a Randstad company

Cyber Security Consulting & SOC

Profil
Top-Skills
Cyber Security Incident Management ISMS Incident Response Security Konzepte SOAR SOAR Automation Incident Handling Prozessentwicklung OWASP IT-Grundschutz NIST Use Case MITRE Runbook Playbook SIEM Bot Protection Kill Chain Business Analyse Anforderungsanalyse ISO 27001 agiles Projektmanagement
Verfügbar ab
13.11.2022
Aktuell verfügbar - Der Experte steht für neue Projektangebote zur Verfügung.
Verfügbar zu
100%
davon vor Ort
25%
Einsatzorte

Städte
Frankfurt am Main (+500km) Basel (+200km)
PLZ-Gebiete
Länder
Ganz Deutschland, Österreich, Schweiz



Remote-Arbeit
möglich
Art des Profiles
Freiberufler / Selbstständiger
Der Experte ist als Einzelperson freiberuflich oder selbstständig tätig.

2 Jahre 9 Monate

2020-01

2022-09

Optimization of IT Security Processes

Senior Cyber Security Analyst and Incident Handler Cyber Security Incident Management
Rolle
Senior Cyber Security Analyst and Incident Handler
Projektinhalte
  • Assessment, optimisation and enhancement of IT security incident management and related processes and interfaces

  • Organization of workshops and trainings

Runbooks Optimization

  • Improvement & design of new runbooks and playbooks

Consulting

  • Consulting on information security for business units and projects

Operations

  • Incident Response: conducting or managing incident response investigations, investigating targeted threats

  • Product Ownership

  • Monitoring and assessment of cyber security threats, development of risk position report, development of countermeasures

  • Providers management

  • Vulnerabilities management

Kenntnisse
Cyber Security Incident Management
Kunde
Lufthansa AG
Einsatzort
Frankfurt am Main
1 Jahr 2 Monate

2018-11

2019-12

Design SOC Processes

Consulting Cyber Security Analyst
Rolle
Consulting Cyber Security Analyst
Projektinhalte
  • Design of SOC internal processes and runbooks

  • Interfaces description

SOAR playbooks development

  • SOAR playbooks development

Application Security

  • Definition and documentation of internal security processes

  • Responsible for designing security concepts, defining and documentation of customers? internal processes

  • Successfully leased between customer and business units

  • Monitoring and analyzing potential automated attacks incl. log analysis and implementation of mitigation actions

  • Managing security issues by means of different tools such as WAF (Web Application Firewall), Bot protection, in alignment with business units and vendor

  • Support of penetration tests and of the evaluation of the results

SOC Documentation

  • Optimisation and documentation of SOC internal processes

Kunde
ACCENTURE GmbH
Einsatzort
Kronberg
1 Jahr 4 Monate

2016-10

2018-01

Design and Documentation of IT-Security Concept

IT Technical Expert
Rolle
IT Technical Expert
Projektinhalte
  • Designed IT security concept (BSI IT-Grundschutz)

Operations

  • Implemented device interfaces for integration with the patient data management systems (programming in C++)

  • Responsible for installation and integration of medical devices of different manufacturers in hospitals

  • Provided 3rd level Tech Support for customers

Kunde
Health Information Management GmbH
Einsatzort
Bad Homburg
6 Monate

2016-03

2016-08

Software Testing Project in Pharma

IT Consultant
Rolle
IT Consultant
Projektinhalte
  • Responsible for end to end process design and implementation for the user acceptance testing

  • Organized trainings for 3rd party testing team

  • Managed an external international testing team

  • Tracked, supervised and reported project status to the main project lead

  • Implemented testing automation

Kunde
EXXETA AG
Einsatzort
Frankfurt
3 Jahre 1 Monat

2013-02

2016-02

Software Development

Working Student
Rolle
Working Student
Projektinhalte

Development Time Management Tool

  • Software development of core internal tools, programming of interfaces and bug fixing

  • Administrated of MS SQL Databases

Development Applications Portal

  • Software development

E-commence CRM database integration

  • Project management

  • Technical Consulting

  • Documentation

Operations

  • Bug fixing

  • Implementation of customers requirements

Kunde
CEMA AG
Einsatzort
Mannheim

6 Jahre 1 Monat

2016-10

2022-10

Computer Science (IT Security)

Master, Technische Universität Darmstadt
Abschluss
Master
Institution, Ort
Technische Universität Darmstadt
Schwerpunkt
IT Security (Teilzeit Studium)


1 Monat

2021-08

2021-08

GIAC Certified Incident Handler

GCIH
Institution, Ort
GCIH
1 Monat

2019-07

2019-07

Nozomi Networks Certified Engineer (security of SCADA systems)

1 Monat

2017-03

2017-03

Training Medical Device Consultant

4 Jahre 6 Monate

2011-09

2016-02

Computer Science

Bachelor of Science, Hochschule Worms
Abschluss
Bachelor of Science
Institution, Ort
Hochschule Worms
Schwerpunkt

Thesis gladly on request

1 Jahr 1 Monat

2013-08

2014-08

Deutschlandstipendium

Deutschlandstipendium, Sponsor Grace - GCP Applied Technologies
Abschluss
Deutschlandstipendium
Institution, Ort
Sponsor Grace - GCP Applied Technologies
2 Jahre 1 Monat

2009-09

2011-09

Economics

Universität Mannheim
Institution, Ort
Universität Mannheim
4 Jahre 6 Monate

2004-09

2009-02

Business Administration

Diplom Business Administration, Siberian State University of Consumers? co-operative, Novosibirsk
Abschluss
Diplom Business Administration
Institution, Ort
Siberian State University of Consumers? co-operative, Novosibirsk

German Fluent
English Fluent
Russian Native speaker

Top Skills
Cyber Security Incident Management ISMS Incident Response Security Konzepte SOAR SOAR Automation Incident Handling Prozessentwicklung OWASP IT-Grundschutz NIST Use Case MITRE Runbook Playbook SIEM Bot Protection Kill Chain Business Analyse Anforderungsanalyse ISO 27001 agiles Projektmanagement
Produkte / Standards / Erfahrungen / Methoden
Process Design
Experte
SOAR Automation
Basics
Runbooks Design
Experte
Incident Handling
Fortgeschritten
LogAnalyse
Fortgeschritten
Security Konzepte
Experte

Skills

  • Incident Handling

  • SOAR (Security Orchestration, Automation and Response) tools

  • Standards:

    • OWASP

    • BSI IT-Grundschutz

    • NIST Cyber Security Framework

    • ISO 2700x

  • MITRE ATT&CK, OWASP Top10

  • LogAnalyse:

    • SIEM ElasticSearch

    • Splunk

  • Web Application Security, Web Application Architecture

  • Network protocols, Network Security

  • Botnet and DDoS protection, WAF administration

  • Cryptography:

    • encryption algorithms

    • PKI

  • Tools:

    • Burp Suite

    • Xenu Sleuth

    • Fiddler

    • Jira

    • Confluence

  • Development environments:

    • Visual Studio 2005-2015

    • Eclipse

  • MS-Office

    • Word

    • Excel

    • PowerPoint

    • VISIO

Programmiersprachen
Python
Basics
JavaScript
Basics
Java
Basics
C#
Fortgeschritten
C++
Fortgeschritten

Pharma, Luftfart, Banking, IT


Ihr Kontakt zu Gulp

Fragen? Rufen Sie uns an +49 89 500316-300 oder schreiben Sie uns:

Jetzt bei GULP Direkt registrieren und Freelancer kontaktieren