Pretzels, Weisswurst and more security

1. February 2019

Raphael Heinlein (left) and Christoph Cierpka (right) talk about usd’s “Munich start-up” and why it’s worth it to become a part of it.

In 2018 you decided to go to Munich for usd. What made you do that?

Christoph Cierpka: I’ve been with usd as a pentester for three and a half years working at the HeroLab Headquarters in Neu-Isenburg. When I heard about the opportunity to join the usd team in Munich last year, the decision wasn’t hard to make. Conquering new grounds backed by usd – that sounded cool and it turned out to be.

Raphael Heinlein: Exactly. Be don’t have stiff routines or responsibilities – how could we, with such a small team. We make decisions ourselves, as a team, and we keep growing with each new challenge. That’s exactly what I wanted, that’s the reason I’m here.

What makes Munich as a usd location special to you?

RH: We enjoy all the advantages of a small business, but we already have the big clients and exciting projects that “real” market newcomers don’t have. And, well, it’s Munich.

CC: Munich with its excellent universities and our local client base is a great location for usd. And working here feels like working for a start-up: We have real responsibility and a lot of freedom to grow and innovate, but with the whole of usd as a support network – what start-up can say that about themselves? The Bavarian way of life is a plus – what can I say, I really like being a part of this.

Do you think your clients in Munich appreciate you being based close to them?

RH: Definitely. As an auditor, I naturally travel a lot for our international projects, but I always sense a special mentality here in Munich. My clients always appreciate me coming to their premises and that makes my work much more enjoyable.

CC: Munich locals like Munich locals. I understand that. We’re just around the corner. Even in my field, penetration testing, where many companies perform their services remotely, my Munich clients appreciate the fact that I am on site to do their security assessments. It means I can answer any questions that may come up directly face-to-face.

How do you work together?

RH: We each have our technical and professional focus. I am an auditor and Christoph is a pentester, but in Munich we work across teams and advise our clients as a unified source. This creates a special bond within the team. We also maintain a direct exchange of knowledge, short communication lines and we have lots of fun together. As far as team events are concerned, for example, Munich is probably the place to be – beer gardens, skiing, hiking and, of course, the Oktoberfest. Okay, the usd Carnival enthusiasts at our Cologne office would probably fight me on this and claim the best party atmosphere for themselves.

CC (Laughing): That’s about right. But, in all seriousness, the dimensions of our projects and assignments regularly require us to team up with colleagues in large project teams across divisions and locations anyways. We aso see each other outside of our project work – not only virtually. At Academy events, our annual Kick-off, our outdoor event or for team workshops. We have a strong team spirit and regular exchange across the entire usd.

In 2018 you already made your first contacts in the Munich academic sphere and cooperated with the Elite Network Bavaria. What exactly did you do?

CC: That’s right, together with the Center for Digital Technology and Management (CDTM), a joint institute of the Ludwig Maximilian University (LMU) and the Technical University of Munich (TUM), we offered a cybersecurity seminar during the winter semester. Maintaining close connections to universities and sharing knowledge is important to us and to usd in general, not only in Munich.

In 2019 you want to build up a Munich team. What kind of reinforcements are you looking for?

RH: Above all, we‘re looking for people who would like to join the “usd@Munich” mission. We‘re looking for people who are interested in the professional aspect of our mission, “more security”, and who would also enjoy the “start-up” character of it all. Be it as a consultant, auditor, pentester – it doesn’t matter. The only thing that matters is that they are excited about IT security and about joining our team.

Why do you think the “usd Munich start-up” is an exciting working environment, with all the competition of large corporations in the area?

CC: Whether you think this is cool or not depends on what kind of person you are. Some people want the structures and clear responsibilities a large corporation has to offer, but that’s just not us. But where else do you get the opportunity to take matters into your own hands, bring your skills and knowledge to the table and work as a “tiny Munich player” for such large clients? So, to all those who are interested in this little adventure: We are looking forward to your applications.

Also interesting:

DORA Countdown: One Month Left Until the Deadline

DORA Countdown: One Month Left Until the Deadline

DORA, the Digital Operational Resilience Act, will fully apply as of 17 January 2025. We have summarized everything you need to know about the EU regulation, preparation and best practices from our news blog.

Sunset of PCI DSS v4.0 on 31 December 2024: Get Ready!

Sunset of PCI DSS v4.0 on 31 December 2024: Get Ready!

PCI DSS v4.0: In March 2024, version 4.0 of the Payment Card Industry Data Security Standard became mandatory after a two-year transition phase. Just a few months later, version 4.0.1 was released as a minor update of the standard, which will become mandatory on...

Top 3 Vulnerabilities in SSO Pentests

Top 3 Vulnerabilities in SSO Pentests

During their penetration tests (pentests), our security analysts at usd HeroLab repeatedly uncover vulnerabilities that pose significant risks to corporate security. They increasingly encounter the same vulnerabilities. Our blog series "Top 3 Vulnerabilities" presents...

Categories

Categories