Remote - weltweit möglich.
Regional aktuell auf Hamburg, Schleswig-Holstein, Niedersachen und Mecklenburg Vorpommern beschränkt, basierend auf Relevanz, Dauer und Aufgabenhorizont.
Professional management and responsibility for global Cyber Security of the team Cyber Security (currently 4 FTE) in Service, Germany
Planning, implementation and further development of OT Cyber Security strategies for Security Incident and Event Management and Monitoring
Architecture and conception of network zones for implementation acc. IEC 62443 certification
Implementation of ISO 27001 policies, guidelines and processes
Coordination, identification and analyses of Cyber Security incidents and development of countermeasures
Project management with the scope of different Information Security related Cloud- and Onpremise applications and systems
Development of processes, methods and tools to detect anomalies
Performing Penetration Tests against IT / OT Infrastructure with the scope of Web apps, databases, hardware and mobile devices
Planning, implementation and further development of IT security systems and operational mentoring systems (SIEM, SOC monitoring) and improvement of automatic reports
Standardization of network schemes/designs in the IT and OT wind energy sector
Design, modeling, implementation and documentation of information security management systems (ISMS management, guidelines, processes) according to ISO 27001, KRITIS and BSI Grundschutz
Coordination and analysis of incoming security incident reports
Establishment of a Computer Emergency Response Team and be first contact to IT related security incidents and Penetration tests
Project management with the scope of different Information Security related Cloud- and Onpremise applications and systems
Implementation and coordination of security recommendations based on non-conformities in the area of LAN/WAN, SCADA, IT & OT Wind turbine systems and encryption
Design/modeling of IT security networks zones & systems including automated vulnerability analysis/scans
Management and administration of IT security systems to detect malware/ransomware and anomalies in network and web/mail traffic
Establishment and execution of regular audits in the context of ISO 27001
Establishment of regular Microsoft Active Directory audits
Achievements:
Successful company certification according to ISO 27001 in 2019
Establishment of an extended security concept within the scope of IT security training courses
Project planning and implementation of penetration tests in the energy sector
Certification as TÜV Rheinland Information Security Officer (ISO)
Additional examination KRITIS topic of "Additional test procedure competence for § 8a BSIG" incl. IT-SIG and BSI-KritisV
Creation of process documentation and documentation standards in IBM DOORS
Coordination of IT systems and their security requirements with internal and external customer projects
Administration and management of the VMware ESX server farm
Configuration of Juniper switches (EX4300/EX4550) and firewalls (SRX1500)
Installation and optimization of the Windows Active Directory DS infrastructure in customer projects
Administration and maintenance of existing Linux servers (Ubuntu/CentOS)
Administration of virtualization and deployment environment with CI/CD tool chains under the scope of Linux and Windows deployment servers in Enterprise environments
Hardening of Windows and Linux servers and application services
Implementation, documentation and testing of operating systems, networks, applications on technical equipment in the field of shipping (defense technology)
Planning and execution of penetration tests in customer projects
Implementation of vulnerability management, IT/live forensics, security information and event management (SIEM) and firewalling in customer projects
Creation of developmental product documents, requirements specifications and software documentation
Archievements:
Project support with adherence to deadline targets
Establish and improve virtualization & deployment processes including hardening parts and solutions in Military Marine projects
Execution of automated penetration tests to increase security in projects
2nd/3rd Level Support
Infrastructure project management (project planning, design, implementation)
Administration and management of Cisco FirePower (IPS SIEM) and IronPort for e-mail security infrastructure (International wide)
Planning, preparation and implementation for VDA/TÜV and ISO 27001 certification
Administration and maintenance of Linux servers (RedHat, Ubuntu, Debian, Gentoo)
Administration and maintenance of the Shopfloor Management System (SFMS)
IT Security monitoring with Nagios/OMD - Check_MK
Configuration of Cisco routers, firewalls (ASA & IOS) and switches
Installation and optimization of the Active Directory environment
Administration of the VMware ESX server farm (based on HP Blade Center)
Design/administration and maintenance of the Symantec Backup EXE, Commvault and Veeam backup infrastructure (World Wide)
Ticket handling through OTRS / RT ticket system
Installation and administration of the MobileIron Mobile Device Management (MDM) global wide
Installation/administrate of the patch management environment for Operating systems and applications
Establish and developments for automated installation based on Windows Deployment System
Migration of Windows NT to next generation Windows Server 2008 R2 and 2012 R2
Process documentation and establishing documentation standards
Archievements:
Implementation of the security concepts, mobile device management system, patch management environment and automation of software and operating systems deployment
Accelerate further Cisco-based network structures in the LAN/WAN area
Motivation to change
Company should be sold to PSA group France. Decision was clear to enter a new path. My skill set and experience in IT security is needed in the market.
Technical and professional personnel management leading employees up to 10-15 FTEs
Optimization of IT processes
Cost optimization, negotiation of contracts and vendor relationships
Reporting of budgeting in a quarterly review
Training of civilian, military and military service employees
Planning and contributing to hospital internal IT strategies and external sites
Main responsible for IT related material, hardware & software
Administration and maintenance of Microsoft Windows (NT 4.0 up to 2012 R2) and Linux based operating systems (RedHat, Debian, SuSE)
Administration and optimization of Microsoft Windows AD domains
Hardening of Windows and Linux server systems and applications according to BSI, CERTBundeswehr, Best Practices and NIST, as well as other internal guidelines to best practices
Configuration and maintenance of appliances like Cisco Firewalls (ASA, PIX), routers & switches, Enterasys Networks core switches and Checkpoint firewalls
Administration and optimization of Lotus Domino Server from version 4 to 8.5.3
Installation and administration of VMware ESX server farms
Responsibility to BCM acc. Backup and Recovery ArcServ Backup and IBM TSM
Configuration/administration and maintenance of the Symantec security environment, Sophos SafeGuard environment (UTM, Endpoint Protection, SafeGuard Easy)
Wi-Fi design and planning, installation and administration of the Cisco WLC environment to secure hospital networks
Creation of process documentation and documentation standards
Customer site visits (planning, troubleshooting and remediation)
Archievements
Implementation of security concepts to state-of-the-art security configurations and systems
Implementation of IT-Security training
Extensive experience on the Internet provider side (routing, switching) with support from external companies
Planning and implementation of the in-house telephone system to VOIP in cooperation with external service providers
Implementation of external properties and companies to the VPN network of the Federal Armed Forces Hospital Hamburg
Establishment of automation solutions for operating systems and applications
Establishment of an internal patch management system
Migration of all client systems from Microsoft Windows NT/2000/XP to latest Microsoft Windows 7/10
Establishment of a time recording system in cooperation with external service providers
Motivation to change
Time based contract of 12 years ended on March 1, 2017. IT and Security skills are in high demand in the private market economy; gaining new experience and overcoming challenges
Sales team member
Design and programming of websites
Installation, configuration of IT supported computer systems
Installation and setup of TV based satellite connections
Support of the in-house IT
Team member in the data order input department
Entry of customer orders/cancellations into the inventory control system
Checking of customer orders based on automated scripts
Supporting in-house IT
Motivation of change
Direct offer from a recruiting firm to prove yourself in a different role and start an apprenticeship in IT.
Military defense service for 10-month located in Roth/Bavaria and Kropp/Jagel, SchleswigHolstein, German
Up to 09/1999 Company named Comf@ctory, later renamed to Comsystem GmbH, Neumünster, Schleswig-Holstein, Germany
Sale of hardware and software
Setup, configuration and administration of heterogeneous networks
Modifying/Conversion of consumer goods
Installation and modification of electronic components in various devices
Motivation to change
Federal Republic of Germany drafts me into 10-month military service.
2022
2021
INE / eLearnSecurity Cyber Security and Cloud courses without certification
2020
2019
Offensive Security OSCP (Offensive Security Certified Professional) without certification
2018
2016
MCSE 2012 (Microsoft Certified Solution Expert): Cloud Platform and Infrastructure certified
2015
2014
Linux Professional Institute Certification Level 2 (LPIC) certified
2013
FURTHER EDUCATIONS
2016
2015
2014
Linux Professional Institute Certification-2 Part 1+2
2013
2012
2011
Cisco Router 1 Grundlagen der Administration
2009
2008
2003
Elektrofachkraft zur Prüfung elektrischer Datenverarbeitungseinrichtungen nach DIN VDE 701-702 gemäß BGVA2 (bisher VGB4) nach Erweiterung, Instandhaltung und Wartung
Profil:
Technical expert with experience over 20 years in IT/OT/Cyber Security, a comprehensive knowledge of Computer Information System Security, System Administration and Network Operations, and Datacenter Operations. Extensive knowledge in the areas of system security, vulnerability scanning, penetration testing, risk assessment and cyber security analysis. Experienced in leadership management over 10 years with a team up to 25 members, project coordination and system implementation of Government systems, telecommunication and larger computer networks. Security clearance (German Ü2/Ü3) is possible, if needed. Highly organized team player with the ability to effectively manage project milestones and project delivery. International work and leadership experience.
Virtualization
Microsoft Hyper-V and Microsoft Terminal Server solutions, VirtualBox, VMware ESXi, VMware Horizen, VMware Workstation, Parallels Desktop, VDI, Citrix Hypervisor, QEMU and Proxmox
LAMP System
Linux, Apache, MySQL/MariaDB, PHP
Development
Bash Scripting, Basic, Delphi, Pascal, C++, HTML with PHP and CSS, JavaScript, Hudson/ Jenkins/ Puppet/ Chef/ Ansible/ Vagrant/ Chocolate Git/ Tortoise SVN
Cloud
Amazon AWS/MWS, Google Workspace/GCP, Microsoft Azure, Hetzner
Scripting
Bash, Batch, Python, Ruby, AutoIT, VBS, Powershell
Mailing
sendmail, postfix, AmaViS, SpamAssasin, clamAV, policy-weight, sqlgrey Exchange 5.5 / 2000 / 2003 / 2007 / 2010 / 2013 / 2016
Web Servers
Apache, Nginx, Microsoft IIS, Varnish, Lighttpd Plesk, ISPConfig, Webmin
Cryptographic
Microsoft PKI, easyCA, GnuPG, PGP and S/MIME
VPN
Cisco VPN Anyconnect, OpenVPN, WireGuard, FortiNet VPN
Else
Active Directory, DNS, FileServices, WSUS, WDS, SCCM, SCOM, Radius, RRAS, OpenLDAP, , IPtables, BIND9, ProFTPd, Nagios (OMD+Check_MK), Squid2+3, TFTP/PXE, DHCPd, dnsmasq, Asterisk, Plesk, Shopfloor Management Systems (SFMS), Hospital Information Systems (KIS), Laboratory Information Systems (LIS/LIMS), Radiology Information System (RIS), Mikrotik RouterBoard, nmap, tcpdump, Whireshark, SELinux, Graylog, Sysprep, i-doit, cmdb, Docusnap, Secunia CSI, MobileIron MDM, JDisc, Netflow, OwnCloud, and a lot more.
Penetration Tester / Ethical Hacker
Environments:
Architecture:
Security:
Firewall:
Cisco ASA, FortiGate, CheckPoint, WatchGuard, SonicWall, Ubiquiti, IPtables and other
Monitoring:
Paessler PRTG, OMD, Nagios, Check_MK, NetFlow, Icinga, Zabbix, Prometheus, Microsoft SCOM
Penetration Testing:
Network, Applications, Operating System, Mobile, Web- & Wireless testing plus vulnerability research
Vulnerability scanning:
Greenbone GSA / OpenVAS, Tenable Nessus Pro/Expert, Burp Suite Pro, Metasploit, Nmap, Acunetix, HCL AppScan, Qualys VMDR, GFI Languard and a lot more
Automation:
Hudson, Jenkins, Puppet, Chef, Ansible, Vagrant, Chocolate, Bash, PowerShell, Git/Tortoise SVN, Microsoft SCCM, Microsoft Intune/Autopilot, Microsoft Windows Deployment Services, Secunia CSI, Sysprep, WSUS, Microsoft SCOM, Microsoft Intune
DNS:
external DNS servers, BIND9, dnsmasq
VPN/Remote:
Cisco Anyconnect, Forticlient, OpenVPN/WireGuard, IPsec, Microsoft RRAS
Voice/Mobile:
Asterisk, VOIP, MobileIron MDM, BlackBerry Server, Cisco Jabber
Documentation:
Omnitracker, i-Doit, CMDB, Docusnap, JDisc
Others:
Praktika
1994 - 1994
Role: Schülerpraktikum
Customer: Ing. Büro M. Karp, Königs Wusterhausen
Tasks:
Direktester geht's nicht! Ganz einfach Freelancer finden und direkt Kontakt aufnehmen.