Conducted a threat modelling exercise and capability/gap assessment based on the organization?s cloud infrastructure. Developed a roadmap for implementing SIEM use cases.
Provided a strategic recommendations list based on Tactics, Techniques, and Procedures (TTPs) of identified threat actors, after identifying relevant Advanced Persistent Threat (APT) groups.
Conceptualized and developed a future-proof hybrid environment integrating on-premises Active Directory, Entra ID, KeyCloak, and Omada while defining new teams & responsibilities and steering reconciliation processes using a tailored tiering model.
Designed, executed, and debriefed a series of Crisis Management (CM) tabletop exercises within several critical departments. Delivered a comprehensive roadmap following a gap analysis to enhance organizational preparedness.
Sector: Insurance
Prepared and conducted a series of interactive workshops featuring demonstrations of voice and video deepfakes, including Caller-ID spoofing scenarios, aimed at educating both end users and leadership teams.
Led the conceptualization, preparation, implementation, and rollout of a business role model. Oversaw vendor selection, role re-certification, business role modelling, and user training for seamless integration.
Performed a comprehensive IT asset inventory, protection requirement analysis, and business impact assessment. Managed a company-wide phishing campaign and delivered an ISO 27000 maturity assessment, gap analysis, and a 3-year improvement roadmap.
Developed an IT emergency plan ("IT-Notfallplan") and IT emergency handbook ("IT-Notfallhandbuch") aligned with BSI 200-4 standards. Conducted a Business Impact Analysis (BIA) and a Protection Requirement Analysis.
Served as an external CISO, focusing on improving the established Information Security Management System (ISMS) and addressing audit findings in accordance with ISO 27000 standards.
Led the bank-wide conceptualization, implementation and rollout of the business role model to comply with ECB requirements.
Conducted a threat modelling exercise and capability/gap assessment based on the organization?s cloud infrastructure. Developed a roadmap for implementing SIEM use cases.
Provided a strategic recommendations list based on Tactics, Techniques, and Procedures (TTPs) of identified threat actors, after identifying relevant Advanced Persistent Threat (APT) groups.
Conceptualized and developed a future-proof hybrid environment integrating on-premises Active Directory, Entra ID, KeyCloak, and Omada while defining new teams & responsibilities and steering reconciliation processes using a tailored tiering model.
Designed, executed, and debriefed a series of Crisis Management (CM) tabletop exercises within several critical departments. Delivered a comprehensive roadmap following a gap analysis to enhance organizational preparedness.
Sector: Insurance
Prepared and conducted a series of interactive workshops featuring demonstrations of voice and video deepfakes, including Caller-ID spoofing scenarios, aimed at educating both end users and leadership teams.
Led the conceptualization, preparation, implementation, and rollout of a business role model. Oversaw vendor selection, role re-certification, business role modelling, and user training for seamless integration.
Performed a comprehensive IT asset inventory, protection requirement analysis, and business impact assessment. Managed a company-wide phishing campaign and delivered an ISO 27000 maturity assessment, gap analysis, and a 3-year improvement roadmap.
Developed an IT emergency plan ("IT-Notfallplan") and IT emergency handbook ("IT-Notfallhandbuch") aligned with BSI 200-4 standards. Conducted a Business Impact Analysis (BIA) and a Protection Requirement Analysis.
Served as an external CISO, focusing on improving the established Information Security Management System (ISMS) and addressing audit findings in accordance with ISO 27000 standards.
Led the bank-wide conceptualization, implementation and rollout of the business role model to comply with ECB requirements.