
Published Security Researcher, Cryptographic Analyst, Penetration Tester and Reverse Engineer
Sydney Area, Australia

Published Security Researcher, Cryptographic Analyst, Penetration Tester and Reverse Engineer
Sydney Area, Australia
Last Updated: 2 July 2008
Christian Heinrich has over twelve years of professional experience and formal training in diverse disciplines of Security ranging from Locksmith, Shot Firer, Body Guard, IT Engineer and Chief Security Officer.
Christian Heinrich has been promoted several times within the Australian Government based on his performance within projects for the Defence and Intelligence Services. By reputation, this lead to several more projects within the Four Major Banks of Australia and other Critical Infrastructure and is regarded as the "Thought Leader" for Security within the Media and Entertainment industry.
Christian Heinrich has presented on both technical security and governance at a number of professional industry forums, including:
• The recent OWASP AppSec Conference in Australia and upcoming OWASP AppSec Conference in New York in October 2008.
• RUXCON 2K5 and RUXCON 2k6.
Christian Heinrich has contributed to numerous security articles in “The Australian” newspaper, online at ZDNet Australia and Computerworld.
Christian Heinrich is the “Organizer” of the Snort NIDS and IPS User Group (SUG) for Australia and New Zealand.
Christian Heinrich has also been selected for the Australian Attorney General’s Trusted Information Sharing Network for Critical Infrastructure Protection – Computer Network Vulnerability Assessment Program (CNVA).
Christian Heinrich has also completed Security Measure Testing for the NSW Government as part of their Contract 2319 – Information Security Products and Services and presented to their internal Security Management Forum.
Christian Heinrich holds multiple Security certifications, including:
• SANS Firewalls, Perimeter Protection and VPNs (GCFW)
• Aruba Wireless Network Certified Associate (ACA)
• CyberGuard Firewall Security Administrator (CFSA)
• Checkpoint Certified Security Engineer (CCSE)
Security Clearances:
- DoD SECRET
- DIMA PROTECTED
- AFP Certificate.
Defense Signals Directorate:
- PSM
- ASCI 33
- Gateway Certication Guide
NSW Government Contract 2319
Peneteration Testing and Vuln. Disclosure:
- CNVA
- OSSTMM
- CVSS
Governance:
- ISO 27001, ISO/IEC AS/NZS 17799, AS 4444, AS 7799
- AS 4360
- COBIT
- PCI DSS
Conducting Media Relations as a result of Incident Response (IR).
Physical Security:
- ASIO T4
- Explosives
- Alarms
- Electronics
Certification, Wireless Intrusion Prevention, 2007 — 2007
Course, Installation and Deployment of an IronPoint Mobility Wireless Network, 2007 — 2007
Certification, Managing and Deploying Riverbed Steelhead Appliances, 2007 — 2007
Security 452, IP Packet Analysis, 2007 — 2007
Security 550, Google Hacking and Defense, 2007 — 2007
Tutorial, Network Incident Response, 2007 — 2007
Taught by Richard Bejtlich during AusCERT2007
Tutorial, Network Forensics, 2007 — 2007
Taught by Richard Bejtlich during AusCERT2007
Masterclass, Network Security, 2007 — 2007
Taught by Richard Bejtlich
Certification, Aruba Certified Technical Sales Engineer, 2006 — 2006
Certificate of Completion, CyberGuard Firewall Security Administration, 2005 — 2005
Qualified for CyberGuard Firewall Security Administration (CFSA)
Certification of Accopmlishment, Enterasys Dragon IDS/IPS Secure Networks Advance Course, 2005 — 2005
Certification, Lucent Security Profesional, 2005 — 2005
Certificate of Completion, Firewalls, Perimeter Protection and VPNs, 2002 — 2002
Qualified for GIAC Certified Firewall Analyst (GCFW) [http://www.giac.org/certifications/security/gcfw.php
Course Completion, Checkpoint VPN Firewall-1 - Management II, 2001 — 2001
Qualified for Checkpoint Certified Security Engineer (CCSE).
Microsoft Certified Professional, Microsoft Certified Systems Engineer, 1999 — 1999
Qualified for Microsoft Certified Systems Engineer (MCSE).
Microsoft Certified Professional, Microsoft Certified Professional, 1999 — 1999
Qualified for Microsoft Certified Professional (MCP).
Microsoft Certified Professional, Microsoft Certified Professional + Internet, 1999 — 1999
Qualified for Microsoft Certified Professional (MCP) + Internet
Certification of Completion, Introduction to Java Programming, 1997 — 1997
Certification of Completion, Java Application Programming, 1997 — 1997
Statement of Attainment, Explosives, 1997 — 1997
Qualified for NSW Powderman's Certificate of Competency for Agricultural Blasting (Class PAA-AGG BLAST-C) and Seismic Blasting (Class PSC-SIESMIC WK-C).
Statement of Attainment, Electronic Security Installers, 1997 — 1997
Qualified for NSW Security License
Certificate, Electronics Technology, 1994 — 1995
IT Security - UNIX, Windows, PERL, Python, Ruby Electronics Cryptoanalysis and Discrete Mathematics Physical Security - Alarms, Locksmithing, Locksport (e.g. TOOOL), Safe Cracking, Body Guarding, Covert Surveillance Self Defense - Boxing, Thai Boxing Game Theory
CitySEC - "EurekaStockadeSEC" (AU) and "BlackSheepSEC" (NZ)
OWASP Individual Member
Feb 2008 - Australia AppSec 2008 Conference - "Google Hacking" and “Application Security Threats Commonly faced by Organisations!” Panel
Foundation Member of Aruba "The Edge" Wireless Network Community [http://edge.arubanetworks.com/about].
RUXCON [www.ruxcon.org.au]:
2K5 - Topic "Defeating Network Intrusion Detection and Prevention"
2K6 - Topic "Common Vulnerability Scoring System (CVSS)"
AISA
June 2000 - Sydney Branch Meeting -"Transport Layer Security - The Negation of the Firewall"
July 2007 - Risk Management SIG - "Common Vulnerability Scoring System"
Security Camp Oz [http://www.securitycampoz.com/] - October 2007 - "Common Vulnerability Scoring System and the Microsoft Severity Matrix"
ACM Computer Security Day [http://www.auscert.org.au/render.html?it=8172] - November 2007 - "Google Hacking"
News Limited - Received Commendation from CEO, John Hartigan and COO, Peter Macourt for Valentine’s Day web portal, generating revenue in excess of 3.5 million dollars.
News Limited - Provided IT Support for Lachlan Murdoch (News Corporation) when in Australia.
AusCERT2007 - Hosted Richard Bejtlich (TaoSecurity) Network Security Masterclass in Sydney
RUXCON 2K6 - Administered Aruba Wireless Network
Technical Certifications:
- CCSE (Checkpoint Firewall-1)
- CCSA (Checkpoint Firewall-1)
- CFSA (CyberGuard Firewall)
- LSP (Lucent Firewall)
- GCFW (SANS GIAC)
- ACA (Aruba Wireless)
- MCSE (Microsoft)
Current Studies
- CWSP (Vendor Agnostic Wireless Security)
- CISSP