Cyber Sicherheit und Software Engineering
Aktualisiert am 13.09.2024
Profil
Freiberufler / Selbstständiger
Remote-Arbeit
Verfügbar ab: 07.10.2024
Verfügbar zu: 100%
davon vor Ort: 0%
Cyber Sicherheit
German
first language
English
professional proficiency

Einsatzorte

Einsatzorte

möglich

Projekte

Projekte

3 years
2021-10 - now

Providing trainings for EC-Council

Cyber Security Network Security IT-Security ...
C|TIA C|HFI C|SA C|EH C|ND 
Cyber Security Network Security IT-Security Cloud Security IT-Forensik
4 years 9 months
2020-01 - now

Security monitoring

Linux Debian Microsoft Windows 10 ...
THREATINT (CY), providing security services including but not limit to
  • Security monitoring
  • Security operations, Blue Teaming
  • Vulnerability Scanning
  • Vulnerability Management
  • Penetration Testing, Red Teaming
  • Data privacy consulting (EU-GDPR)
  • Security incident handling, computer/ network forensics
  • Design and implementation of security services
  • Software engineering/ software development
  • Identity Management (on premise/ cloud/ hybrid) incl. 2FA/MFA
  • Fighting spam and malware with our own honeypots (Mail/ HTTP) + DNSBL
Linux Debian Microsoft Windows 10 Windows 11 Windows Server Splunk Elastic MISP Cassandra ScyllaDB CockroachDB CouchBase OpenID Connect SAML OAuth2 MFA 2FA Managed Security Services Provider Volatility Paraben P2C/ E3 Mandiant Redline Forensic DFIR (Digital Forensics Incident Response) CIRT (Computer Emergency Response Team) CSIRT (Computer Security Incident Response Team) Codacy snyk OWASP Nessus SAINT OpenVAS Greenbone Rapid7 Nexpose Metasploit Amazon Web Services (AWS) Microsoft Azure (incl. Azure AD (Azure Active Directory) Multi-Factor AD Connect Azure AD B2C CDN FrontDoor DevOps) Microsoft Office 365 Microsoft Sentinel Microsoft Defender for Cloud Apps Microsoft Endpoint Manager (Intune) BitDefender Clavister NetWall OPNsense GitHub.com
1 year 8 months
2022-10 - 2024-05

Security Consulting

Rapid7 Cortex XDR
  • Security Consulting
  • Vulnerability Management
Rapid7 Cortex XDR
Banking
1 year
2022-10 - 2023-09

Security Consulting

Tenable Nessus
  • Security Consulting
  • Vulnerability Management
  • OSINT (Open-Source Intelligence), Cyber Threat Intelligence
  • Resolving MAIT, BAIT, and BaFin findings with internal teams
Tenable Nessus
Banking
1 year 4 months
2021-06 - 2022-09

Security Consulting

Microsoft Office 365 Microsoft Azure Microsoft Sentinel ...
  • Security Consulting
  • Vendor/ Service Management
Microsoft Office 365 Microsoft Azure Microsoft Sentinel Microsoft Defender for Cloud Apps Palo Alto Networks Cortex XDR
Chemical Industry
2 years 2 months
2019-05 - 2021-06

Implementation of SOC/ Security Operations

Coach/ Consultant LogRythm Fortinet Fortigate FortiAnalyzer ...
Coach/ Consultant
LogRythm Fortinet Fortigate FortiAnalyzer FortiManager Cisco ASA Microsoft Windows Server Windows 10 Nexthink Digital Guardian SIEM SOC Microsoft Active Directory Microsoft Office 365 Microsoft Azure
Banking
5 years 9 months
2015-04 - 2020-12

Project management

Ubuntu Linux Debian CentOS ...
THREATINT, providing security services for SMB customers including but not limit to
  • Project management
  • Infrastructure implementations (on premise/ cloud/ hybrid)
  • Identity Management (on premise/ cloud/ hybrid) incl. 2FA/MFA
  • Security monitoring
  • Security operations
  • Vulnerability Scanning/ Vulnerability Management
  • Data privacy consulting (EU-GDPR)
  • Security incident handling, computer/ network forensics
  • Penetration Testing
  • Design and implementation of security services
  • Software engineering/ software development
  • Fighting spam and malware with our own honeypots (Mail/ HTTP) + DNSBL
Ubuntu Linux Debian CentOS Microsoft Windows 10 Windows Server Splunk ELK (ElasticSearch LogStash Kibana) MISP Threat Sharing Cassandra CouchBase OpenID Connect SAML OAuth2 MFA 2FA Paessler PRTG ManageEngine Desktop Managed Security Services Provider Volatility Paraben P2C / E3 Mandiant Redline Guidance (opentext) EnCase® Forensic DFIR (Digital Forensics Incident Response) CIRT (Computer Emergency Response Team) CSIRT (Computer Security Incident Response Team) Cisco ASA Sophos UTM Sophos UTM Manager (SUM) OWASP Tufin SecureApp? + SecureChange? Nessus SAINT OpenVAS Greenbone Rapid7 Nexpose Metasploit VMware ESXi Citrix XenServer Citrix NetScaler Check Point Amazon Web Services (AWS) Microsoft Azure (incl. Azure Active Directory Multi-Factor AD Connect Active Directory B2C CDN Front Door) Microsoft Office 365 (OneDrive Teams SharePoint Exchange) Atlassian BitBucket + Jira + Confluence GitHub.com GitLab DevOps SecDevOps CI
6 months
2018-10 - 2019-03

Security Consulting

Microsoft Office 365 Microsoft Azure
  • Security Consulting for DevOps teams
  • Risk Assessment for Industry 4.0/ IoT applications
Microsoft Office 365 Microsoft Azure
Chemical Industry
2 months
2018-07 - 2018-08

Security Management

Microsoft Office 365 Microsoft Azure Rapid7 InsightVM + Nexpose
  • TISO role
  • Vulnerability Scanning/ Vulnerability Management
  • Security Management
  • Security Awareness for IT-Operations team
Microsoft Office 365 Microsoft Azure Rapid7 InsightVM + Nexpose
Financial Services
3 months
2018-04 - 2018-06

Project management, introducing various security services, technologies, and processes

NIDS NIPS Fortinet FortiGate ...
NIDS NIPS Fortinet FortiGate Check Point Tufin SecureChange? network segregation / isolation Sandboxing
Banking, Frankfurt (Main)
2 months
2018-02 - 2018-03

Implementation of SOC

Coach/ Consultant Splunk Check Point Sophos Email Gateway
Coach/ Consultant
Splunk Check Point Sophos Email Gateway
Munich Aiport (MUC)
5 months
2017-04 - 2017-08

Penetration testing for messaging app + cloud infrastructure.

Burp ZAP Android Emulator ...
  • Penetration testing for messaging app + cloud infrastructure
  • Implementation of risk management and security awareness for the software development lifecycle
Burp ZAP Android Emulator OWASP Veracode C# Xamarin
Startup
5 months
2016-08 - 2016-12

Security

  • Security incident handling, computer/network forensics
  • Design and implementation of security services
Insurance, Cologne area
2 years
2014-08 - 2016-07

Internal Vulnerability Testing

Tenable Nessus Rapid7 Nexpose
  • Remediation support
  • Vulnerability and risk assessment
  • Risk management, regulatory compliance (including MAS, SOX, EZB, RBI, ISO270xx)
Tenable Nessus Rapid7 Nexpose
Banking, Frankfurt (Main)
1 year 1 month
2013-06 - 2014-06

Cyber Threat Response Team

AccessData Forensic Toolkit (FTK) Volatility Paraben P2C ...
  • Computer- and network forensics as part of security incident response
  • Evaluation and implementation of a big data platform log analysis
AccessData Forensic Toolkit (FTK) Volatility Paraben P2C Mandiant Redline BAE Systems (Detica) Palantir
Banking, Frankfurt (Main)
1 year
2011-04 - 2012-03

Project management

Coordinator Windows Server network segregation Cisco ASA
Coordinator
  • Migration of server systems and transfer of the operation to an external service under an outsourcing contract for the data centre and server operations at production sites Erlangen and Berlin
  • Coordinating the requirements with the stakeholders
  • Modelling of the existing infrastructure and server systems on the contract of the outsourcing arrangement and the new SLA
  • Consultation on the virtualization of existing server systems, capacity planning, developing solutions for high availability, backup and disaster recovery for systems critical for production and/or companies, considering requirements due to different time zones and/or multi-shift operation
  • Control function as part of IT governance processes
Windows Server network segregation Cisco ASA
Siemens AG

Aus- und Weiterbildung

Aus- und Weiterbildung

Professional Trainings and Certifications
  • C|EI (Certified EC-Council Instructor)
  • C|TIA (Certified Threat Intelligence Analyst)
  • C|HFI (Certified Hacking Forensic Investigator)
  • C|EH (EC-Council Certified Ethical Hacker)
  • C|SA (EC-Council Certified SOC Analyst)
  • C|ND (EC-Council Certified Network Defender)
  • SANS FOR408 Windows Forensic Analysis
  • SANS SEC434 Log Management In-Depth
  • CompTIA Security+
  • PRINCE2® Foundation
  • ITIL® Version 3 Foundation
  • Geprüfter fachkundiger Datenschutzbeauftragter nach dem Ulmer Model (Data Privacy)

Kompetenzen

Kompetenzen

Top-Skills

Cyber Sicherheit

Produkte / Standards / Erfahrungen / Methoden

Profile
  • 25+ years in the IT industry, from developing software, running data center operations and large data networks, to managing Cyber Security
  • 10+ years of computer-/network forensics and incident response
  • 10+ years providing managed security services

Einsatzorte

Einsatzorte

möglich

Projekte

Projekte

3 years
2021-10 - now

Providing trainings for EC-Council

Cyber Security Network Security IT-Security ...
C|TIA C|HFI C|SA C|EH C|ND 
Cyber Security Network Security IT-Security Cloud Security IT-Forensik
4 years 9 months
2020-01 - now

Security monitoring

Linux Debian Microsoft Windows 10 ...
THREATINT (CY), providing security services including but not limit to
  • Security monitoring
  • Security operations, Blue Teaming
  • Vulnerability Scanning
  • Vulnerability Management
  • Penetration Testing, Red Teaming
  • Data privacy consulting (EU-GDPR)
  • Security incident handling, computer/ network forensics
  • Design and implementation of security services
  • Software engineering/ software development
  • Identity Management (on premise/ cloud/ hybrid) incl. 2FA/MFA
  • Fighting spam and malware with our own honeypots (Mail/ HTTP) + DNSBL
Linux Debian Microsoft Windows 10 Windows 11 Windows Server Splunk Elastic MISP Cassandra ScyllaDB CockroachDB CouchBase OpenID Connect SAML OAuth2 MFA 2FA Managed Security Services Provider Volatility Paraben P2C/ E3 Mandiant Redline Forensic DFIR (Digital Forensics Incident Response) CIRT (Computer Emergency Response Team) CSIRT (Computer Security Incident Response Team) Codacy snyk OWASP Nessus SAINT OpenVAS Greenbone Rapid7 Nexpose Metasploit Amazon Web Services (AWS) Microsoft Azure (incl. Azure AD (Azure Active Directory) Multi-Factor AD Connect Azure AD B2C CDN FrontDoor DevOps) Microsoft Office 365 Microsoft Sentinel Microsoft Defender for Cloud Apps Microsoft Endpoint Manager (Intune) BitDefender Clavister NetWall OPNsense GitHub.com
1 year 8 months
2022-10 - 2024-05

Security Consulting

Rapid7 Cortex XDR
  • Security Consulting
  • Vulnerability Management
Rapid7 Cortex XDR
Banking
1 year
2022-10 - 2023-09

Security Consulting

Tenable Nessus
  • Security Consulting
  • Vulnerability Management
  • OSINT (Open-Source Intelligence), Cyber Threat Intelligence
  • Resolving MAIT, BAIT, and BaFin findings with internal teams
Tenable Nessus
Banking
1 year 4 months
2021-06 - 2022-09

Security Consulting

Microsoft Office 365 Microsoft Azure Microsoft Sentinel ...
  • Security Consulting
  • Vendor/ Service Management
Microsoft Office 365 Microsoft Azure Microsoft Sentinel Microsoft Defender for Cloud Apps Palo Alto Networks Cortex XDR
Chemical Industry
2 years 2 months
2019-05 - 2021-06

Implementation of SOC/ Security Operations

Coach/ Consultant LogRythm Fortinet Fortigate FortiAnalyzer ...
Coach/ Consultant
LogRythm Fortinet Fortigate FortiAnalyzer FortiManager Cisco ASA Microsoft Windows Server Windows 10 Nexthink Digital Guardian SIEM SOC Microsoft Active Directory Microsoft Office 365 Microsoft Azure
Banking
5 years 9 months
2015-04 - 2020-12

Project management

Ubuntu Linux Debian CentOS ...
THREATINT, providing security services for SMB customers including but not limit to
  • Project management
  • Infrastructure implementations (on premise/ cloud/ hybrid)
  • Identity Management (on premise/ cloud/ hybrid) incl. 2FA/MFA
  • Security monitoring
  • Security operations
  • Vulnerability Scanning/ Vulnerability Management
  • Data privacy consulting (EU-GDPR)
  • Security incident handling, computer/ network forensics
  • Penetration Testing
  • Design and implementation of security services
  • Software engineering/ software development
  • Fighting spam and malware with our own honeypots (Mail/ HTTP) + DNSBL
Ubuntu Linux Debian CentOS Microsoft Windows 10 Windows Server Splunk ELK (ElasticSearch LogStash Kibana) MISP Threat Sharing Cassandra CouchBase OpenID Connect SAML OAuth2 MFA 2FA Paessler PRTG ManageEngine Desktop Managed Security Services Provider Volatility Paraben P2C / E3 Mandiant Redline Guidance (opentext) EnCase® Forensic DFIR (Digital Forensics Incident Response) CIRT (Computer Emergency Response Team) CSIRT (Computer Security Incident Response Team) Cisco ASA Sophos UTM Sophos UTM Manager (SUM) OWASP Tufin SecureApp? + SecureChange? Nessus SAINT OpenVAS Greenbone Rapid7 Nexpose Metasploit VMware ESXi Citrix XenServer Citrix NetScaler Check Point Amazon Web Services (AWS) Microsoft Azure (incl. Azure Active Directory Multi-Factor AD Connect Active Directory B2C CDN Front Door) Microsoft Office 365 (OneDrive Teams SharePoint Exchange) Atlassian BitBucket + Jira + Confluence GitHub.com GitLab DevOps SecDevOps CI
6 months
2018-10 - 2019-03

Security Consulting

Microsoft Office 365 Microsoft Azure
  • Security Consulting for DevOps teams
  • Risk Assessment for Industry 4.0/ IoT applications
Microsoft Office 365 Microsoft Azure
Chemical Industry
2 months
2018-07 - 2018-08

Security Management

Microsoft Office 365 Microsoft Azure Rapid7 InsightVM + Nexpose
  • TISO role
  • Vulnerability Scanning/ Vulnerability Management
  • Security Management
  • Security Awareness for IT-Operations team
Microsoft Office 365 Microsoft Azure Rapid7 InsightVM + Nexpose
Financial Services
3 months
2018-04 - 2018-06

Project management, introducing various security services, technologies, and processes

NIDS NIPS Fortinet FortiGate ...
NIDS NIPS Fortinet FortiGate Check Point Tufin SecureChange? network segregation / isolation Sandboxing
Banking, Frankfurt (Main)
2 months
2018-02 - 2018-03

Implementation of SOC

Coach/ Consultant Splunk Check Point Sophos Email Gateway
Coach/ Consultant
Splunk Check Point Sophos Email Gateway
Munich Aiport (MUC)
5 months
2017-04 - 2017-08

Penetration testing for messaging app + cloud infrastructure.

Burp ZAP Android Emulator ...
  • Penetration testing for messaging app + cloud infrastructure
  • Implementation of risk management and security awareness for the software development lifecycle
Burp ZAP Android Emulator OWASP Veracode C# Xamarin
Startup
5 months
2016-08 - 2016-12

Security

  • Security incident handling, computer/network forensics
  • Design and implementation of security services
Insurance, Cologne area
2 years
2014-08 - 2016-07

Internal Vulnerability Testing

Tenable Nessus Rapid7 Nexpose
  • Remediation support
  • Vulnerability and risk assessment
  • Risk management, regulatory compliance (including MAS, SOX, EZB, RBI, ISO270xx)
Tenable Nessus Rapid7 Nexpose
Banking, Frankfurt (Main)
1 year 1 month
2013-06 - 2014-06

Cyber Threat Response Team

AccessData Forensic Toolkit (FTK) Volatility Paraben P2C ...
  • Computer- and network forensics as part of security incident response
  • Evaluation and implementation of a big data platform log analysis
AccessData Forensic Toolkit (FTK) Volatility Paraben P2C Mandiant Redline BAE Systems (Detica) Palantir
Banking, Frankfurt (Main)
1 year
2011-04 - 2012-03

Project management

Coordinator Windows Server network segregation Cisco ASA
Coordinator
  • Migration of server systems and transfer of the operation to an external service under an outsourcing contract for the data centre and server operations at production sites Erlangen and Berlin
  • Coordinating the requirements with the stakeholders
  • Modelling of the existing infrastructure and server systems on the contract of the outsourcing arrangement and the new SLA
  • Consultation on the virtualization of existing server systems, capacity planning, developing solutions for high availability, backup and disaster recovery for systems critical for production and/or companies, considering requirements due to different time zones and/or multi-shift operation
  • Control function as part of IT governance processes
Windows Server network segregation Cisco ASA
Siemens AG

Aus- und Weiterbildung

Aus- und Weiterbildung

Professional Trainings and Certifications
  • C|EI (Certified EC-Council Instructor)
  • C|TIA (Certified Threat Intelligence Analyst)
  • C|HFI (Certified Hacking Forensic Investigator)
  • C|EH (EC-Council Certified Ethical Hacker)
  • C|SA (EC-Council Certified SOC Analyst)
  • C|ND (EC-Council Certified Network Defender)
  • SANS FOR408 Windows Forensic Analysis
  • SANS SEC434 Log Management In-Depth
  • CompTIA Security+
  • PRINCE2® Foundation
  • ITIL® Version 3 Foundation
  • Geprüfter fachkundiger Datenschutzbeauftragter nach dem Ulmer Model (Data Privacy)

Kompetenzen

Kompetenzen

Top-Skills

Cyber Sicherheit

Produkte / Standards / Erfahrungen / Methoden

Profile
  • 25+ years in the IT industry, from developing software, running data center operations and large data networks, to managing Cyber Security
  • 10+ years of computer-/network forensics and incident response
  • 10+ years providing managed security services

Vertrauen Sie auf Randstad

Im Bereich Freelancing
Im Bereich Arbeitnehmerüberlassung / Personalvermittlung

Fragen?

Rufen Sie uns an +49 89 500316-300 oder schreiben Sie uns:

Das Freelancer-Portal

Direktester geht's nicht! Ganz einfach Freelancer finden und direkt Kontakt aufnehmen.