Boosted Trees, Clustering, Anomalie-Erkennung, Empfehlungssysteme, Reinforcement Learning, Feature Engineering, Fine-Tuning, Predictive Modeling, Statistical Modeling, Performance Tuning, Natural Language Processing (NLP), Large Language Models (LLMs), Dimensionality Reduction.
- Security: Kryptografische Schlüssel und Algorithmen, Responsible Disclosure, Netzwerkgrundlagen (OSI-Modell, Protokolle wie TCP/IP, DNS), Infrastruktur (Routing, Switching, Wireless), Security (Firewalls, IDS/IPS, VPNs, Angriffe wie DoS/DDoS), Monitoring und Troubleshooting, Scripting (Bash-Automatisierung), Zero Trust, PKI, Vulnerability Management, Incident Response, Forensics, Reconnaissance (OSINT, Nmap), Attacks (Network/Web-Exploits, Privilege Escalation), Post-Exploitation (Persistence)
- Front-Endentwicklung: CSS, HTML, XML, Thymeleaf, Bootstrap, Angular.
- Back-Endentwicklung: Java, C, Spring, SQL, JSON.
- DevOps und Tools: Docker, Kubernetes, Helm, GIT, JetBrains, IDEs, Visual Studio Code, Microsoft Office, Scrum (agiles Projektmanagement).
Sprachen
DeutschMutterspracheEnglischverhandlungssicher
Projekthistorie
● Unterrichten des Moduls Cybersicherheit (~20 Teilnehmer).
● Betreuen von Masterprojekten, sowie Bachelor- und Masterarbeiten im Labor für IT-Sicherheit.
● Forschung zum Thema Incident Detection und Incident Response.
● Betreuen von Masterprojekten, sowie Bachelor- und Masterarbeiten im Labor für IT-Sicherheit.
● Forschung zum Thema Incident Detection und Incident Response.
- Notendurchschnitt: 1,1
- Jahrgangsbester
- Schwerpunkt: IT-Sicherheit
- Master-Theses: Quality Measurement of Detection Rules
- Jahrgangsbester
- Schwerpunkt: IT-Sicherheit
- Master-Theses: Quality Measurement of Detection Rules
Portfolio
33rd USENIX Security
The Lightweight Directory Access Protocol (LDAP) is the standard technology to query information stored in directories. These directories can contain sensitive personal data such as usernames, email addresses, and passwords. LDAP is also used as a central, organization-wide storage of configuration data for other services. Hence, it is important to the security posture of many organizations, not least because it is also at the core of Microsoft's Active Directory, and other identity management and authentication services. We report on a large-scale security analysis of deployed LDAP servers on the Internet. We developed LanDscAPe, a scanning tool that analyzes security-relevant misconfigurations of LDAP servers and the security of their TLS configurations. Our Internet-wide analysis revealed more than 10k servers that appear susceptible to a range of threats, including insecure configurations, deprecated software with known vulnerabilities, and insecure TLS setups. 4.9k LDAP servers host personal data, and 1.8k even leak passwords. We document, classify, and discuss these and briefly describe our notification campaign to address these concerning issues.
https://www.usenix.org/conference/usenixsecurity24/presentation/kaspereit