a Randstad company

Security Architekt, ISO 27001, System Architekt, AWS, Cloud Security, IoT, Big Data Security, Enterprise Architektur, Team Lead, Project coordination

Profil
Referenzen (2)

"Der Consultant verfügt über ein Experten-Wissen im Bereich J2EE. Er hat unser Projektteam maßgeblich bei der Erstellung der Architektur sowie bei der Entwicklung unterstützt. Dank seinem professionellen Einsatz konnte das Projekt termingerecht abgeschlossen werden. Wir würden uns freuen, mit dem Consultant in Zukunft in weiteren Projekten zusammen arbeiten zu können."

— Projekt Intranet-Anwendung auf J2EE-Basis, 09/01 - 01/02
Referenz durch Projektleiter bei IT-Dienstleister einer Landesverwaltung (ca. 600 MA),
vom 27.04.05

"Der Consultant zeichnete sich in diesem Projekt durch seine fachliche und sozial Kompetenz aus. Dank seiner Mithilfe, speziell bei der Integration der Security konnte das Projekt erfolgreich abgeschlossen werden. Durch seine vertieften J2EE-Kenntnisse konnte er auch die restlichen Teammitglieder voranbringen."

— Projekt Integration mehrerer Anwendungen zu einem ServiceCenter, 12/00 - 04/01
Referenz durch Integration Manager bei Versicherungskonzern mit rund 700 IT-MA vom 01.04.05
Top-Skills
IT Security Architektur, IT Security Consulting Projektmanagement Security Konzepte Strategie IT-Sicherheitsarchitektur SABSA TOGAF IT Security Consulting
Verfügbar ab
15.12.2022
Aktuell verfügbar - Der Experte steht für neue Projektangebote zur Verfügung.
Verfügbar zu
100%
davon vor Ort
80%
Einsatzorte

Städte
München (+500km)
PLZ-Gebiete
Länder
Ganz Deutschland
Remote-Arbeit
möglich
Art des Profiles
Freiberufler / Selbstständiger
Der Experte ist als Einzelperson freiberuflich oder selbstständig tätig.

1 Jahr 11 Monate

2021-01

heute

IT Security

IT Security Program Manager/ Senior IT Security Architect
Rolle
IT Security Program Manager/ Senior IT Security Architect
Projektinhalte
  • IT Security program and project management

  • Evaluation of existing IT Security Capabilities

  • Definition of the Cyber Security Strategy

  • Definition and tracking of program and project charters, milestones

  • Development of Security Architecture

  • IAM consulting

  • Cloud migration support

  • Adaptation of the Enterprise Security infrastructure to legal, regulatory and compliance requirements

  • Optimization of DevSecOps process

  • Review and redesign of existing Cyber Security Processes

  • Simplification of security processes for customers

Kunde
ZF Friedrichshafen AG
1 Jahr 11 Monate

2021-01

heute

Teaching assignment

Trainer for Cloud Security
Rolle
Trainer for Cloud Security
Projektinhalte

Cloud Security Trainings for internal empoyees based on industry Standards and Frameworks, but consider Siemens specific Processes, Policies, Frameworks, Regulations and Requirements from internal and external projects.

Kunde
Siemens AG
5 Monate

2020-07

2020-11

IT Security

Senior IT Security Consultant
Rolle
Senior IT Security Consultant
Projektinhalte
  • Comparison of Vulnerability Scanners

  • Consolidation and Management of customer requirements

  • Communication with vendors, preparation of RFI and RFP

  • Result evaluation

  • Report creation

Kunde
Siemens AG
4 Monate

2020-03

2020-06

Identity & Access Management

Expert Identity & Access Management
Rolle
Expert Identity & Access Management
Projektinhalte
  • Development of Cloud IAM Concepts

  • Security concepts for private and public cloud platforms

  • IAM related reports for financial audits

  • IAM Integration of applications with separation of tenants

  • Consulting for modern Identity Management Solutions

Kunde
FI-TS (Finanz Informatik Technologie Service)
7 Monate

2019-09

2020-03

Development of Target Enterprise Security Architecture

various
Rolle
various
Projektinhalte
  • Development of Target Enterprise Security Architecture

  • Definition of Security Architecture Domain Model and Processes

  • Consideration of Business Drivers, Security Principies, Goals, Requirements in the Architecture Modell

  • Coordination with ISO?s of BU?s, CISO, Program Management, Enterprise and Domain architects

  • Definition of project Charters, Deliverables, Milestones

  • Bridge from Enterprise Architecture to the Security Architecture, based on TOGAF / SABSA modell

  • Modeling of Strategic Security Architecture with TOGAF / SABSA

  • Consideration of Cloud / onPrem Services

  • Integration of the Cloud Plattform into the Global Security Architecture

  • Synchronization with Identity Management, Access Management, PKI

  • Management of external suppliers

  • Detection of gaps to the target architecture in BU?s

  • Change of authentication process

  • Introduction of new authentication and SSO solutions

  • PoC for different authentication mechanisms

  • Definition of Rollout-Plan for major changes

  • Synchronization between different IT Security Stakeholders

Role

  • Senior IT Security Achitect

  • Project Lead Security Architecture

  • Project Lead Simplified User Authentication

Kunde
Lufthansa Group
Einsatzort
Frankfurt am Main
7 Monate

2019-02

2019-08

IT-Security, Governance & Compliance

IT Security Project Coordinator
Rolle
IT Security Project Coordinator
Projektinhalte
  • IT Security Process optimization

  • Management and improvement of IT Security related processes

  • Work with stakeholders to implement IT Security Standards

  • Coordination of internal & external penetration tests

  • Definition of Security-Standards for Cloud based applications (AWS, Azure)

  • Managing of external suppliers

  • Adaptation of the global security standard

  • PCI-DSS Compliance

  • Security Consulting

Kunde
WireCard AG
Einsatzort
Aschheim
4 Jahre 1 Monat

2015-01

2019-01

Migration to the Cloud, multiple smaller projects

Security Architect
Rolle
Security Architect
Projektinhalte

Data Analytics Plattform, Cloud based IoT operating system (AWS, MS Azure), Migration to the Cloud, multiple smaller projects

  • Defining and designing security platforms to comply with International Security Standards

  • Security concept for a Big Data and for a IoT platform with multiple Stakeholders

  • Support of the management by security questions

  • Cyber Security Trainings for International Siemens Top Management

  • Ensure cross-divisional collaboration and coordination with internal departments, the (C)ISOs

  • Communication and coordination with suppliers

  • Representing the security requirements in the implementation programs as well as mediating between the requirements and the technically and commercially sensible options

  • Coordination of off- and nearshore developers

  • Safety analysis of the products used

  • Product evaluation in the cloud and on premise

  • Advising on the implementation of the Security Configuration Guidelines

  • Review of security concepts

  • Evaluation of results with regard to the state of the art

  • Development of tenant separation concepts

  • Consulting on the evaluation of developed components

  • Hardening Guidelines for Teradata Data Warehouse, Hortonworks Hadoop, Tibco Spotfire, Tableau, Talend, KNIME Server

  • Architecture of the central user management (IAM)

  • Responsibility for the functional and technical architecture and further development of the identity and access management infrastructure (IAM)

  • Adaptation of corresponding processes with dependence on the Identity and Access Management

  • Development of a security concept for the streaming architecture.
    Security measures to protect the stored, processed and transmitted data, to control data usage, for the secure design and configuration

  • Integration of components into the platform

  • Security architecture, code and process reviews for ACP2 projects

  • Review of the data encryption and integrity (in-rest, in-motion)

  • Review of the application code responsible for data processing, transfer and storage

  • Review of the software component configuration responsible for data processing, transfer and storage

  • Review of the applicability of multitenant deployments

Kunde
Siemens AG, Corporate Technology
2 Jahre 6 Monate

2012-06

2014-11

Security projects (ID/ Passport/ Visa/ Health Lifecycle Systems)

Technical Project Manager for Security Projects
Rolle
Technical Project Manager for Security Projects
Projektinhalte
  • Planning, management and implementation of activities in international security projects in architecture, and IT implementation
  • Project management and monitoring of milestones to ensure a timely and smooth transfer system (hardware, software, IT and network technology) to the customer
  • Coordination of project activities internally, customers and subcontractors
  • Support marketing and product management with system architecture of international identification projects in Government
  • Acquisition of technical customer requirements and incorporation into the overall solution
  • Technical advice and clarification along with the local sales team, if necessary, on-site
  • Creation of job specifications and tender and the technical solution with the assistance of the relevant contact
Kunde
Giesecke & Devrient GmbH (now: Veridos GmbH)
1 Jahr 2 Monate

2011-04

2012-05

Multi Channel Booking Tool

Business Analyst, Scrum Master, Technical Owner
Rolle
Business Analyst, Scrum Master, Technical Owner
Projektinhalte
  • Teamlead
  • Software Architecture and Design
  • Interface Design
  • Coaching of Nearshore Developers
  • Requirements Engineering
  • Process analysis and definition
  • Technical consulting for the Business Department
  • Processing of project tenders
Kunde
Payback GmbH, Transactional Marketing System
3 Jahre 3 Monate

2008-01

2011-03

Government Solutions

System Architect
Rolle
System Architect
Projektinhalte
  • Conceptual design of System- and Security architectures

  • Product choice and qualification

  • Requirements Engineering

  • Costs calculation

  • Contraction and controlling of development orders

  • Support of Project management and sales representatives

  • Technologies trainings and presentations

  • Design of technical processes and interfaces

  • Evaluation of tenders and concepts

  • Analysis of conceptions regarding feasibility

  • Creation of prototypes and demos 

Kunde
Giesecke & Devrient GmbH (now: Veridos GmbH)
6 Monate

2007-06

2007-11

Online-Banking, Brokerage, Financial Status

Architect, Lead developer
Rolle
Architect, Lead developer
Projektinhalte
  • Application Architecture
  • Analysis of business requirements
  • Design of the target architecture
  • Integration of Backend systems
  • Integration of external data suppliers
  • Implementation of some Use Cases
  • Installation and Configuration of Cluster Environment
  • Realization of multi-client capability
  • Unit- and Integration tests
Kunde
Software Company for DAB Bank AG
1 Jahr 1 Monat

2006-06

2007-06

Analysis of Business Processes

Software Architect/ Developer (Java stack)
Rolle
Software Architect/ Developer (Java stack)
Projektinhalte
  • Analysis of Business Processes

  • Creation of Business- and IT-Concepts

  • Architecture of Data Migration from Legacy-Systems

  • Prototype for new Interfaces

  • Creation of about 35 report templates for different pharmacy receipts with Jasper Reports

  • Installation and configuration process for the application

Kunde
VSA GmbH (now: NOVENTI HealthCare)
8 Monate

2005-11

2006-06

Enterprise Resource Planning System

Architect/ Developer (Java stack)
Rolle
Architect/ Developer (Java stack)
Projektinhalte
  • Analysis, Design, Implementation, Integration
  • Integration of the automatic Update-Service
  • Redesign of some components
  • Communication and clarification with product specialists
Kunde
Health Care (VSA GmbH)
5 Monate

2005-07

2005-11

Frontend for Callcenter-Application

Software Architect for Multi Channel Integration
Rolle
Software Architect for Multi Channel Integration
Projektinhalte
  • Load-Balancing
  • Coordination with Middleware
  • Refactoring
  • Code-Review
  • Scalability
  • Performance-Optimization
  • Session-Level Failover
  • Guideline-Construction
Kunde
Call-Center (Postbank)
3 Jahre

2002-07

2005-06

Money Transfer, Cash Desk, Client-module, Self-service-Desk, Sign Control System

Software Architect
Rolle
Software Architect
Projektinhalte
  • Analysis, Design, Architecture Consulting, Coaching
  • Design of central Error Management
  • Communication with Framework-Developers
  • Communication with Product-Management
  • Dependencies- and Deployment concepts
  • Code-Review
  • Style Guide & Coding Conventions
  • Creation of Metrics for Quality Assurance
  • Design of Requirements
  • Design and Implementation of Mainframe Enabler
  • Modell generation
  • Integration of a Competence System
  • Integration with other applications
  • Profiling, Performance optimization
  • Support for Developers
  • Documentation
  • Integration of Online Help for Users
Kunde
Fiducia IT AG, IT Service Provider for VR Banks
6 Monate

2002-01

2002-06

Intranet-Portal

Software Architect
Rolle
Software Architect
Projektinhalte
  • Connection of approx. 6000 clients worldwide
  • Application Architecture
  • Personalizable Navigation
  • Design of Web components
  • Personalizable CMS (person specific Data and Documents)
  • Black-Board
  • Email-Notification

 

Kunde
Consumer Tracking
4 Monate

2001-09

2001-12

Information System for Project Management in Ministries

Coach
Rolle
Coach
Projektinhalte
  • Application Architecture with J2EE
  • Developer coaching for J2EE
  • POC-Development
  • Developer Coaching
  • Know-How Transfer
  • DB-Design
  • Development of Access Management
Kunde
Public Administration
4 Monate

2001-05

2001-08

Security Integration

Projektinhalte
  • Architecture of Single Sign On
  • Integration of LDAP-Server
  • Integration of proprietary Security-Server
  • Support for RSA Password-Tokens
  • Integration of Web Logic-Security Realm
  • Integration of multiple J2EE Server Instances
  • Secure Forwarding of Security-Context to other Applications
  • Automatic Logon
Kunde
SwissLife AG
Einsatzort
Switzerland
8 Monate

2000-09

2001-04

Service-Center

Software Architect
Rolle
Software Architect
Projektinhalte
  • Integration of several Call-Center applications to one
  • Service-Center System for all Classes and Languages
  • Integration of multiple Host-Systems
  • Integration of Tuxedo
  • Deasign of a central Client-Application

 

Kunde
SwissLife AG
Einsatzort
Switzerland
4 Monate

2000-05

2000-08

Development of a CMS-bases News Portals

Software Architect, Developer
Rolle
Software Architect, Developer
Projektinhalte
  • Import of News from Reuters in batch mode in XML Format
  • XML-Interfaces for other news provider
  • Interface for Editors
  • Automatic categorization of News
  • Saving in Database in virtual Repositories
  • Approve-Concept for confirming
  • Automatic accentuation of high priority News.
  • Protocol function
  • Personalization of the Start Page for users
  • Automatic Language Separation, Internationalization
  • Full text Search over all News
Kunde
Swiss Post
Einsatzort
Switzerland
3 Monate

2000-02

2000-04

Online-Site for several Classes of Insurance

Coach
Rolle
Coach
Projektinhalte
  • Introduction of J2EE Application Server
  • Development of own Session-Management
  • Central Framework for common functionalities
  • Performance-Tuning
  • Integration of external Data Sources
  • Consulting

 

Kunde
Insurance Software

  • Master of Computer Science

  • Certified Scrum Master

  • AWS Certified Solutions Architect ? Associate

  • CISSP - Certified Information Systems Security Professional

  • CCSK - Certificate of Cloud Security Knowledge

  • CCAK - Certificate of Cloud Auditing Knowledge

  • Designation as Patent Inventor from European Patent Office

Security Architect, ISO 27001, System Architekt, AWS, IAM, IoT, Cloud Security, Big Data Security, Certified Scrum Master, Enterprise Architecture, Nearshore Development, Integration Specialist, oAuth, OpenID, SAML, Java

Deutsch fließend
Englisch fließend
Russisch Muttersprache

Top Skills
IT Security Architektur, IT Security Consulting Projektmanagement Security Konzepte Strategie IT-Sicherheitsarchitektur SABSA TOGAF IT Security Consulting
Produkte / Standards / Erfahrungen / Methoden

Erfahrungen im Bereich

  • Geschäftsprozeßanalyse

  • Proof-of-Technology/Concept

  • Prototyping

  • Redesign, Refactoring und Reengineering

  • Multi Tier Architektur

  • Fachliche Architektur

  • Full-Life-Cycle Entwicklung

  • Technische Projektleitung

  • Profiling, Last- und Performancetests

  • Anwendungs- und Systementwicklung

  • Produktpräsentation

  • Schulungen

  • Coaching

Methoden

  • Objektorientierte Analyse, Design, Implementierung

  • Datenmodellierung

  • Patternorientierte Software Architektur

  • Modularisierung

  • Lösung der Abhängigkeiten

Spezialkenntnisse

  • J2EE 1.2, 1.3

  • Novell exteNd Application Server, exteNd Director, exteNd Composer

  • BEA WebLogic, Websphere, JBoss

  • Together, MID Innovator, ErWin, Rational Rose

  • OOA, OOD, UML

  • Frameworks

  • EJB, JMS, JNDI, JTA, JCA

  • JDBC

  • RMI/IIOP, Corba, TCP/IP, JRMP

  • JSP, Servlet, Portlets

  • Applets

  • Java Web Start

  • Web Services, SOAP, UDDI

  • JFC, Swing

  • Struts

  • Ant

  • XML/XSL, DTD

  • log4J

  • JProbe Profiler/Threadalyzer, OptimizeIt,

  • PVCS, CVS, Clearcase

  • JUnit

  • Content Management Systeme (CMS)

  • Eclipse, JBuilder, NetBeans, Forte4J

  • Autonomy, Fulcrum

Skills

  • Enterprise System- and Software-Architecture

  • Security Architectures

  • Cyber Security Concepts

  • International, multicultural projects

  • System- and Software Design

  • Requirements Engineering

  • Enterprise Java

Betriebssysteme
MS-DOS SUN OS, Solaris Unix Windows
Programmiersprachen
4th Dimension Basic C C++ Delphi Java JavaScript Pascal TeX, LaTeX
Datenbanken
4th Dimension Access Adabas B-Tree DAO DB2 Informix JDBC MS SQL Server Object Store ODBC Oracle POET Progress SQL Sybase versant, artbase
Datenkommunikation
CORBA Ethernet Fax Internet, Intranet ISDN LAN, LAN Manager PC-Anywhere SMTP SNMP TCP/IP Windows Netzwerk Winsock X.400 X.25 X.225 X.75...
Hardware
Data General Drucker HP SUN VAX

  • Banken

  • Versicherungen

  • Pharma-Industrie

  • Medizintechnik

  • Post

  • Automobile

  • Behörden

  • Telekommunikation

  • Tourismus

  • Handel

  • Call-Center

  • Industrie

Ihr Kontakt zu Gulp

Fragen? Rufen Sie uns an +49 89 500316-300 oder schreiben Sie uns:

Jetzt bei GULP Direkt registrieren und Freelancer kontaktieren