Dr. Anatoli Kalysch

I'm a

About

I'm an IT security professional with a Ph.D. in computer science and a solid background in economics with a strong ability to lead, coach, and develop teams. I currently work as the Senior Information Security Officer at Taurus SA in Geneva. Before this, I served as a security researcher at the IT Security Infrastructures Lab at Friedrich-Alexander University in Erlangen-Nuremberg, and as the Chief Information Security Officer at Deutsche Bahn Connect GmbH. Additionally, I currently give lectures on mobile application security and an introduction to cybersecurity at the Baden-Wuerttemberg Cooperative State University (DHBW) in Mannheim. I am most passionate about information security and its ever-evolving threat landscape, which in my opinion is one of the biggest challenges companies face nowadays. Over the past years, I have worked with many key technologies, namely IoT, mobile, and serverless computing, specializing in security assessments and information security audits, to help companies and organizations address their unique threat landscapes. My deep dives into these technologies and several security frameworks resulted in a vast knowledge pool and project experience in IT security-related topics and the ability to communicate core concepts to most target groups due to my startup and public speaking experience.

IT Security Frameworks and Technologies

The following keyword list provides a short excerpt of the frameworks and technologies I have worked with in recent years.

  • ISMS: ISO 27001:2022, BSI IT Grundschutz, DB RRiL 114.02ff.
  • Incident Response: NIST SP 800-61, SANS
  • Security Assessment: OWASP, MITRE ATT&CK, ISO 27001 Audit, IRAM2
  • Certifications: CISSP, CISM
  • Security Areas: Mobile (Android and iOS), Web, AWS & Azure
  • Reverse Engineering: x86/x64, dex bytecode, WASM
  • Security Testing: Mobile Apps, Web Apps, API (REST & SOAP), Cloud Infrastructures
  • Security Tools: Wireshark, Burp, Nmap, Nessus, IDA Pro, angr, manticore, Mobile Development SAST, DAST, and IAST Pipelines

Resume

Professional Experience (excerpt)

Senior Information Security Officer

2023 - Present

Taurus SA, Geneva, Switzerland

  • Ensure compliance with ISO 27001:2022 and other security standards for internal processes, third-party management and in-house development.
  • Orchestrate the convergence of cybersecurity measures with business objectives, strategically investing in solutions that secure vital assets and reduce risk exposure.
  • Continuously improve security policies, processes and operations to match global standards and organizational goals, and implement a maturity model for the organisation reflecting its security strategy.
  • Manage the vulnerability management programme and the integration of Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) within development pipelines to enhance software security.

Chief Information Security Officer

2020 - 2023

DB Connect GmbH, Frankfurt am Main, Germany

  • Guide the design, development and deployment of secure technical architectures and organization processes to build organizational capabilities and ensure compliance with international information security standards.
  • Drive business and cyber risk strategy alignment to manage risk through value investments, thereby protecting business assets through an understanding of the threat landscape and an effectively managed cyber risk program.
  • Management and continuous improvement of the organization's security policies, information security operations, and security-relevant communication policies.
  • Management of internal IT security assessments and incident response procedures.

Information Technology Security Consultant

2018 - 2020

Self-employed Freelancer, Erlangen, Germany

  • Security assessments and penetration testing on mobile applications and system back-ends with a focus on Android and iOS applications, as well as REST and SOAP back-ends.
  • I worked alone, as well as with other industry experts on projects from the fintech, automotive, and critical infrastructure sectors which required deep understanding of application and network security, and familiarity with the ISO 27001 and NERC CIP standards.
  • I conducted expert workshops with developers and incident response specialists focusing on penetration testing and forensic incident response scenarios, among others for the German Federal Police.

Co-Founder & Data Scientist & Serverless Security Architect

2019 - 2020

Talos Insights, Nuremberg, Germany

  • TALOS Insights extracts openly available company information and leverages reinforcement learning and natural language processing to analyze found data points and minimize manual effort for market analysts.
  • I handled the business model design, funding, and customer acquisition, securing two successful funding applications, including the EXIST Gründerstipendium (roughly 100,000 EUR), and attracted three initial mid-sized company customers.
  • Additionally, I was responsible for the natural language processing routines we applied during our analysis pipelines, working with techniques from the fields of information extraction: knowledge base population, semi-structured information extraction as well as audio extraction.
  • Lastly, my responsibilities covered the serverless architecture including the deployment of the service infrastructure utilizing Docker and several AWS stacks (including Lambda, EC2, ECS, Route 53, S3, CloudFront, RDS, ElastiCache, IAM), focusing on high-availability and auto-scaling.

Education (excerpt)

Doctor of Engineering in Computer Science

2016 - 2020

Friedrich-Alexander University Erlangen-Nürnberg, Erlangen, Germany

With additional research stays abroad at:

San Jose State University, San Jose, USA

Universidade Federal do Paraná, Curitiba, Brazil

  • While working as a Ph.D. researcher I focused on app security and malware analysis, especially app hardening solutions against reverse engineering, UI security mechanisms, back-end security, and automated vulnerability screening, e.g., fuzzing and vulnerability scanners.
  • In parallel, I also worked as a teaching assistant for courses in “Reverse Engineering”, “IT Forensics”, and “Incident Response”, conveying complex scenarios and techniques to Bachelor’s and Master’s students.
  • During this time I had to familiarize myself with many industry standards in IT security, e.g., ISO 27001, OWASP, and ITIL, and leading analysis tools used in penetration testing & forensic analysis, like IDA Pro, Wireshark, Burp Suite, and the Nessus Vulnerability Scanner.
  • My research resulted in more than ten publications, my successful participation in bug bounty programs, among others Google's bug bounty program, and a more secure and transparent mobile ecosystem we use every day.

Doctoral thesis: Android Application Hardening: Attack Surface Reduction and IP Protection Mechanisms

Visiting Researcher Cybersecurity

2019

Universidade Federal do Paraná, Curitiba, Brazil

  • Research project: Security assessment of mobile solutions and back-end security of Brazils four major banks.
  • The project resulted in several design flaws and vulnerabilities that were responsibly disclosed and the publication “The internet banking [in] security spiral: Past, present, and future of online banking protection mechanisms.” which was published and presented at the 14th International Conference on Availability, Reliability and Security 2019.

Master of Science in Computer Science

2014 - 2016

Friedrich-Alexander University Erlangen-Nürnberg, Erlangen, Germany

  • Major focus: IT security & cryptography, software development & architectures, distributed systems & cloud computing.
  • During my Masters I participated in IT security capture the flag events, gaining expertise in diverse IT security areas, especially about internals of operating systems based on UNIX, several exploit techniques and program analysis.

Master Thesis: Dynamic Deobfuscation of Virtualization-based Packed Binaries