Freelancer: As a freelance professional within Professional InfoSec Services, I bring >15 years of dedicated experience.

Freiberufler / Selbstst�ndiger

Remote-Arbeit

Verf�gbar ab: 18.05.2025

Verf�gbar zu: 100%

davon vor Ort: 100%

Top-Skills

Penetrationstest

Entwickler

Risikomanagement

Einsatzorte

L�nder

Deutschland

Remote-Arbeit

m�glich

Projekte

2018 - 2021: security for mobile applications, service cloud, and external identity management

Role: Global Lead for Mobile Application Security and Service Cloud Application Security - Senior Security Applications Engineer
Customer: Salesforce

Tasks:

security for mobile applications, service cloud, and external identity management
Project management
Risk assessments and risk evaluation
Security advisor for internal DevOps teams and management
Security sign-off for releases
Incident handling with SOC (SIEM / SOAR)
Management of external audits and penetration tests
Prioritization and evaluation of identified and reported security vulnerabilities (internal & external)
Review of existing processes and policies
IT-security policy development including disaster recovery planning
Code review
Exploit & POC development

2015 - 2018: Achieve PCI DSS/ISO Certification

Role: Technical Director
Customer: Krypton Security

Tasks:
Project Management incl. Planning & Scoping, Risk Management, Improve Cybersecurity Maturity Level, Network & Infrastructure Penetration Testing, Mobile Penetration Testing, Web Application Penetration Testing, Managed Services for SOC&SIEM.

Technical Director (Krypton Security)Team Lead Penetration Testing Team
- Penetration Testing (Network, Application, Mobile, Core Banking), incl. Red Team Testing
- Project Management & Remediation Planning
- IT-Security Architecture
- IT-Compliance & Policy validation, Configuration Hardening
- Incident Management/Forensic Investigation
- Managed Service offerings for SOCs including incident handling, SIEM/IDS Use Case Development, and SOPs
- Source Code Audit, Secure Development, Quality Assurance
- Threat Modeling

2016 - 2018: Managed Security Services and Security Project Management

Role: Technical Director
Customer: Krypton Security

Tasks:
Managed Security Services and Security Project Management: Multiple Penetration Testing Engagements including Payment Infrastructure (Network & Infrastructure Penetration Testing, Project planning for building a SOC (SIEM), Mobile Penetration Testing, Web Application Penetration Testing), duration 3 years

Technical Director (Krypton Security)
- Team Lead Penetration Testing Team
- Penetration Testing (Network, Application, Mobile, Core Banking)
- Project Management
- Plan a SOC (budget & resource planning, architecture, processes)
- Source Code Audit, Secure Development, Threat Modeling
- IT-Compliance & Policy validation, Configuration Hardening
- Project/Engagement Management

2017 - 2017: Application and Solution Security Testing of the Payment Solution for Refugee Program (duration 3 months)

Role: Technical Director
Customer: Krypton Security

Tasks:

Security Assessment (Windows, PHP, C#, Oracle)
Network & Application Penetration Testing, Configuration Hardening

2014 - 2014: Application Penetration Tests, Source Code Audit, Hardening, (duration 3 months)

Role: Security Consultant
Customer: Virtual Forge GmbH

Tasks:

Source Code Audit (SAP ABAP & SAP Java)
Project Management
Threat Modeling, Secure Development
Application and Configuration Hardening

2013 - 2013: Source code audits of in-house Intranet and 3rd party B2B applications, (duration 2 months)

Role: Security Consultant
Customer: n.runs professionals GmbH

Tasks:

Source code audits (J2EE, Java, .NET Framework, C#, C++, proprietary RPCs)
Reverse Engineering
Web security & Transport security, Secure storage

2013 - 2013: Infrastructure Penetration Test (duration 1 month)

Role: Security Consultant
Customer: n.runs professionals GmbH

Tasks:

Security analysis based on IT compliance and policy framework
Infrastructure Penetration Testing
Denial of service tests to test BCM (business continuity management) processes of outsourcing provider (ITSCM)

2013 - 2013: Security analysis on a gaming console from the network perspective (duration 3 months)

Role: Security Consultant
Customer: n.runs professionals GmbH

Tasks:

Security analysis based on developed network threat model
Hardware security
Fuzzing, Transport security, Attack surface reduction
Development network analysis tools
Exploit Development

2012 - 2012: Multiple internal product security audits

Role: Security Consultant
Customer: n.runs professionals GmbH

Tasks:

Generally based on source code audits (C/C++/C#, Java)
Fuzzing, Threat Modeling, Secure developmen

Position

Managing Director (CTO)

Kompetenzen

Top-Skills

Penetrationstest Entwickler Risikomanagement

Produkte / Standards / Erfahrungen / Methoden

EXPERTISE

Information Security�and Architecture
Application Development

WORK EXPERIENCE

Development since 1998�(25 years)
Cyber-/IT-Security since 2006�(17 years)
Project Management�(17 years)�

SKILLS

IT-Security Architecture
Project-Management
Risk Management
IT-Security Compliance,�Policy Development, and GRC
Penetration Testing
Secure Administration &�Hardening
Secure Development &�Source Code Review
Mobile & Web Application�Security
Identity Management &�Access Control
SOC, SIEM, and Cloud SIEM
Reverse Engineering and�Binary Analysis (Malware)
Forensic Investigations
Agile Project-Management

EMPLOYMENT HISTORY
2022 - today
Customer: on Request
Role:�Founder & CTO�

2018 - 2021
Customer:�Salesforce in Dublin, Ireland
Role:�Global Lead for Mobile Application Security�and Service Cloud Application Security - Senior�Security Applications Engineer

2015 - 2018
Customer:�Krypton Security (Middle East)
Role:�Technical Director & Senior Partner�Project sizes 20k USD ? 4M USD

2014 - 2014
Customer:�Virtual Forge GmbH in Germany
Role:�Senior IT Security�Consultant & Project Management�

2012 - 2014
Customer:�n.runs professionals GmbH in Germany
Role:�Senior IT�Security Consultant & PM�

2007 - 2012
Customer:�Xing AG in Germany
Role:�Senior Software Engineer &�Technical Project Management�

2000 - 2007
Customer:�Intersoft AG in Germany
Role:�Software Engineer &�Performance Specialist, technical key role in�projects up to 50 Mio. ?�

Betriebssysteme

Linux

*BSD

iOS

Android

Unix

Solaris

all Windows versions

MacOS

Programmiersprachen

C, C++

Java

Python

Ruby

PHP

Perl

Lua

Shell scripting

Objective-C

Branchen

Banking, Financial Services & Insurance
Internet and Technology
Telecommunication
Services Industry
Manufacturing
Retails & Distribution

Einsatzorte

L�nder

Deutschland

Remote-Arbeit

m�glich

Projekte

security for mobile applications, service cloud, and external identity management
Project management
Risk assessments and risk evaluation
Security advisor for internal DevOps teams and management
Security sign-off for releases
Incident handling with SOC (SIEM / SOAR)
Management of external audits and penetration tests
Prioritization and evaluation of identified and reported security vulnerabilities (internal & external)
Review of existing processes and policies
IT-security policy development including disaster recovery planning
Code review
Exploit & POC development

Technical Director (Krypton Security)Team Lead Penetration Testing Team
- Penetration Testing (Network, Application, Mobile, Core Banking), incl. Red Team Testing
- Project Management & Remediation Planning
- IT-Security Architecture
- IT-Compliance & Policy validation, Configuration Hardening
- Incident Management/Forensic Investigation
- Managed Service offerings for SOCs including incident handling, SIEM/IDS Use Case Development, and SOPs
- Source Code Audit, Secure Development, Quality Assurance
- Threat Modeling

Technical Director (Krypton Security)
- Team Lead Penetration Testing Team
- Penetration Testing (Network, Application, Mobile, Core Banking)
- Project Management
- Plan a SOC (budget & resource planning, architecture, processes)
- Source Code Audit, Secure Development, Threat Modeling
- IT-Compliance & Policy validation, Configuration Hardening
- Project/Engagement Management

2017 - 2017: Application and Solution Security Testing of the Payment Solution for Refugee Program (duration 3 months)

Role: Technical Director
Customer: Krypton Security

Tasks:

Security Assessment (Windows, PHP, C#, Oracle)
Network & Application Penetration Testing, Configuration Hardening

2014 - 2014: Application Penetration Tests, Source Code Audit, Hardening, (duration 3 months)

Role: Security Consultant
Customer: Virtual Forge GmbH

Tasks:

Source Code Audit (SAP ABAP & SAP Java)
Project Management
Threat Modeling, Secure Development
Application and Configuration Hardening

2013 - 2013: Source code audits of in-house Intranet and 3rd party B2B applications, (duration 2 months)

Role: Security Consultant
Customer: n.runs professionals GmbH

Tasks:

Source code audits (J2EE, Java, .NET Framework, C#, C++, proprietary RPCs)
Reverse Engineering
Web security & Transport security, Secure storage

2013 - 2013: Infrastructure Penetration Test (duration 1 month)

Role: Security Consultant
Customer: n.runs professionals GmbH

Tasks:

Security analysis based on IT compliance and policy framework
Infrastructure Penetration Testing
Denial of service tests to test BCM (business continuity management) processes of outsourcing provider (ITSCM)

2013 - 2013: Security analysis on a gaming console from the network perspective (duration 3 months)

Role: Security Consultant
Customer: n.runs professionals GmbH

Tasks:

Security analysis based on developed network threat model
Hardware security
Fuzzing, Transport security, Attack surface reduction
Development network analysis tools
Exploit Development

2012 - 2012: Multiple internal product security audits

Role: Security Consultant
Customer: n.runs professionals GmbH

Tasks:

Generally based on source code audits (C/C++/C#, Java)
Fuzzing, Threat Modeling, Secure developmen

Position

Managing Director (CTO)

Kompetenzen

Top-Skills

Penetrationstest Entwickler Risikomanagement

Produkte / Standards / Erfahrungen / Methoden

EXPERTISE

Information Security�and Architecture
Application Development

WORK EXPERIENCE

Development since 1998�(25 years)
Cyber-/IT-Security since 2006�(17 years)
Project Management�(17 years)�

SKILLS

IT-Security Architecture
Project-Management
Risk Management
IT-Security Compliance,�Policy Development, and GRC
Penetration Testing
Secure Administration &�Hardening
Secure Development &�Source Code Review
Mobile & Web Application�Security
Identity Management &�Access Control
SOC, SIEM, and Cloud SIEM
Reverse Engineering and�Binary Analysis (Malware)
Forensic Investigations
Agile Project-Management

Betriebssysteme

Linux

*BSD

iOS

Android

Unix

Solaris

all Windows versions

MacOS

Programmiersprachen

C, C++

Java

Python

Ruby

PHP

Perl

Lua

Shell scripting

Objective-C

Branchen

Banking, Financial Services & Insurance
Internet and Technology
Telecommunication
Services Industry
Manufacturing
Retails & Distribution

Vertrauen Sie auf Randstad

Im Bereich Freelancing

Im Bereich Arbeitnehmer�berlassung / Personalvermittlung

Fragen?

Rufen Sie uns an +49 89 500316-300 oder schreiben Sie uns:

Name E-Mail-Adresse Ihre Frage

Telefonnummer Unternehmen

Ich habe die Datenschutzbestimmungen gelesen und bin damit einverstanden.

Einsatzorte

Einsatzorte

Projekte

Projekte

Position

Position

Kompetenzen

Kompetenzen

Top-Skills

Produkte / Standards / Erfahrungen / Methoden

Betriebssysteme

Programmiersprachen

Branchen

Branchen

Einsatzorte

Einsatzorte

Projekte

Projekte

Position

Position

Kompetenzen

Kompetenzen

Top-Skills

Produkte / Standards / Erfahrungen / Methoden

Betriebssysteme

Programmiersprachen

Branchen

Branchen

Vertrauen Sie auf Randstad

Fragen?

Rufen Sie uns an +49 89 500316-300 oder schreiben Sie uns:

Das Freelancer-Portal

Direktester geht's nicht! Ganz einfach Freelancer finden und direkt Kontakt aufnehmen.