I'm Markus Troßbach. I work on complex tech challenges — usually the kind that require both speed of learning and depth of execution. Currently I'm Domain Engineering Lead at Schwarz Digits, focused on security, cloud-native, and platform architecture.

Background

I studied Medical Informatics at Heidelberg University and Heilbronn University, finishing my Master of Science in 2014. During my studies, my interests shifted from medical informatics toward mobile security — specifically iOS, which was the dominant mobile platform at the time and where most security research was happening.

My bachelor's thesis focused on improving system security on iOS 5. I built the successor to the security app Gorilla, which let users control which data apps could access and prevented automatic parsing of PDF and office documents.

My master's thesis explored how to create malware apps that wouldn't be detected by Apple's App Store Review process. The work raised questions about the actual security guarantees of curated app stores — questions that turned out to be relevant for years to come.

Mobile Security Research

During my master's, I worked as a working student at NESO Security Labs, contributing to Snoop-It — a runtime analysis and black-box security assessment tool for iOS apps. Snoop-It worked by retrofitting existing apps at runtime with debugging and tracing capabilities, exposed through a clean web interface.

While working with Snoop-It and doing related research, I discovered several vulnerabilities in Apple's iOS. They were fixed by Apple in iOS 8.0 and iOS 8.3 releases:

• CVE-2014-4361 (iOS 8.0)
• CVE-2014-4362 (iOS 8.0)
• CVE-2015-1113 (iOS 8.3)
• CVE-2015-1115 (iOS 8.3)

The research was published at GI Sicherheit 2014 and featured in c't magazine.

Pioneering Mobile and Cloud at Schwarz

After university, I joined Kaufland (part of the Schwarz Group) in 2014 as a Software Engineer — the first hire dedicated to mobile development. Two colleagues had already been working on mobile topics before the area had an organizational home. Together we built the foundation: build servers, release processes, testing infrastructure, the initial library and service choices. There was no mobile strategy yet, no infrastructure, no precedent.

I co-built the first customer-facing mobile app at Kaufland — and created the company's first App Store account in the process. Around the same time, I designed and operated Kaufland's first cloud-native backend systems on Microsoft Azure with Kubernetes and NoSQL databases. Multi-region deployments, scaling to tens of thousands of requests per second.

In the early days, we had to use private credit cards for Azure subscriptions because cloud procurement didn't exist yet at Schwarz. That detail captures something true about pioneer work: the boring infrastructure problems often come before the interesting technical ones.

Architecture and Engineering Standards

A turning point around 2017 was rewriting the Kaufland App backend in Go on Kubernetes — replacing the Java Enterprise stack that had been in operation. This was the first productive cloud-native application at Kaufland, and Go and Kubernetes later became standard across Schwarz Digits. That work shifted my focus from individual apps to broader architecture and engineering questions, and it opened the door to solution architecture and security advisory roles across multiple products.

In my Senior Software Engineer & Solution Architect role, I contributed to the modernization of Lidl's global merchandise management system, helped define group-wide engineering principles, and shaped the foundational work that would eventually grow into the group-wide developer platform now central to Schwarz Digits' tech strategy.

Today

As Domain Engineering Lead at Schwarz Digits, I architect and drive strategic tech initiatives across security, cloud-native, and platform architecture. My focus is on technical substance and architectural depth — leading multiple engineering teams while personally driving the deeper architectural and strategic work. Current focus areas include platform engineering at group scale and secure communication architecture.

What drives me

Hard problems with small high-performance teams. Fact-based discussion over dogma. Substance over process. Architecture and craft over politics.

I care less about titles and hierarchies than about problems that haven't been solved yet, in domains that haven't been figured out yet, and about working with people who care about getting things right.