Freelancer: cybersecurity [architect | culturist | engineer]

Freiberufler / Selbstst�ndiger

Remote-Arbeit

Verf�gbar ab: 01.08.2024

Verf�gbar zu: 100%

davon vor Ort: 80%

Top-Skills

Cloud

DevOps

Security

Sicherheitsanalyse

Sicherheitsanforderung

Sicherheitsma�nahme

Automationstechnik

Prozessentwicklung

Prozessdokumentation

SystemArchitektur

Workshop

Trainer

Projektmanagement

Agile Softwareentwicklung

Qualit�tsengineering

ISO 27001

IT-Grundschutz

Risikomanagement

Sprachen

german

english

Einsatzorte

L�nder

Deutschland, Schweiz, �sterreich

Remote-Arbeit

m�glich

Projekte

Rolle

CYBERSECURITY CULTURE EVANGELIST

Projektinhalte

Security architect und DevSecOps engineer ? OnPrem / Cloud
Community builder, team and role coach, trainer
Transformation Guide for agile Security and Cloud
1,5 Line in Three-Lines-(of Defense) Model

Einsatzort

Hamburg

4 months

2023-06 - 2023-09

Build-Up Cloud Center of Excellence - Focus Security Domain and Softwaredevelopment

Transformation-Coach, Cybersecurity Consultant, Cloud-Architect AWS Azure Kubernetes ...

Rolle

Transformation-Coach, Cybersecurity Consultant, Cloud-Architect

Projektinhalte

Support for defining the tasks and Structure of the CCoE with aws, azure, gcp,�
Kinds of acting with organisation for training, news, project support
Workshops for different roles in organisation
conceptual work with cloud adoption framework (CAF)
interaction with plattform-team and soc

Produkte

aws azure gcp k8s

Kenntnisse

AWS Azure Kubernetes k8s GCP Coaching security

Kunde

solution provider

5 months

2023-05 - 2023-09

TISAX Level 3 Concept for Client-Management

Cybersecurity Expert Design-Konzept Dokumentation Workshop ...

Rolle

Cybersecurity Expert

Projektinhalte

Requirements Engineering with focus on Desktop and Mobile Devices
Process-Design with Roles, Information Artefacts and Decisions for Software-Delivery
monitoring & alerting concept
authorization workflow
workshop moderation and result reconcilation

Kenntnisse

Design-Konzept Dokumentation Workshop Moderation Requirements Engineering Anforderungsanalyse

Kunde

automotive

6 months

2023-03 - 2023-08

Concept for the use of DevOps in a digitization project of public sector

DevSecOps Engineer siam DevOps DevSecOps ...

Rolle

DevSecOps Engineer

Projektinhalte

Security Requirements: based on BSI basic protection
Scope: projcts with softwaredevelopment and cloud usage
Challenge: high dynamic in changing developers, companies and product-owner
Concept includes: general conditions for project structure and how to transform into product orgsnisation (siam), vision and values, trainings, control validation and auditing, devops pipeline
close cooperation with plattform team, project organisation, delivery manager, siam consultant

Produkte

gcp k8s

Kenntnisse

siam DevOps DevSecOps Design-Konzept Softwarearchitektur SystemArchitektur Kubernetes Souver�n sovereign cloud

Kunde

public sector

10 months

2022-01 - 2022-10

Concept and Prototyp for Security Incident (Response) Process

Cybersecurity-Expert, Process-Owner� Requirements agiles Projektmanagement Prozessentwicklung ...

Rolle

Cybersecurity-Expert, Process-Owner�

Projektinhalte

transparency for attacks, control-points to manage and improve security/it processes and resource planing�
internal ciso organisation, it department and software development
Requirements Engineering
Stakeholdermanagement
Process Design with Roles, Tasks, information-artefacts and -systems, escalation
Prototyping with JIRA
Take Care of confidential information
Suggestion for supporting Systems: CMDB, Asset Inventory, Metrics and SLAs
Interaction with SIEM

Produkte

jira

Kenntnisse

Requirements agiles Projektmanagement Prozessentwicklung Prozessautomatisierung Prozessdokumentation IT-Sicherheitsarchitektur IT-Sicherheitsmanagement Incident Management Sicherheitsanforderung Sicherheitsma�nahme

Kunde

e-commerce

1 year

2021-04 - 2022-03

AI for attack detection and semi-automation of processes

SOC Expert, Product-Owner kibana Python AWS ...

Rolle

SOC Expert, Product-Owner

Projektinhalte

more trancperancy in attacks and variants; reduce effort to detect, mitigate and report
User Interaction with huge Web-App
Requirements-Engineering
System-Design for detection, reporting, interaction (semi-automation)
UseCase Definition (Attack Patterns) and Reporting
Defining and reconcile integration

Produkte

AWS Elastic Search Python Java Git

Kenntnisse

kibana Python AWS Prozessberatung Prozessdokumentation Prozessautomatisierung Prozessentwicklung Automationstechnik DevOps Agile Softwareentwicklung Product Lifecycle SDLC Sicherheitsmanagement Sicherheitsma�nahme

Kunde

e-commerce

1 year

2020-03 - 2021-02

AWS Secure Configuration - Monitoring und Alerting for DevOps Product-Teams (Shift-Left Security, CSPM)

Cloudsecurity Expert DevOps Kotlin IntelliJ ...

Rolle

Cloudsecurity Expert

Projektinhalte

Role: Product-Owner
Goal: fast Miss-Configuration Indicators for Product-Teams in AWS environment and information for security team / soc
Scope: product development teams, plattform team and security team
Tasks:
-- definition of controls, check intervals and disabling; using aws cis benchmark and some self defined checks or from mitre framework
-- dashboard and alerting
-- defining the help system and trigger to disable chcks on different resources
-- reporting for management and training content��

Produkte

AWS Kotlin Elastic Search Vue.js Git

Kenntnisse

DevOps Kotlin IntelliJ Elastic Search

Kunde

e-commerce

1 year 10 months

2017-08 - 2019-05

Establish Security Champions as Community of Practice and Multiplier for Security Framework

Cybersecurity-Expert, Mentor, Workshop Moderator Moderation Teamleading Leadership ...

Rolle

Cybersecurity-Expert, Mentor, Workshop Moderator

Projektinhalte

Multiplier for Security-Strategy and Culture, develop Subject Matter Experts
Softwaredevelopment, Product-Development
initial Workshops
internal marketing, organise management buy-in
coordinate projects and separate different topics
experiment with different formats to play with interested people and enthusiasts
motivate people to share their knowledge and work outside their team
develop subject matter experts outside security team
continous development of internal security framework and baseline (iso27001, NIST CSF, OWASP)
use community for aws migration and adopt and learn very fast together

Kenntnisse

Moderation Teamleading Leadership Agile Coach Security Konzepte

Kunde

e-commerce

1 year 3 months

2017-09 - 2018-11

Cloud Migration - security aspects and team support

Security Manager for Software Department AWS cloud formation terraform ...

Rolle

Security Manager for Software Department

Projektinhalte

Migrate 20 Product-Teams with hundreds of Microservices from Mesos to aws cloud with GitHub and Mongo Atlas�
create trainings for product-teams with cloud security mechanism and their pifalls in distributed environments
migration concept for f5 firewall to aws waf
iam concept and sync with plattform team for different cloud providers
define secure landingzone and self-services with plattform team
support teams with monitoring, mitigation, encryption, risk-assessment, vpc, networking adoption of policies, security frameworks and security�

Produkte

AWS GitHub MongoDB

Kenntnisse

AWS cloud formation terraform Jenkins ESO-CPL DevOps Security Konzepte Cloud Computing Trainer Workshop agiles Projektmanagement

Kunde

e-commerce

Projektinhalte

4 years 10 months

2011-02 - 2015-11

Developer of own Migration-Framework

PARTNER & SYSTEMS ENGINEER

Rolle

PARTNER & SYSTEMS ENGINEER

Projektinhalte

Co-Founder: Mainframe-Migration without Code-Freeze
Infrastructure Management and Administration
Project engineer for migration project

Kunde

on Request

Einsatzort

Hamburg

Aus- und Weiterbildung

1 month

2022-05 - 2022-05

CISSP - Certified Information Systems Security Professional

CISSP, (ISC)^2

Abschluss

CISSP

Institution, Ort

(ISC)^2

Schwerpunkt

- Aspects of Secure Software Systems, spread across different landscapes (on-prem, cloud models)

- asset handling, risk & bc management

- access management

- general security principles

1 month

2018-07 - 2018-07

Leadership Training

uLead Lateral Leadership, change 4 success, hamburg

Abschluss

uLead Lateral Leadership

Institution, Ort

change 4 success, hamburg

Schwerpunkt

- training for team- and project-lead positions

- agile mindset, people interaction, conflict handling

- motivation

1 month

2017-07 - 2017-07

Agile Project Management Certification

Professional Scrum Master I, Scrum.org, Munic

Abschluss

Professional Scrum Master I

Institution, Ort

Scrum.org, Munic

Schwerpunkt

- more insides into agile pm

- new interaction models and methods

5 months

2016-03 - 2016-07

Project Management Certification

IPMA LEVEL C, PM ZERT (HAMBURG)

Abschluss

IPMA LEVEL C

Institution, Ort

PM ZERT (HAMBURG)

Schwerpunkt

- softskills and people interaction

- methods and procedures

- Level C, because project management and coordination was part of my job the last 7 years

1 month

2008-01 - 2008-01

ITIL Basics

ITIL v2 Foundation Certificate, T�V S�D

Abschluss

ITIL v2 Foundation Certificate

Institution, Ort

T�V S�D

Schwerpunkt

- Basic workshop with certification

- my focus: asset & configuration management, change management

6 years 4 months

1997-09 - 2003-12

computer science studies

Diploma in business informatics (FH), TFH Wildau

Abschluss

Diploma in business informatics (FH)

Institution, Ort

TFH Wildau

Schwerpunkt

programming: java, .net c#, c

os: suse & debian linux

data storage: oracle db, ms sql server, xml

projects:�dynamic web apps &�small network setup with ldap, smb, dns,�

diplom thesis: product-development of a E-Learning Plattform for small and medium business

Position

cyber security culture evangelist

This means that I use

my experience as a system architect, engineer and strategist
from various projects with many different people
and my broad knowledge of cyber security

to establish a security culture that encompasses the entire system - starting with employee empowerment.

My mission is to support organizations on their way to becoming secure and resilient organisms!

Kompetenzen

Top-Skills

Cloud DevOps Security Sicherheitsanalyse Sicherheitsanforderung Sicherheitsma�nahme Automationstechnik Prozessentwicklung Prozessdokumentation SystemArchitektur Workshop Trainer Projektmanagement Agile Softwareentwicklung Qualit�tsengineering ISO 27001 IT-Grundschutz AI Risikomanagement

Produkte / Standards / Erfahrungen / Methoden

Project Management

IPMA Level C

Agile

Profile:

My big drivers are challenging projects, especially those that make�sense in the long term and have a sustainable impact - cyber security is therefore made for me.�As a security culture evangelist with experience in various roles�and industries in the field of software and system development, I�see myself primarily as an enabler.�I not only implement your requirements, but also share my experience and develop solutions together. Always with the aim of supporting your organization on its way to becoming a secure and resilient organism.

SKILLS:

Mindset: agile, cooperative, initiative
Tech: curious Hands-On architect
Acting: interdisciplinary driver
Solutions: innovative & sustainable
Security culture: enabler and shift-lef

Betriebssysteme

Linux

Windows

Programmiersprachen

Python

Java

Kotlin

Typescript

Design / Entwicklung / Konstruktion

Requirements-Management

Process-Design

System-Architecture

Riskmanagement

Risk-Analysis

Threat-Modelling

Compliance & Sicherheit Finanzwesen

CISSP

BSI Grundschutz

TISAX

ISO27001

NIST CSF

OWASP

SSDLC

DevSecOps

Branchen

all: agil security as non functional requirement, security culture for secure and resilient organism
automobile / automotive: tisax level 3
public sector: project management and bsi basic protection, iso27001

Einsatzorte

L�nder

Deutschland, Schweiz, �sterreich

Remote-Arbeit

m�glich

Projekte

Rolle

CYBERSECURITY CULTURE EVANGELIST

Projektinhalte

Security architect und DevSecOps engineer ? OnPrem / Cloud
Community builder, team and role coach, trainer
Transformation Guide for agile Security and Cloud
1,5 Line in Three-Lines-(of Defense) Model

Einsatzort

Hamburg

4 months

2023-06 - 2023-09

Build-Up Cloud Center of Excellence - Focus Security Domain and Softwaredevelopment

Transformation-Coach, Cybersecurity Consultant, Cloud-Architect AWS Azure Kubernetes ...

Rolle

Transformation-Coach, Cybersecurity Consultant, Cloud-Architect

Projektinhalte

Support for defining the tasks and Structure of the CCoE with aws, azure, gcp,�
Kinds of acting with organisation for training, news, project support
Workshops for different roles in organisation
conceptual work with cloud adoption framework (CAF)
interaction with plattform-team and soc

Produkte

aws azure gcp k8s

Kenntnisse

AWS Azure Kubernetes k8s GCP Coaching security

Kunde

solution provider

5 months

2023-05 - 2023-09

TISAX Level 3 Concept for Client-Management

Cybersecurity Expert Design-Konzept Dokumentation Workshop ...

Rolle

Cybersecurity Expert

Projektinhalte

Requirements Engineering with focus on Desktop and Mobile Devices
Process-Design with Roles, Information Artefacts and Decisions for Software-Delivery
monitoring & alerting concept
authorization workflow
workshop moderation and result reconcilation

Kenntnisse

Design-Konzept Dokumentation Workshop Moderation Requirements Engineering Anforderungsanalyse

Kunde

automotive

6 months

2023-03 - 2023-08

Concept for the use of DevOps in a digitization project of public sector

DevSecOps Engineer siam DevOps DevSecOps ...

Rolle

DevSecOps Engineer

Projektinhalte

Security Requirements: based on BSI basic protection
Scope: projcts with softwaredevelopment and cloud usage
Challenge: high dynamic in changing developers, companies and product-owner
Concept includes: general conditions for project structure and how to transform into product orgsnisation (siam), vision and values, trainings, control validation and auditing, devops pipeline
close cooperation with plattform team, project organisation, delivery manager, siam consultant

Produkte

gcp k8s

Kenntnisse

siam DevOps DevSecOps Design-Konzept Softwarearchitektur SystemArchitektur Kubernetes Souver�n sovereign cloud

Kunde

public sector

10 months

2022-01 - 2022-10

Concept and Prototyp for Security Incident (Response) Process

Cybersecurity-Expert, Process-Owner� Requirements agiles Projektmanagement Prozessentwicklung ...

Rolle

Cybersecurity-Expert, Process-Owner�

Projektinhalte

transparency for attacks, control-points to manage and improve security/it processes and resource planing�
internal ciso organisation, it department and software development
Requirements Engineering
Stakeholdermanagement
Process Design with Roles, Tasks, information-artefacts and -systems, escalation
Prototyping with JIRA
Take Care of confidential information
Suggestion for supporting Systems: CMDB, Asset Inventory, Metrics and SLAs
Interaction with SIEM

Produkte

jira

Kenntnisse

Kunde

e-commerce

1 year

2021-04 - 2022-03

AI for attack detection and semi-automation of processes

SOC Expert, Product-Owner kibana Python AWS ...

Rolle

SOC Expert, Product-Owner

Projektinhalte

more trancperancy in attacks and variants; reduce effort to detect, mitigate and report
User Interaction with huge Web-App
Requirements-Engineering
System-Design for detection, reporting, interaction (semi-automation)
UseCase Definition (Attack Patterns) and Reporting
Defining and reconcile integration

Produkte

AWS Elastic Search Python Java Git

Kenntnisse

Kunde

e-commerce

1 year

2020-03 - 2021-02

AWS Secure Configuration - Monitoring und Alerting for DevOps Product-Teams (Shift-Left Security, CSPM)

Cloudsecurity Expert DevOps Kotlin IntelliJ ...

Rolle

Cloudsecurity Expert

Projektinhalte

Role: Product-Owner
Goal: fast Miss-Configuration Indicators for Product-Teams in AWS environment and information for security team / soc
Scope: product development teams, plattform team and security team
Tasks:
-- definition of controls, check intervals and disabling; using aws cis benchmark and some self defined checks or from mitre framework
-- dashboard and alerting
-- defining the help system and trigger to disable chcks on different resources
-- reporting for management and training content��

Produkte

AWS Kotlin Elastic Search Vue.js Git

Kenntnisse

DevOps Kotlin IntelliJ Elastic Search

Kunde

e-commerce

1 year 10 months

2017-08 - 2019-05

Establish Security Champions as Community of Practice and Multiplier for Security Framework

Cybersecurity-Expert, Mentor, Workshop Moderator Moderation Teamleading Leadership ...

Rolle

Cybersecurity-Expert, Mentor, Workshop Moderator

Projektinhalte

Multiplier for Security-Strategy and Culture, develop Subject Matter Experts
Softwaredevelopment, Product-Development
initial Workshops
internal marketing, organise management buy-in
coordinate projects and separate different topics
experiment with different formats to play with interested people and enthusiasts
motivate people to share their knowledge and work outside their team
develop subject matter experts outside security team
continous development of internal security framework and baseline (iso27001, NIST CSF, OWASP)
use community for aws migration and adopt and learn very fast together

Kenntnisse

Moderation Teamleading Leadership Agile Coach Security Konzepte

Kunde

e-commerce

1 year 3 months

2017-09 - 2018-11

Cloud Migration - security aspects and team support

Security Manager for Software Department AWS cloud formation terraform ...

Rolle

Security Manager for Software Department

Projektinhalte

Migrate 20 Product-Teams with hundreds of Microservices from Mesos to aws cloud with GitHub and Mongo Atlas�
create trainings for product-teams with cloud security mechanism and their pifalls in distributed environments
migration concept for f5 firewall to aws waf
iam concept and sync with plattform team for different cloud providers
define secure landingzone and self-services with plattform team
support teams with monitoring, mitigation, encryption, risk-assessment, vpc, networking adoption of policies, security frameworks and security�

Produkte

AWS GitHub MongoDB

Kenntnisse

AWS cloud formation terraform Jenkins ESO-CPL DevOps Security Konzepte Cloud Computing Trainer Workshop agiles Projektmanagement

Kunde

e-commerce

Projektinhalte

4 years 10 months

2011-02 - 2015-11

Developer of own Migration-Framework

PARTNER & SYSTEMS ENGINEER

Rolle

PARTNER & SYSTEMS ENGINEER

Projektinhalte

Co-Founder: Mainframe-Migration without Code-Freeze
Infrastructure Management and Administration
Project engineer for migration project

Kunde

on Request

Einsatzort

Hamburg

Aus- und Weiterbildung

1 month

2022-05 - 2022-05

CISSP - Certified Information Systems Security Professional

CISSP, (ISC)^2

Abschluss

CISSP

Institution, Ort

(ISC)^2

Schwerpunkt

- Aspects of Secure Software Systems, spread across different landscapes (on-prem, cloud models)

- asset handling, risk & bc management

- access management

- general security principles

1 month

2018-07 - 2018-07

Leadership Training

uLead Lateral Leadership, change 4 success, hamburg

Abschluss

uLead Lateral Leadership

Institution, Ort

change 4 success, hamburg

Schwerpunkt

- training for team- and project-lead positions

- agile mindset, people interaction, conflict handling

- motivation

1 month

2017-07 - 2017-07

Agile Project Management Certification

Professional Scrum Master I, Scrum.org, Munic

Abschluss

Professional Scrum Master I

Institution, Ort

Scrum.org, Munic

Schwerpunkt

- more insides into agile pm

- new interaction models and methods

5 months

2016-03 - 2016-07

Project Management Certification

IPMA LEVEL C, PM ZERT (HAMBURG)

Abschluss

IPMA LEVEL C

Institution, Ort

PM ZERT (HAMBURG)

Schwerpunkt

- softskills and people interaction

- methods and procedures

- Level C, because project management and coordination was part of my job the last 7 years

1 month

2008-01 - 2008-01

ITIL Basics

ITIL v2 Foundation Certificate, T�V S�D

Abschluss

ITIL v2 Foundation Certificate

Institution, Ort

T�V S�D

Schwerpunkt

- Basic workshop with certification

- my focus: asset & configuration management, change management

6 years 4 months

1997-09 - 2003-12

computer science studies

Diploma in business informatics (FH), TFH Wildau

Abschluss

Diploma in business informatics (FH)

Institution, Ort

TFH Wildau

Schwerpunkt

programming: java, .net c#, c

os: suse & debian linux

data storage: oracle db, ms sql server, xml

projects:�dynamic web apps &�small network setup with ldap, smb, dns,�

diplom thesis: product-development of a E-Learning Plattform for small and medium business

Position

cyber security culture evangelist

This means that I use

my experience as a system architect, engineer and strategist
from various projects with many different people
and my broad knowledge of cyber security

to establish a security culture that encompasses the entire system - starting with employee empowerment.

My mission is to support organizations on their way to becoming secure and resilient organisms!

Kompetenzen

Top-Skills

Produkte / Standards / Erfahrungen / Methoden

Project Management

IPMA Level C

Agile

Profile:

SKILLS:

Mindset: agile, cooperative, initiative
Tech: curious Hands-On architect
Acting: interdisciplinary driver
Solutions: innovative & sustainable
Security culture: enabler and shift-lef

Betriebssysteme

Linux

Windows

Programmiersprachen

Python

Java

Kotlin

Typescript

Design / Entwicklung / Konstruktion

Requirements-Management

Process-Design

System-Architecture

Riskmanagement

Risk-Analysis

Threat-Modelling

Compliance & Sicherheit Finanzwesen

CISSP

BSI Grundschutz

TISAX

ISO27001

NIST CSF

OWASP

SSDLC

DevSecOps

Branchen

all: agil security as non functional requirement, security culture for secure and resilient organism
automobile / automotive: tisax level 3
public sector: project management and bsi basic protection, iso27001

Vertrauen Sie auf Randstad

Im Bereich Freelancing

Im Bereich Arbeitnehmer�berlassung / Personalvermittlung

Fragen?

Rufen Sie uns an +49 89 500316-300 oder schreiben Sie uns:

Name E-Mail-Adresse Ihre Frage

Telefonnummer Unternehmen

Ich habe die Datenschutzbestimmungen gelesen und bin damit einverstanden.

Einsatzorte

Projekte

Aus- und Weiterbildung

Position

Kompetenzen

Top-Skills

Produkte / Standards / Erfahrungen / Methoden

Betriebssysteme

Programmiersprachen

Design / Entwicklung / Konstruktion

Riskmanagement

Compliance & Sicherheit Finanzwesen

Branchen

Einsatzorte

Projekte

Aus- und Weiterbildung

Position

Kompetenzen

Top-Skills

Produkte / Standards / Erfahrungen / Methoden

Betriebssysteme

Programmiersprachen

Design / Entwicklung / Konstruktion

Riskmanagement

Compliance & Sicherheit Finanzwesen

Branchen

Vertrauen Sie auf Randstad

Fragen?

Rufen Sie uns an +49 89 500316-300 oder schreiben Sie uns:

Das Freelancer-Portal

Direktester geht's nicht! Ganz einfach Freelancer finden und direkt Kontakt aufnehmen.