• Ensured ISO 27001 and NIS-2 compliance while establishing an AI Governance framework and secure SaaS integration within the Microsoft 365 workspace
• Led enterprise-wide cybersecurity operations and incident management, reducing audit findings to zero.
• Focus areas: ISO 27001, NIS-2, AI Governance, Information Security Management System (ISMS), Risk Management, SaaS Security, Compliance, Artificial Intelligence

• Delivering lectures and hands-on workshops on AI in Cybersecurity, covering AI opportunities, limitations and security implications.
• Focus on AI risk management and secure AI implementation for corporate environments.
• Focus areas: Artificial Intelligence, Cybersecurity, AI Governance, Risk Management, Secure AI, Awareness, Compliance, ISO 42001, EU AI Act

• Assessed enterprise-wide cybersecurity posture and implemented NIS-2?aligned controls and countermeasures.
• Planned the establishment of a dedicated Cybersecurity Department and ensured the secure deployment of AI technologies.
• Focus areas: NIS-2, ISO 27001, AI Governance, ISMS, Risk Management, Identity Management, Compliance, Information Security, Artificial Intelligence

• Designed and cost-modelled managed cybersecurity cloud solutions ensuring ISO 27001-compliant architectures and scalable security operations.
• Defined SIEM/SOC frameworks and network security standards to strengthen risk and identity management.
• Focus areas: ISO 27001, Cloud Security, ISMS, SIEM, SOC, Risk Management, Identity Management, Compliance, Networks, Cybersecurity

• Assessed and implemented cybersecurity policies, controls and processes to ensure NIS-2 compliance and strengthen ISMS maturity.
• Evaluated company-wide AI usage for security and cost-efficiency to support responsible AI adoption.
• Focus areas: NIS-2, AI Governance, ISMS, Information Security, Risk Management, Compliance, Artificial Intelligence, Identity Management, Incident Management

SME for Security Architecture in the SAFe landscape performing analyses of security status on ART level and development of security architecture artefacts on Capability, Large Solution and Platform level including:

• Analysis of the DevSecOps process in all ARTs of a digitalization department
• Identification of decision points for security issues in the DevSecOps process
• Analysis of the decision levels in the SAFe framework (products, ARTs, solution, portfolio)
• Analysis of decision-making bodies and participants
• Alignment of architecture and security artefacts on all levels
• Analysis of overlaps between architecture and security artefacts
• Identification of decision points for Architecture topics
• Analysis of decision levels in the SAFe framework (products, ARTs, solution, portfolio).
• Analysis and linking to the Domain Model / Architecture Target Landscape
• Depiction of the dependencies between architecture and IT security
• Development of security guidelines for architecture, etc.
• Creation of result and management presentations

• Managed implementation of advanced Identity & Access Management (IAM, PAM) solutions with MFA and SSO integration to strengthen enterprise access security.
• Aligned access governance and ISMS controls to ensure compliance and reduce identity-related risks.
• Focus areas: IAM, PAM, SSO, MFA, Access Management, Identity Management, ISMS, Risk Management, Cybersecurity, Compliance

• Coordinated cybersecurity initiatives for cloud-based products, performing risk assessments and enforcing secure coding practices (OWASP) across development teams.
• Supported ISO 27001 compliance and improved vulnerability and incident management integration within the ISMS.
• Focus areas: ISO 27001, ISMS, OWASP, Risk Management, Vulnerability Management, Incident Management, Compliance, Secure Development, Cybersecurity

• Implemented an enterprise-wide cybersecurity strategy and security guardrails for a large-scale digital transformation project.
• Drove stakeholder engagement and aligned security controls to ensure program-wide compliance and secure development.
• Focus areas: Cybersecurity Strategy, ISMS, Security Guardrails, Risk Management, Compliance, Vulnerability Management, Incident Management, SSDLC, Stakeholder Management

Development and implementation of an ISMS in accordance with TISAX requirements including:

• Assessment of security Status and documentation
• Gapanalysis
• Processing of TISAX requirements and derivation of necessary Steps
• Analysis and editing of security policies
• Implementation of an ISMS in Organization
• Creation of processes and documentation
• Readiness assessment
• Audit support

Scrum project manager in science for following projects:

• Smart city project to detect traffic jams and accidents automatically with AI
  
• Smart railway project to improve time forecast for trains
  
• Internal railway infrastructure project to replace old and hardcoded codebase with object-oriented programming language and dynamic frontend
  

Implementation and adaptation of the CyberArk solution tothe existing infrastructure to secure privileged access (PAM) including:

• Creation and management of all accounts, safes & platforms of the acceptance environment via PVWA as well as Rest API
• Administration of CyberArk servers on infrastructure & OS level
• Execution of technical acceptance tests
• Monitoring of infrastructure components
• Documentation of processes, components & platforms
• PAM integration in existing SIEM solution