Cloud Security Trainings for internal empoyees based on industry Standards and Frameworks, but consider Siemens specific Processes, Policies, Frameworks, Regulations and Requirements from internal and external projects.
· Development of approaches for the elimination of security issues on the basis of protection concepts or results of equivalent asset analyses in compliance with customers rule sets
· Methodical standardization and harmonization (e.g. risks, threats, measures)
· Analysis of risks, threats and measures from data sources and transfer of these into a model for further use in a tool
· Revision and supplementation of questionnaires (e.g. Special networks/infrastructure/network zones/...)
· Presentation, explanation, coordination and implementation of the measures with the customers project team
IT Security program and project management
Evaluation of existing IT Security Capabilities
Definition of the Cyber Security Strategy
Definition and tracking of program and project charters, milestones
Development of Security Architecture
IAM consulting
Cloud migration support
Adaptation of the Enterprise Security infrastructure to legal, regulatory and compliance requirements
Optimization of DevSecOps process
Review and redesign of existing Cyber Security Processes
Simplification of security processes for customers
Comparison of Vulnerability Scanners
Consolidation and Management of customer requirements
Communication with vendors, preparation of RFI and RFP
Result evaluation
Report creation
Development of Cloud IAM Concepts
Security concepts for private and public cloud platforms
IAM related reports for financial audits
IAM Integration of applications with separation of tenants
Consulting for modern Identity Management Solutions
Development of Target Enterprise Security Architecture
Definition of Security Architecture Domain Model and Processes
Consideration of Business Drivers, Security Principies, Goals, Requirements in the Architecture Modell
Coordination with ISO?s of BU?s, CISO, Program Management, Enterprise and Domain architects
Definition of project Charters, Deliverables, Milestones
Bridge from Enterprise Architecture to the Security Architecture, based on TOGAF / SABSA modell
Modeling of Strategic Security Architecture with TOGAF / SABSA
Consideration of Cloud / onPrem Services
Integration of the Cloud Plattform into the Global Security Architecture
Synchronization with Identity Management, Access Management, PKI
Management of external suppliers
Detection of gaps to the target architecture in BU?s
Change of authentication process
Introduction of new authentication and SSO solutions
PoC for different authentication mechanisms
Definition of Rollout-Plan for major changes
Synchronization between different IT Security Stakeholders
Role
Senior IT Security Achitect
Project Lead Security Architecture
Project Lead Simplified User Authentication
IT Security Process optimization
Management and improvement of IT Security related processes
Work with stakeholders to implement IT Security Standards
Coordination of internal & external penetration tests
Definition of Security-Standards for Cloud based applications (AWS, Azure)
Managing of external suppliers
Adaptation of the global security standard
PCI-DSS Compliance
Security Consulting
Data Analytics Plattform, Cloud based IoT operating system (AWS, MS Azure), Migration to the Cloud, multiple smaller projects
Defining and designing security platforms to comply with International Security Standards
Security concept for a Big Data and for a IoT platform with multiple Stakeholders
Support of the management by security questions
Cyber Security Trainings for International Siemens Top Management
Ensure cross-divisional collaboration and coordination with internal departments, the (C)ISOs
Communication and coordination with suppliers
Representing the security requirements in the implementation programs as well as mediating between the requirements and the technically and commercially sensible options
Coordination of off- and nearshore developers
Safety analysis of the products used
Product evaluation in the cloud and on premise
Advising on the implementation of the Security Configuration Guidelines
Review of security concepts
Evaluation of results with regard to the state of the art
Development of tenant separation concepts
Consulting on the evaluation of developed components
Hardening Guidelines for Teradata Data Warehouse, Hortonworks Hadoop, Tibco Spotfire, Tableau, Talend, KNIME Server
Architecture of the central user management (IAM)
Responsibility for the functional and technical architecture and further development of the identity and access management infrastructure (IAM)
Adaptation of corresponding processes with dependence on the Identity and Access Management
Development of a security concept for the streaming architecture.
Security measures to protect the stored, processed and transmitted data, to control data usage, for the secure design and configuration
Integration of components into the platform
Security architecture, code and process reviews for ACP2 projects
Review of the data encryption and integrity (in-rest, in-motion)
Review of the application code responsible for data processing, transfer and storage
Review of the software component configuration responsible for data processing, transfer and storage
Review of the applicability of multitenant deployments
Conceptual design of System- and Security architectures
Product choice and qualification
Requirements Engineering
Costs calculation
Contraction and controlling of development orders
Support of Project management and sales representatives
Technologies trainings and presentations
Design of technical processes and interfaces
Evaluation of tenders and concepts
Analysis of conceptions regarding feasibility
Creation of prototypes and demos
Analysis of Business Processes
Creation of Business- and IT-Concepts
Architecture of Data Migration from Legacy-Systems
Prototype for new Interfaces
Creation of about 35 report templates for different pharmacy receipts with Jasper Reports
Installation and configuration process for the application
Master of Computer Science
Certified Scrum Master
AWS Certified Solutions Architect ? Associate
CISSP - Certified Information Systems Security Professional
CCSK - Certificate of Cloud Security Knowledge
CCAK - Certificate of Cloud Auditing Knowledge
SABSA
Designation as Patent Inventor from European Patent Office
Security Architect, ISO 27001, System Architekt, AWS, IAM, IoT, Cloud Security, Big Data Security, Certified Scrum Master, Enterprise Architecture, Nearshore Development, Integration Specialist, oAuth, OpenID, SAML, Java
Erfahrungen im Bereich
Geschäftsprozeßanalyse
Proof-of-Technology/Concept
Prototyping
Multi Tier Architektur
Fachliche Architektur
Full-Life-Cycle Entwicklung
Technische Projektleitung
Profiling, Last- und Performancetests
Anwendungs- und Systementwicklung
Produktpräsentation
Schulungen
Coaching
Methoden
Objektorientierte Analyse, Design, Implementierung
Datenmodellierung
Patternorientierte Software Architektur
Modularisierung
Lösung der Abhängigkeiten
Skills
Enterprise System- and Software-Architecture
Security Architectures
Cyber Security Concepts
International, multicultural projects
System- and Software Design
Requirements Engineering
Enterprise Java
Banken
Versicherungen
Pharma-Industrie
Medizintechnik
Post
Automobile
Behörden
Telekommunikation
Tourismus
Handel
Call-Center
Industrie
Luftfahrt
Cloud Security Trainings for internal empoyees based on industry Standards and Frameworks, but consider Siemens specific Processes, Policies, Frameworks, Regulations and Requirements from internal and external projects.
· Development of approaches for the elimination of security issues on the basis of protection concepts or results of equivalent asset analyses in compliance with customers rule sets
· Methodical standardization and harmonization (e.g. risks, threats, measures)
· Analysis of risks, threats and measures from data sources and transfer of these into a model for further use in a tool
· Revision and supplementation of questionnaires (e.g. Special networks/infrastructure/network zones/...)
· Presentation, explanation, coordination and implementation of the measures with the customers project team
IT Security program and project management
Evaluation of existing IT Security Capabilities
Definition of the Cyber Security Strategy
Definition and tracking of program and project charters, milestones
Development of Security Architecture
IAM consulting
Cloud migration support
Adaptation of the Enterprise Security infrastructure to legal, regulatory and compliance requirements
Optimization of DevSecOps process
Review and redesign of existing Cyber Security Processes
Simplification of security processes for customers
Comparison of Vulnerability Scanners
Consolidation and Management of customer requirements
Communication with vendors, preparation of RFI and RFP
Result evaluation
Report creation
Development of Cloud IAM Concepts
Security concepts for private and public cloud platforms
IAM related reports for financial audits
IAM Integration of applications with separation of tenants
Consulting for modern Identity Management Solutions
Development of Target Enterprise Security Architecture
Definition of Security Architecture Domain Model and Processes
Consideration of Business Drivers, Security Principies, Goals, Requirements in the Architecture Modell
Coordination with ISO?s of BU?s, CISO, Program Management, Enterprise and Domain architects
Definition of project Charters, Deliverables, Milestones
Bridge from Enterprise Architecture to the Security Architecture, based on TOGAF / SABSA modell
Modeling of Strategic Security Architecture with TOGAF / SABSA
Consideration of Cloud / onPrem Services
Integration of the Cloud Plattform into the Global Security Architecture
Synchronization with Identity Management, Access Management, PKI
Management of external suppliers
Detection of gaps to the target architecture in BU?s
Change of authentication process
Introduction of new authentication and SSO solutions
PoC for different authentication mechanisms
Definition of Rollout-Plan for major changes
Synchronization between different IT Security Stakeholders
Role
Senior IT Security Achitect
Project Lead Security Architecture
Project Lead Simplified User Authentication
IT Security Process optimization
Management and improvement of IT Security related processes
Work with stakeholders to implement IT Security Standards
Coordination of internal & external penetration tests
Definition of Security-Standards for Cloud based applications (AWS, Azure)
Managing of external suppliers
Adaptation of the global security standard
PCI-DSS Compliance
Security Consulting
Data Analytics Plattform, Cloud based IoT operating system (AWS, MS Azure), Migration to the Cloud, multiple smaller projects
Defining and designing security platforms to comply with International Security Standards
Security concept for a Big Data and for a IoT platform with multiple Stakeholders
Support of the management by security questions
Cyber Security Trainings for International Siemens Top Management
Ensure cross-divisional collaboration and coordination with internal departments, the (C)ISOs
Communication and coordination with suppliers
Representing the security requirements in the implementation programs as well as mediating between the requirements and the technically and commercially sensible options
Coordination of off- and nearshore developers
Safety analysis of the products used
Product evaluation in the cloud and on premise
Advising on the implementation of the Security Configuration Guidelines
Review of security concepts
Evaluation of results with regard to the state of the art
Development of tenant separation concepts
Consulting on the evaluation of developed components
Hardening Guidelines for Teradata Data Warehouse, Hortonworks Hadoop, Tibco Spotfire, Tableau, Talend, KNIME Server
Architecture of the central user management (IAM)
Responsibility for the functional and technical architecture and further development of the identity and access management infrastructure (IAM)
Adaptation of corresponding processes with dependence on the Identity and Access Management
Development of a security concept for the streaming architecture.
Security measures to protect the stored, processed and transmitted data, to control data usage, for the secure design and configuration
Integration of components into the platform
Security architecture, code and process reviews for ACP2 projects
Review of the data encryption and integrity (in-rest, in-motion)
Review of the application code responsible for data processing, transfer and storage
Review of the software component configuration responsible for data processing, transfer and storage
Review of the applicability of multitenant deployments
Conceptual design of System- and Security architectures
Product choice and qualification
Requirements Engineering
Costs calculation
Contraction and controlling of development orders
Support of Project management and sales representatives
Technologies trainings and presentations
Design of technical processes and interfaces
Evaluation of tenders and concepts
Analysis of conceptions regarding feasibility
Creation of prototypes and demos
Analysis of Business Processes
Creation of Business- and IT-Concepts
Architecture of Data Migration from Legacy-Systems
Prototype for new Interfaces
Creation of about 35 report templates for different pharmacy receipts with Jasper Reports
Installation and configuration process for the application
Master of Computer Science
Certified Scrum Master
AWS Certified Solutions Architect ? Associate
CISSP - Certified Information Systems Security Professional
CCSK - Certificate of Cloud Security Knowledge
CCAK - Certificate of Cloud Auditing Knowledge
SABSA
Designation as Patent Inventor from European Patent Office
Security Architect, ISO 27001, System Architekt, AWS, IAM, IoT, Cloud Security, Big Data Security, Certified Scrum Master, Enterprise Architecture, Nearshore Development, Integration Specialist, oAuth, OpenID, SAML, Java
Erfahrungen im Bereich
Geschäftsprozeßanalyse
Proof-of-Technology/Concept
Prototyping
Multi Tier Architektur
Fachliche Architektur
Full-Life-Cycle Entwicklung
Technische Projektleitung
Profiling, Last- und Performancetests
Anwendungs- und Systementwicklung
Produktpräsentation
Schulungen
Coaching
Methoden
Objektorientierte Analyse, Design, Implementierung
Datenmodellierung
Patternorientierte Software Architektur
Modularisierung
Lösung der Abhängigkeiten
Skills
Enterprise System- and Software-Architecture
Security Architectures
Cyber Security Concepts
International, multicultural projects
System- and Software Design
Requirements Engineering
Enterprise Java
Banken
Versicherungen
Pharma-Industrie
Medizintechnik
Post
Automobile
Behörden
Telekommunikation
Tourismus
Handel
Call-Center
Industrie
Luftfahrt
"Der Consultant verfügt über ein Experten-Wissen im Bereich J2EE. Er hat unser Projektteam maßgeblich bei der Erstellung der Architektur sowie bei der Entwicklung unterstützt. Dank seinem professionellen Einsatz konnte das Projekt termingerecht abgeschlossen werden. Wir würden uns freuen, mit dem Consultant in Zukunft in weiteren Projekten zusammen arbeiten zu können."
— Projekt Intranet-Anwendung auf J2EE-Basis, 09/01 - 01/02
Referenz durch Projektleiter bei IT-Dienstleister einer Landesverwaltung (ca. 600 MA),
vom 27.04.05
"Der Consultant zeichnete sich in diesem Projekt durch seine fachliche und sozial Kompetenz aus. Dank seiner Mithilfe, speziell bei der Integration der Security konnte das Projekt erfolgreich abgeschlossen werden. Durch seine vertieften J2EE-Kenntnisse konnte er auch die restlichen Teammitglieder voranbringen."
— Projekt Integration mehrerer Anwendungen zu einem ServiceCenter, 12/00 - 04/01
Referenz durch Integration Manager bei Versicherungskonzern mit rund 700 IT-MA vom 01.04.05