Projects

• Implemented NIST Fisma 800 - 53 control objectives in preparation for upcoming audit (HIAS)
• Audited Microsoft O365 Organisation on-site at the Microsoft Campus in Redmond, U.S., according to selected BSI-C5 criteria; reported and presented the results to more than 80 customers from the insurance industry (DCSO)
• Audited a cloud product from Deloitte at Volkswagen in Wolfsburg according to own ISA criterias (DCSO)
• Audited Google, Atlassian, FireEye, Dassault, Tenable, Zscaler, AWS and others according to own ISA criteria (DCSO)
• Audited ISMS and network infrastructure of a mining company in Germany (DCSO)
• Supported an audit of a financial institution according to ECB criteria; audited vulnerability management, logging & monitoring and penetration testing (Deloitte)
• Developed IT Governance policies and procedures (HIAS)
• Devoloped IT Governance policies and procedures according to ISO 27001, 27002 for a public entity in Vienna (Deloitte)
• Responsible for vulnerability management in an IT infrastructure of about 150 assets, providing monthly statistics to the U.S. Department of State (HIAS)
• Responsible for incident response management in an IT infrastructure of about 150 assets (HIAS)
• Assessed Active Directory security for a mining company in Graz (Deloitte)
• Lead a wifi penetration test in an hospital in Vienna (Deloitte)
• Conducted a Pentest on Wordpress; asset discovery, enumeration, testing of plugins, testing RESTAPI, reporting (DCSO)
• Participated in a Pentest of a chemical plant; preparation, asset discovery; testing servers and reverse proxies (DCSO)
• Wrote a research paper about IT security risks of ChatGPT including examination of the backend technology, database architecture and data privacy measures (DCSO)

Expertises

Information Security Frameworks, IT Governance, Audits

• IT security regulations and frameworks including NIST Fisma 800 - 53, ISO 27001, 27002, NIS2 and cloud security frameworks, such as BSI-C5, SOC2, FedRAMP, TISAX
• Development and implementation of IT Governance policies and procedures
• Auditing technical and organizational requirements of cloud services (e.g. database architecture, session management, authentication, secure software development, cryptography, vulnerability and incident management, ISMS, risk management, identity and access management, business continuity, service supplier management and other domains

Vulnerability management

• Managing, detecting and remediating vulnerabilities with InsightVM, Nessus, Nmap, Burp Suite, Metasploit Framework and customized tools
• Deployment, management and troubleshooting of on-premise vulnerability management solutions
• Configuration of scan engines and firewalls for active and authenticated scanning as well as fixing performance and network issues
• Remediation of vulnerabilities in web applications, network infrastructure, endpoints and remediation of cryptographic misconfigurations

Offensive security

• Knowledge of common open source offensive security tools and frameworks under Linux and Windows
• Knowledge of security assessment and penetration testing processes (e.g. reconnaissance, network penetration testing, testing of servers and web applications)
• Advanced knowledge of wifi penetration testing including setup of test environment and password cracking
• Knowledge of web application penetration testing with Burp Suite, Nessus and customized tools
• Knowledge of Windows and Active Directory security and common attack paths
• Testing of vulnerabilities and exploits in sandboxed environments
• Scripting with Powershell, bash, Python

Security operations

• Monitoring of Windows infrastructure with common SIE
• Configuring security alerts and triage of security incide
• Analysis of malware and phishing attempts
• Security administration of IT infrastructure including W loT devices and endpoints
• Powershell scripting for administrative tasks

Penetration testing

• Lead a wifi penetration test in an hospital in Vienna; setting up test environment and toolset; password cracking; reporting (Deloitte)
• Participated in a pentest of a chemical plant in Germany; preparation, asset discovery; testing servers and reverse proxies (DCSO)
• Conducted a pentest on Wordpress for a human rights organization in Germany; asset discovery, enumeration, testing of plugins, testing REST-API, reporting (DCSO)
• Tested IoT devices (CCTV, switches, alarm boxes) within the network infrastructure (HIAS)
• Performed Active Directory assessments and account audits (HIAS)

Incident response

• Monitored Windows infrastructure with Log360, ADManager+, AD Audit, PowerShell to detect and triage security incidents (HIAS)
• Monitored network perimeters with Palo Alto 820 to detect attacks on exposed assets, such as gateways or mail servers, examined and contained maliscious IP addresses (HIAS)
• Forensic analysis of phishing attempts and potential malware (DCSO, HIAS)

IS Frameworks and Audits

• Working with NIST Fisma 800 - 53, ISO 27001, 27002, NIS2, Cloud security frameworks and catalogues (C5, SOC2, FedRAMP, TISAX), CIS Benchmarks
• Development of test actions and required samples
• Inspecting technical requirements (e.g. database architecture, session management, authentication, secure software development, cryptography, vulnerability and incident management)
• Inspecting organizational requirements (e.g. ISMS, risk management, identity and access management, business continuity, service supplier management) Notable projects
• Audited Microsoft O365 Organisation on-site at the Microsoft Campus in Redmond, U.S., according to selected C5 criteria; audit of live systems for risk, vulnerability, incident and business continuity management; reporting and presentation to more than 80 customers from the insurance industry (DCSO)

• Audited a cloud product from Deloitte at Volkswagen in Wolfsburg according to own ISA criteria (DCSO)
• Audited ISMS and network infrastructure of a mining company in Germany (DCSO)
• Audited Amazon Web Services Data Centers in Amsterdam according to selected C5 criteria
• Project lead for implementation of NIST Fisma 800 - 53 control objectives in preparation for U.S. Department of State Audit Developed and developing IT Governance policies and procedures (HIAS)
• Supported an audit of a financial institution according to ECB criteria; audited vulnerability management, logging & monitoring and penetration testing (Deloitte)
• Devoloped IT Governance policies and procedures according to ISO 27001, 27002 for a public entity in Vienna (Deloitte)

Security administration

• Security administration of IT infrastructure including Windows Server, Firewalls, Switches, CCTV, IoT devices and user endpoints
• Security administration of Active Directory
• Asset and account reviews
• Powershell scripting for administrative tasks

Security Awareness Trainings

• Consulted Ukrainian IT and cloud service providers how to implement an Information Security Management System (voluntary)
• Teached ?Data leaks and how to exploit them? (DCSO)
• Teached ?Web Server Access Control & Potential Vulnerabilities? (DCSO)
• Awareness trainings, phishing simulations with KnowB4, M365 and other tools (HIAS)

Tools (selection)

• Rapid7 InsightVM (expert knowledge)
• Nmap (expert knowledge)
• Shodan (expert knowledge)
• Desktop Central, Log360, ADManager (expert knowledge)
• ESET Protect on-prem (expert knowledge)
• Palo Alto PA-820 Firewall
• Common offensive security and network administration tools (e.g. Metasploit Framework, Wireshark, Burp Suite, Aircrack-ng, etc.)
• PowerShell, bash
• python (basic)

Soft skills

• Leadership responsibility
• Organizational talent
• Assertiveness
• Ability to work in a team, intercultural competence
• Willing to travel

Internship

12/2007 - 02/2008

German Association of Industry and Commerce (DIHK)