Freelancer: Cyber Security Experte f�r den Finanz-, Automobil- und Gesundheitswesen-Sektor.

Freiberufler / Selbstst�ndiger

Remote-Arbeit

Verf�gbar ab: 01.07.2024

Verf�gbar zu: 100%

davon vor Ort: 30%

Top-Skills

Cyber Security, IT-Security, Automotive, IoT

Sprachen

English

German

Hebrew

Einsatzorte

St�dte

Frankfurt am Main (+200km) Hamburg (+200km) Berlin (+200km) M�nchen (+200km) Hannover (+200km) Stuttgart (+200km) N�rnberg (+200km)

L�nder

Deutschland, �sterreich, Schweiz

Remote-Arbeit

m�glich

Projekte

1 Jahr 2 Monate

2023-05 - heute

SAE - Official SAE/ISO 21434 Certification Instructor

Instructor/Trainer ISO 21434

Rolle

Instructor/Trainer

Projektinhalte

Automotive Cybersecurity Level 1 - https://www.sae.org/learn/content/c2105

Automotive Cybersecurity Level 2 - https://www.sae.org/learn/content/c2107

Kenntnisse

ISO 21434

9 Monate

2023-08 - 2024-04

ISO 21434 Certification - Automotive Supplier

Consultant ISO 21434 Automotive embedded

Rolle

Consultant

Projektinhalte

Writing and providing the SAE/ISO 21434 Work Products (Self-Assessment, CIA, Cybersecurity Plan/Case, Cybersecurity production plan, Incident Response Plane, etc..).
Conducting Security Risk analysis (TARA) for an internal Runtime Library.

Kenntnisse

ISO 21434 Automotive embedded

4 Monate

2023-11 - 2024-02

ECU Penetration Testing (EV)

Penetration Tester Automotive Steuerger�t Penetrationstest

Rolle

Penetration Tester

Projektinhalte

Conducting Security Testing (Penetration & Fuzz Testing) on a lights ECU on different components and interfaces.

Preforming Hardware & Software reverse engineering to find vulnerabilities and security bugs.

Supporting the activates on SAE/ISO 21434.

Kenntnisse

Automotive Steuerger�t Penetrationstest

Kunde

Delta Systems

1 Jahr 5 Monate

2022-01 - 2023-05

ISO 21434 PMO

PMO / Consultant - Central Computer ISO 21434 Automotive Embedded

Rolle

PMO / Consultant - Central Computer

Projektinhalte

PMO for the SAE/ISO 21434 Audit on a new infotainment system supervising on and creating a full traceability of Security CSMS and CS activities.

Conducting Security Risk analysis (TARA) for a Linux & Android based Central Computer.

Consulting to Harman?s head of Security Office, as well as facilitate communication with the different departments.

Establishing and creating security test cases and test documentation.

Supporting the project (device) Incident response plan (IRP).

Kenntnisse

ISO 21434 Automotive Embedded

Kunde

HARMAN International

1 Jahr 2 Monate

2022-01 - 2023-02

Consultant Automotive - Autonomous Taxi (OEM)

Cybersecurity Consultant Automotive ISO 21434 Autonomes Fahren Automotive ...

Rolle

Cybersecurity Consultant Automotive

Projektinhalte

Conducting Security Risk analysis (TARA) for Automotive Platforms and Concepts based on regulation and market standards.

Supporting the SAE/ISO 21434 Audit on a vehicle level.

Defining security RFQs (LAH) for different the suppliers.

Kenntnisse

ISO 21434 Autonomes Fahren Automotive TARA

Kunde

HOLON

8 Monate

2021-05 - 2021-12

ECU Penetration Testing

Penetration Tester Penetrationstest Automotive Automotive-Bussystem

Rolle

Penetration Tester

Projektinhalte

Conducting Security Testing (Penetration & Fuzz Testing) on a lights ECU on different components and interfaces.

Preforming Hardware & Software reverse engineering to find vulnerabilities and security bugs.

Supporting the activates on SAE/ISO 21434.

Kenntnisse

Penetrationstest Automotive Automotive-Bussystem

Kunde

ZKW Group

2008 - heute:�web application, Network and social engineering pen tests

Rolle: Penetration Tester

Kunde: Freelancer Bug Bounty Program

Einsatzort: Worldwide

Aufgaben:

Carried out web application, Network and social engineering pen tests
Conducted manual external and internal penetration testing
Outlined results and consulting on remediation
Handled documentation and metrics reporting

2017 - 2019:�Conducting risk analysis for known automotive security vulnerabilities

Rolle:�Technical Account Manager

Kunde:�CYMOTIVE GmbH

Einsatzort:�Wolfsburg, Germany

Aufgaben:

Maintaining a close communication with Volkswagen AG, as well as facilitate a direct communication of different Cyber Security projects
Conducting risk analysis for known automotive security vulnerabilities
Establishing an Automotive Cyber Security Testing Processes for VW AG
Managing the Security Team budget (1.2M EUR), including RFQs & POs
Coordinating, managing and Reporting of Automotive Penetration Tests

2016 - 2017:�Consulting

Rolle: Information Security Consultant

Kunde: CIPHRON GmbH

Einsatzort: Hannover, Germany

Aufgaben:

Managing over 20 clients, responsible on junior consultants and internes
Implement and guide clients towards ISMS, ISO27k and IT-Grundschutz
Consulting to the financial sector for security processes and providing information security through Regulations, Standards and Data protection
Training companies for information security approach and awareness

2015 - 2016:�Assimilation of Security Systems, Architecture and Implementation wise

Rolle: Senior IT Security Consultant

Kunde: MAG - Tech Systems Ltd

Einsatzort: Lagos, Nigeria

Aufgaben:

Managing up to 20 different security outsource consultants simultaneously
Assimilation of Security Systems, Architecture and Implementation wise
Establishment of SOC Centers in several Financial Institutions around Africa
Consulting to the financial and government sector for security processes

2014 - 2015:�Managing the Information Security department

Rolle: CISO Head of Information Security Department

Kunde: ESN Global Media

Einsatzort: Israel

Aufgaben:

Managing the Information Security department (20 employees), including the London and Cyprus subsidiaries
Recruiting, building up and budgeting the security department (200K USD)
Leading the efforts towards international security regulations & standards
Managing up to 10 outsource security consultants
Develop the foundation of the organization?s security policies
Assimilation of Security Systems and Secure Architecture
Internal company lectures for Information Security Awareness

2014 - 2015:�Lecturing

Rolle: Information Security Lecturer

Kunde: Technion Institute of Technology

Einsatzort: Israel

Aufgaben:

Lecturing about hacking techniques and tools usage
Lectures included both theoretical and practical parts

2013 - 2014:�Maintenance of the organization network

Rolle: System Administrator

Kunde: ESN Global Media

Einsatzort: Israel

Aufgaben:

Maintenance of the organization network: Routers, Switches and Firewalls
Architecture and Implementation of VDI for the organization?s call center
Establishment and maintenance of Windows and Linux Servers
Maintaining the VoIP Operator of the organization?s call center
Develop a Linux recorder server for the VoIP Operator Written in Python
Active Directory Management and configurations (over 300 users)
Maintenance of DC, DHCP and DNS servers

2010 - 2013:�Daily maintenance on Windows Servers, Exchange and Active Directory

Rolle: Troop Battalion System Administrator

Kunde: Israeli Defense Force

Aufgaben:

Daily maintenance on Windows Servers, Exchange and Active Directory
Development of automated software in VB.NET & C#.NET
Composing practical Scripts that are ease the daily job, Automation Scripts

2009 - 2010:�Network Infrastructure and Architecture

Rolle: PC and Network Technician

Kunde: Shalev Services

Einsatzort: Israel

Aufgaben:

Network Infrastructure and Architecture
Establishment and maintenance of Windows and Linux Servers

Aus- und Weiterbildung

2013 - 2015
Technion Institute of Technology, Israel
Information Security studies on behalf of and funded by ESN Global Media LTD (CISO)
Final Grade 93

2013
See Security College, Israel
Hacking Defined Experts Course

2006 - 2009
Yitzhak Rabin High School, Israel
Physics & Computers studies

Certifications

2015

Rapid7 Metasploit Pro Certified Specialist (MPCS) Final Grade 90

2013

Hacking Defined Experts (HDE), equal certification to CEH

Kompetenzen

Top-Skills

Cyber Security, IT-Security, Automotive, IoT

Produkte / Standards / Erfahrungen / Methoden

Additional Qualifications

Security System

CheckPoint, Fortinet, Juniper, Palo Alto Firewalls and IPSs
Imperva DBF and WAF
F5 Load Balancer and WAF
Cisco, Forscout and Portnox NACs
Arcsight and Splunk SIEMs
FireEye, Trend Micro and CheckPoint Threat Emulation
SkyBox and AlgoSec Firewall and Network Assurance
RSA Archer enterprise governance, risk and compliance (eGRC)
Entrust Identity Assurance
Encase Enterprise Forensic Tool

Network System

Cisco, Juniper and HP Devices
Wireless APs and Cellular Network
VoIP Operators
CCNA Knowledge

Data Base/ Application Server/ Operating System

SQL: Oracle, MySQL MSSQL and PostgreSQL
Windows Server 2008 R2 and 2012 R2
Linux Systems Debian, CentOS and RedHat
Apache, IIS and Tomcat
Microsoft Exchange, Google Apps and Office 365
VMware, Hyper V and Citrix

Automotive

CAN-BUS, ISO-TP, CAPL, Vector CANoe, AUTOSAR, Automotive ethernet
Embedded Systems, QNX, ECU?s Hardware and Software

Programmiersprachen

ASP and ASP.NET

Bash

Batch

C and C++

CSS

HTML

Java

Jscript

Perl

PHP

Python

Ruby on Rails

VB.NET

VBScript

Einsatzorte

St�dte

Frankfurt am Main (+200km) Hamburg (+200km) Berlin (+200km) M�nchen (+200km) Hannover (+200km) Stuttgart (+200km) N�rnberg (+200km)

L�nder

Deutschland, �sterreich, Schweiz

Remote-Arbeit

m�glich

Projekte

1 Jahr 2 Monate

2023-05 - heute

SAE - Official SAE/ISO 21434 Certification Instructor

Instructor/Trainer ISO 21434

Rolle

Instructor/Trainer

Projektinhalte

Automotive Cybersecurity Level 1 - https://www.sae.org/learn/content/c2105

Automotive Cybersecurity Level 2 - https://www.sae.org/learn/content/c2107

Kenntnisse

ISO 21434

9 Monate

2023-08 - 2024-04

ISO 21434 Certification - Automotive Supplier

Consultant ISO 21434 Automotive embedded

Rolle

Consultant

Projektinhalte

Writing and providing the SAE/ISO 21434 Work Products (Self-Assessment, CIA, Cybersecurity Plan/Case, Cybersecurity production plan, Incident Response Plane, etc..).
Conducting Security Risk analysis (TARA) for an internal Runtime Library.

Kenntnisse

ISO 21434 Automotive embedded

4 Monate

2023-11 - 2024-02

ECU Penetration Testing (EV)

Penetration Tester Automotive Steuerger�t Penetrationstest

Rolle

Penetration Tester

Projektinhalte

Conducting Security Testing (Penetration & Fuzz Testing) on a lights ECU on different components and interfaces.

Preforming Hardware & Software reverse engineering to find vulnerabilities and security bugs.

Supporting the activates on SAE/ISO 21434.

Kenntnisse

Automotive Steuerger�t Penetrationstest

Kunde

Delta Systems

1 Jahr 5 Monate

2022-01 - 2023-05

ISO 21434 PMO

PMO / Consultant - Central Computer ISO 21434 Automotive Embedded

Rolle

PMO / Consultant - Central Computer

Projektinhalte

PMO for the SAE/ISO 21434 Audit on a new infotainment system supervising on and creating a full traceability of Security CSMS and CS activities.

Conducting Security Risk analysis (TARA) for a Linux & Android based Central Computer.

Consulting to Harman?s head of Security Office, as well as facilitate communication with the different departments.

Establishing and creating security test cases and test documentation.

Supporting the project (device) Incident response plan (IRP).

Kenntnisse

ISO 21434 Automotive Embedded

Kunde

HARMAN International

1 Jahr 2 Monate

2022-01 - 2023-02

Consultant Automotive - Autonomous Taxi (OEM)

Cybersecurity Consultant Automotive ISO 21434 Autonomes Fahren Automotive ...

Rolle

Cybersecurity Consultant Automotive

Projektinhalte

Conducting Security Risk analysis (TARA) for Automotive Platforms and Concepts based on regulation and market standards.

Supporting the SAE/ISO 21434 Audit on a vehicle level.

Defining security RFQs (LAH) for different the suppliers.

Kenntnisse

ISO 21434 Autonomes Fahren Automotive TARA

Kunde

HOLON

8 Monate

2021-05 - 2021-12

ECU Penetration Testing

Penetration Tester Penetrationstest Automotive Automotive-Bussystem

Rolle

Penetration Tester

Projektinhalte

Conducting Security Testing (Penetration & Fuzz Testing) on a lights ECU on different components and interfaces.

Preforming Hardware & Software reverse engineering to find vulnerabilities and security bugs.

Supporting the activates on SAE/ISO 21434.

Kenntnisse

Penetrationstest Automotive Automotive-Bussystem

Kunde

ZKW Group

2008 - heute:�web application, Network and social engineering pen tests

Rolle: Penetration Tester

Kunde: Freelancer Bug Bounty Program

Einsatzort: Worldwide

Aufgaben:

Carried out web application, Network and social engineering pen tests
Conducted manual external and internal penetration testing
Outlined results and consulting on remediation
Handled documentation and metrics reporting

2017 - 2019:�Conducting risk analysis for known automotive security vulnerabilities

Rolle:�Technical Account Manager

Kunde:�CYMOTIVE GmbH

Einsatzort:�Wolfsburg, Germany

Aufgaben:

Maintaining a close communication with Volkswagen AG, as well as facilitate a direct communication of different Cyber Security projects
Conducting risk analysis for known automotive security vulnerabilities
Establishing an Automotive Cyber Security Testing Processes for VW AG
Managing the Security Team budget (1.2M EUR), including RFQs & POs
Coordinating, managing and Reporting of Automotive Penetration Tests

2016 - 2017:�Consulting

Rolle: Information Security Consultant

Kunde: CIPHRON GmbH

Einsatzort: Hannover, Germany

Aufgaben:

Managing over 20 clients, responsible on junior consultants and internes
Implement and guide clients towards ISMS, ISO27k and IT-Grundschutz
Consulting to the financial sector for security processes and providing information security through Regulations, Standards and Data protection
Training companies for information security approach and awareness

2015 - 2016:�Assimilation of Security Systems, Architecture and Implementation wise

Rolle: Senior IT Security Consultant

Kunde: MAG - Tech Systems Ltd

Einsatzort: Lagos, Nigeria

Aufgaben:

Managing up to 20 different security outsource consultants simultaneously
Assimilation of Security Systems, Architecture and Implementation wise
Establishment of SOC Centers in several Financial Institutions around Africa
Consulting to the financial and government sector for security processes

2014 - 2015:�Managing the Information Security department

Rolle: CISO Head of Information Security Department

Kunde: ESN Global Media

Einsatzort: Israel

Aufgaben:

Managing the Information Security department (20 employees), including the London and Cyprus subsidiaries
Recruiting, building up and budgeting the security department (200K USD)
Leading the efforts towards international security regulations & standards
Managing up to 10 outsource security consultants
Develop the foundation of the organization?s security policies
Assimilation of Security Systems and Secure Architecture
Internal company lectures for Information Security Awareness

2014 - 2015:�Lecturing

Rolle: Information Security Lecturer

Kunde: Technion Institute of Technology

Einsatzort: Israel

Aufgaben:

Lecturing about hacking techniques and tools usage
Lectures included both theoretical and practical parts

2013 - 2014:�Maintenance of the organization network

Rolle: System Administrator

Kunde: ESN Global Media

Einsatzort: Israel

Aufgaben:

Maintenance of the organization network: Routers, Switches and Firewalls
Architecture and Implementation of VDI for the organization?s call center
Establishment and maintenance of Windows and Linux Servers
Maintaining the VoIP Operator of the organization?s call center
Develop a Linux recorder server for the VoIP Operator Written in Python
Active Directory Management and configurations (over 300 users)
Maintenance of DC, DHCP and DNS servers

2010 - 2013:�Daily maintenance on Windows Servers, Exchange and Active Directory

Rolle: Troop Battalion System Administrator

Kunde: Israeli Defense Force

Aufgaben:

Daily maintenance on Windows Servers, Exchange and Active Directory
Development of automated software in VB.NET & C#.NET
Composing practical Scripts that are ease the daily job, Automation Scripts

2009 - 2010:�Network Infrastructure and Architecture

Rolle: PC and Network Technician

Kunde: Shalev Services

Einsatzort: Israel

Aufgaben:

Network Infrastructure and Architecture
Establishment and maintenance of Windows and Linux Servers

Aus- und Weiterbildung

2013 - 2015
Technion Institute of Technology, Israel
Information Security studies on behalf of and funded by ESN Global Media LTD (CISO)
Final Grade 93

2013
See Security College, Israel
Hacking Defined Experts Course

2006 - 2009
Yitzhak Rabin High School, Israel
Physics & Computers studies

Certifications

2015

Rapid7 Metasploit Pro Certified Specialist (MPCS) Final Grade 90

2013

Hacking Defined Experts (HDE), equal certification to CEH

Kompetenzen

Top-Skills

Cyber Security, IT-Security, Automotive, IoT

Produkte / Standards / Erfahrungen / Methoden

Additional Qualifications

Security System

CheckPoint, Fortinet, Juniper, Palo Alto Firewalls and IPSs
Imperva DBF and WAF
F5 Load Balancer and WAF
Cisco, Forscout and Portnox NACs
Arcsight and Splunk SIEMs
FireEye, Trend Micro and CheckPoint Threat Emulation
SkyBox and AlgoSec Firewall and Network Assurance
RSA Archer enterprise governance, risk and compliance (eGRC)
Entrust Identity Assurance
Encase Enterprise Forensic Tool

Network System

Cisco, Juniper and HP Devices
Wireless APs and Cellular Network
VoIP Operators
CCNA Knowledge

Data Base/ Application Server/ Operating System

SQL: Oracle, MySQL MSSQL and PostgreSQL
Windows Server 2008 R2 and 2012 R2
Linux Systems Debian, CentOS and RedHat
Apache, IIS and Tomcat
Microsoft Exchange, Google Apps and Office 365
VMware, Hyper V and Citrix

Automotive

CAN-BUS, ISO-TP, CAPL, Vector CANoe, AUTOSAR, Automotive ethernet
Embedded Systems, QNX, ECU?s Hardware and Software

Programmiersprachen

ASP and ASP.NET

Bash

Batch

C and C++

CSS

HTML

Java

Jscript

Perl

PHP

Python

Ruby on Rails

VB.NET

VBScript

Vertrauen Sie auf Randstad

Im Bereich Freelancing

Im Bereich Arbeitnehmer�berlassung / Personalvermittlung

Fragen?

Rufen Sie uns an +49 89 500316-300 oder schreiben Sie uns:

Name E-Mail-Adresse Ihre Frage

Telefonnummer Unternehmen

Ich habe die Datenschutzbestimmungen gelesen und bin damit einverstanden.

Einsatzorte

Einsatzorte

Projekte

Projekte

SAE - Official SAE/ISO 21434 Certification Instructor

ISO 21434 Certification - Automotive Supplier

ECU Penetration Testing (EV)

ISO 21434 PMO

Consultant Automotive - Autonomous Taxi (OEM)

ECU Penetration Testing

Aus- und Weiterbildung

Aus- und Weiterbildung

Kompetenzen

Kompetenzen

Top-Skills

Produkte / Standards / Erfahrungen / Methoden

Programmiersprachen

Einsatzorte

Einsatzorte

Projekte

Projekte

SAE - Official SAE/ISO 21434 Certification Instructor

ISO 21434 Certification - Automotive Supplier

ECU Penetration Testing (EV)

ISO 21434 PMO

Consultant Automotive - Autonomous Taxi (OEM)

ECU Penetration Testing

Aus- und Weiterbildung

Aus- und Weiterbildung

Kompetenzen

Kompetenzen

Top-Skills

Produkte / Standards / Erfahrungen / Methoden

Programmiersprachen

Vertrauen Sie auf Randstad

Fragen?

Rufen Sie uns an +49 89 500316-300 oder schreiben Sie uns:

Das Freelancer-Portal

Direktester geht's nicht! Ganz einfach Freelancer finden und direkt Kontakt aufnehmen.