Since 2012 I have published PKI status updates here, trying to answer the question 'Do you still do PKI?' (or IT). I have re-edited them often, and my responses were erratic - I was in a Schrödinger-cat-like superposition state of different professional identities.
Now and then I still get these questions. Can I answer it finally? I am still in a superposition state - I don't expect the wave-function to break down any time soon. I enjoy this state! But my answer to IT-related requests is most often no.
So yes, I am still 'working with IT' and 'with IT security' professionally. Not necessarily 'in IT'.
I am supporting a few long-term clients with their Windows PKI deployments and related X.509 certificate issues (after having done that for more than 10 years exclusively). Those clients that aren't scared off by my other activities, and clients I had always worked with informally and cordially. But I don't have any strong ties with specific PKI software vendors anymore, and I don't know about latest bugs and issues. So I don't present myself as a Windows PKI consultant to prospects, and I decline especially requests by IT security partner companies who are looking for a consultant to pitch or staff their projects. I am also not interested in replying to Request for Proposals for PKI or identity management and 'offering a solution', competing with other consultants and especially with other companies that have full time stuff doing business development (I hardly did this in my PKI-only time). I am not developing software anymore that might turn into an 'enterprise solution'.
Today I am working 'with IT' more than 'in IT' in the sense that I returned where I came from, as an applied physicist who was initially drawn into IT, armed only with experience in programming software for controlling experimental setups and analyzing my data: I call myself the 'theoretical department' of our small engineering consultancy - I am developing software for handling Big Monitoring Data. I am also tinkering with measurement technology, like connecting a Raspberry Pi to a heat pump's internal CAN bus.
Security is important of course: I have fun with awkward certificates on embedded devices, I sniff and reverse engineer protocols, and I could say I am working with the things in the Internet of Things. But I am not doing large-scale device PKIs or advising the IT departments of major engineering companies: My clients are geeky home owners, and we (the two of us) are planning and implementing our special heat pump system for them. An important part of such projects is monitoring and control.
So every time I feel that somebody is searching for 'a PKI consultant' I am the wrong person. But if somebody stumbles upon my CV or hears my story at full length - and absolutely wants to hire me just because of the combination of this - I might say yes.
But it is no good rationalizing too much: Finally it is a matter of gut feeling; I am spoilt or damaged by our engineering business. Our heat pump clients typically find our blog first - which has been mistaken for a private fun blog by friends. Prospects are either 'deflected' by the blog (and we never hear from them), or they contact us because of the blog's weird style. Having the same sense of humor is the single best pre-requisite for a great collaboration. So whenever I get any other project request, not mediated by a weird website, I try to apply the same reasoning. Years ago I a colleague I had not met before greeted me in the formal kick-off meeting, in front of all others, with: You are the Subversive Element, aren't you? (Alluding to my Alter Ego on subversiv.at). That's about the spirit I am looking for.
Keeping It Short
What is the essence of all websites, blogs and the 'CV'?
- Physicist as per my first degrees. Now I may again call me a Consulting Engineer in Applied Physics. Theoretical physics is still an important hobby of mine.
- As an Engineer I am working on the simulation of heat pump systems.
- IT Security Consultant - that's what I have called myself for more than 10 years. Currently I am interested in the security of smart meters.
- Blogger - at elkement.blog. I have just celebrated my blog's first anniversary.
- 'Settler' - living in the Pannonian Plain in the utmost East of Austria for nearly 15 years now.
- Geek and Subversive Element.
If This Would Be Web 2.0 You Would Call This:
Elke Stangl's Profile
My CV - or my so-called profile in web 2.0 newspeak - can be found in: XING and LinkedIn. Currently my web 2.0 avatar is describing itself as:
I am a physicist running a small company together with my husband. Following Star Trek terminology he is Chief Engineer and I am Science Officer.
I have designed and implemented Public Key Infrastructures (PKI, applied cryptography) for enterprise customers since 2002 and I have phased-out these activities at the 10th anniversary (mid of July 2012) in order to focus on renewable energies.
I am particularly interested in the interfaces between building technology, energy engineering and IT infrastructure ...
... and basically in all of physics, all of the history of science and all of the interdependencies between science and society. Since 2012 I am finally blogging on this at elkement.blog, though I am still also updating my ancient proto-blog-like personal websites (e-stangl.at, radices.net, and subversiv.at). [Voice from the future: All these sites are / are going to be united!]
Why is this in English and the profile in German? Actually, my profile was in English till mid of 2012 as many of business contacts did not speak German. I am also blogging in English - reason to be determined.