Security Solution Architect / Staff Security Engineer
Aktualisiert am 14.04.2025
Profil
Freiberufler / Selbstständiger
Remote-Arbeit
Verfügbar ab: 01.05.2025
Verfügbar zu: 100%
davon vor Ort: 100%
Cloud Security
Application Security
Information Security
AI & ML Security
Compliance
AI Agents
Threat Modelling
Secure SDLC
DevSecOps
German
Muttersprache
English
fluent

Einsatzorte

Einsatzorte

Mülheim an der Ruhr (+50km)
Deutschland
möglich

Projekte

Projekte

3 months
2025-01 - now

Threat analysis on hybrid connectivity

Security Solution Architect - CISO Azure Cloud GCP AWS
Security Solution Architect - CISO
  • Threat analysis on hybrid connectivity and complex cloud network infrastructure across multi-cloud in Azure Cloud, Google Cloud Platform (GCP), and Amazon Web Services (AWS)
Azure Cloud GCP AWS
AXA Konzern AG
1 year 11 months
2023-04 - 2025-02

Internal Audit

Lead Principal Auditor DWS Cloud Native Kubernetes
Lead Principal Auditor
  • Define audit goals according to DWS Group and Deutsche Bank Security Standards
  • Understand and verify IT security control implementation across DWS technologies & processes
  • Plan and execute internal audit on Google Cloud Infrastructure and Cloud Native/Kubernetes
  • Plan and execute internal audit on CISO products, services and governance of key processes
  • Plan and execute internal audit on Software Development Lifecycle (SDLC)
DWS Cloud Native Kubernetes
DWS Group
1 year
2022-04 - 2023-03

Agile transformation

Cyber Security Consultant - CISO Kanban OKRs Asana ...
Cyber Security Consultant - CISO
  • Lead agile transformation of CISO people and processes to utilise Kanban and OKRs in Asana
  • Lead agile transformation by applying industry standards like Critical Security Controls (CSC)
  • Analyse compliance and implementation state of global and local security controls
  • Consult CISO and PwC projects on best practices and emerging threats in Cyber Security
  • Contribute knowledge to Security Champion by workshops and presentations
  • Establish and extend an Security Consultant program by applying agile methods in Asana
Kanban OKRs Asana CSC
PwC Deutschland
1 year 8 months
2020-09 - 2022-04

Customised Enterprise Solutions

DevSecOps Engineer Scrum .NET Backend AngularJS ...
DevSecOps Engineer
  • Security Specialist in agile Scrum with .NET Backend, AngularJS Frontend, and QA Specialists
  • Create and maintain Data Flow Diagrams (DFD) and Threat Modelling (ATT&CK, STRIDE)
  • Execute Vulnerability Assessments/Discovery Pentests across UI, API & AWS Cloud
  • Perform gap analysis on Application and Cloud against GMP compliance (pharma)
  • Support Lead Engineers across UI, API and AWS Cloud in Secure by Design approaches
Scrum .NET Backend AngularJS ATT&CK STRIDE UI API AWS Cloud
Bayer AG
Leverkusen
3 years 10 months
2018-07 - 2022-04

Custom Enterprise Solutions

Cloud Engineer & Python Developer AWS SCA CI/CD ...
Cloud Engineer & Python Developer
  • Design, Automate, and Operate a Machine Learning Platform in AWS (pharma)
  • Software-Composition Analysis (SCA) and Container Hardening in CI/CD (SAST, DAST, RASP)
  • Infrastructure-as-Code (CloudFormation) and Event-Driven Security (AWS Lambda)
  • SDK and API Development for Flask API (Python)
AWS SCA CI/CD SAST DAST RASP AWS Lambda Python
Bayer AG
Leverkusen
1 year 10 months
2020-01 - 2021-10

Global Secure by Design

Cyber Security Specialist AZU GCP AWS ...
Cyber Security Specialist
  • Ensure Secure by Design in a Global Multi-Cloud Service Catalogue (AZU, GCP, AWS)
  • Perform Threat Modelling and Risk Analysis for all Multi-Cloud Product Lines
  • Develop Agile Security Assessments in Sprint at Scale with Automated Tools
  • Support Scrum Teams on Security Practices by hands-on Engineering (DevSecOps)
AZU GCP AWS DevSecOps
Vodafone Group
Düsseldorf
11 months
2019-01 - 2019-11

Cloud Operations

Cloud Engineer J2EE Python Terraform ...
Cloud Engineer
  • Design, Automate, and Operate a Cloud Native Platform in Google Cloud Platform
  • Move and Improve J2EE and Python Applications to Google Kubernetes Engines
  • Infrastructure-as-Code (Terraform, Python-SDK)
  • Evaluate Container Security with Falco/Twistlock (SCA, SAST) and other DevSecOps controls
J2EE Python Terraform Falco Twistlock SCA SAST
ALDI International IT Services
Mülheim a.d.R.
2 years 1 month
2016-06 - 2018-06

Security Assessment

IT Security Consultant Node.js API security OAuth2 ...
IT Security Consultant

  • Perform security assessments and propose risk mitigation strategies
  • Perform threat analysis on various technologies and business propositions
  • Manage security pentests and support risk remediation
  • Extend baseline security requirements with DevSecOps and AWS security controls
  • Security champion in agile software development projects
  • Apigee API Gateway (Node.js, API security, OAuth2, OIDC)
  • Microservice B2B Integration (Kubernetes, Docker, Java Springboot, Microservice   Security, mTLS, JWT, Bearer-Tokens)
  • Cloud SD-WAN Viptela (API Security, SAML Security, CPE/vCPE Security)  

Node.js API security OAuth2 OIDC Kubernetes Docker Java Springboot Microservice Security mTLS JWT Bearer-Tokens API Security SAML Security CPE/vCPE Security
Vodafone Group
Düsseldorf
8 months
2015-10 - 2016-05

Cyber Security

IT Security Consultant
IT Security Consultant

  • Current state assessments on strategic network security capabilities
  • Developing balanced scorecards in cooperation with international SMEs
  • IT infrastructure reporting on KPIs to senior management boards
  • Data validation, KPI improvements and automation of KPI reporting 

Deutsche Bank
Frankfurt am Main
4 years
2011-07 - 2015-06

Impentation of IT security products

Information Security Specialist ISO 27001 BSI ITIL
Information Security Specialist
  • Lead implementer TÜVRheinland "Certified Cloud Service? (ISO 27001, BSI, ITIL)
  • Evaluate, design and implement state-of-art IT security products
  • Act as Subject Matter Expert (SME) on IT security architecture and operations
  • Perform security incident handling, vulnerability/risk management and audits
ISO 27001 BSI ITIL
HELIOS IT Service GmbH
Berlin
7 months
2013-09 - 2014-03

Sabbatical

Australia, Indonesia, Malaysia, and New Zealand
1 year 11 months
2009-08 - 2011-06

Design and operation

Network Security Specialist LAN WAN Firewall ...
Network Security Specialist
  • Design and operation of the heterogeneous LAN/WAN infrastructure
  • Design and operation of the heterogeneous Firewall/VPN/IPS/APT infrastructure
  • Operations of network services like DNS, NTP, NAC, AAA und PKI
  • Operations of network, system, and security monitoring (SIEM)
  • Project management of a network redesign to meet BSI/ISO 27001 requirements
  • 3rd level support and troubleshooting
LAN WAN Firewall VPN IPS APT DNS NTP NAC AAA PKI BSI/ISO 27001
gematik mbH
Berlin
9 months
2008-11 - 2009-07

network security reviews

IT Security Consultant
IT Security Consultant

  • Preparation, analysis and presentation of large-scale network security reviews
  • Perform penetration tests and audits on web services, OS and networks
  • Evaluate best-of-breed IDS-/IPS-, NAC- and DLP Solutions jointly with customers
  • 3rd level support for web-application firewalls

cirosec GmbH
Heilbronn
1 year
2006-09 - 2007-08

TCP/IP and IPv6 essential courses

Trainer and Trainee
Trainer and Trainee
  • Trainer for TCP/IP and IPv6 essential courses based on Cisco products
  • Performing network site survey for an international airline
Salinas IT-Service GmbH
Berlin

Aus- und Weiterbildung

Aus- und Weiterbildung

7 months
2008-03 - 2008-09

Diploma Thesis

cirosec GmbH, Heilbronn
cirosec GmbH, Heilbronn
Topic on request
4 years 6 months
2004-03 - 2008-08

Computer Science

Dipl. Inf. FH, Hochschule Furtwangen University
Dipl. Inf. FH
Hochschule Furtwangen University

  • Computer networks
  • XML- and web services
  • IT security

6 months
2007-09 - 2008-02

Trainee program

cirosec GmbH, Heilbronn
cirosec GmbH, Heilbronn
  • Perform network security reviews, penetration tests and audits
  • Perform IT risk assessments on BSI/ISO 27001 requirements
5 months
2005-03 - 2005-07

Study abroad

Czech Technical University in Prague
Czech Technical University in Prague
  • Local networks
  • C++ programming
  • Applied cryptography
3 years
1999-08 - 2002-07

Apprenticeship IT Engineer

Phoenix Contact GmbH & Co. KG, Blomberg
Phoenix Contact GmbH & Co. KG, Blomberg
  • Principles of electrical engineering, industrial automation, and technology

Position

Position

  • Security Solution Architect
  • Staff Security Engineer
  • Cloud Security Specialist
  • Application Security Specialist
  • Information Security Specialist
  • MLOps/AI Security Specialist
  • Lead Principal Auditor
  • Agile Transformation Specialist
  • GXP Compliance Specialist

Kompetenzen

Kompetenzen

Top-Skills

Cloud Security Application Security Information Security AI & ML Security Compliance AI Agents Threat Modelling Secure SDLC DevSecOps

Produkte / Standards / Erfahrungen / Methoden

Skills

  • Security Solution Architect
  • Technology Security Assessments
  • Threat Modelling
  • Cloud Security
  • Cloud Native Security
  • Application Security
  • MLOps Security
  • AI Security
  • Secure SDLC
  • DevSecOps
  • Risk Management
  • Information Security Management
  • Agile Transformation


Work Experience

01/2025 - today

Role: Security Solution Architect - CISO

Customer: AXA Konzern AG


04/2023 - 03/2025

Role: Lead Principal Auditor 

Customer: DWS Group


Tasks:

Internal Audit


04/2022 - 03/2023

Role: Cyber Security Consultant - CISO

Customer: PwC Deutschland


09/2020 - 04/2022

Role: DevSecOps Engineer 

Customer: Bayer AG


Tasks:

Custom Enterprise Solutions


07/2018 - 04/2022

Role: Cloud Engineer & Python Developer 

Customer: Bayer AG


Tasks:

Custom Enterprise Solutions


01/2020 ? 10/2021

Role: Cyber Security Specialist 

Customer: Vodafone Group


Tasks:

Global Secure by Design


01/2019 - 11/2019

Role: Cloud Engineer

Customer: ALDI International Services


Tasks:

Cloud Operations


06/2016 - 06/2018

Role: IT Security Consultant

Customer: Vodafone Group


Tasks:

Security Assessment


10/2015 - 05/2016

Role: IT Security Consultant

Customer: Deutsche Bank


Tasks:

Cyber Security


07/2011 - 06/2015

Role: Information Security Specialist

Customer: HELIOS IT Service GmbH


08/2009 - 06/2011

Role: Network Security Specialist

Customer: gematik mbH


11/2008 - 07/2009

Role: IT Security Consultant

Customer: cirosec GmbH

Branchen

Branchen

  • IT Service Provider
  • IT Consulting
  • Telecommunications
  • Healthcare
  • Finance and Banking
  • Energy Industry
  • Pharma Industry

Einsatzorte

Einsatzorte

Mülheim an der Ruhr (+50km)
Deutschland
möglich

Projekte

Projekte

3 months
2025-01 - now

Threat analysis on hybrid connectivity

Security Solution Architect - CISO Azure Cloud GCP AWS
Security Solution Architect - CISO
  • Threat analysis on hybrid connectivity and complex cloud network infrastructure across multi-cloud in Azure Cloud, Google Cloud Platform (GCP), and Amazon Web Services (AWS)
Azure Cloud GCP AWS
AXA Konzern AG
1 year 11 months
2023-04 - 2025-02

Internal Audit

Lead Principal Auditor DWS Cloud Native Kubernetes
Lead Principal Auditor
  • Define audit goals according to DWS Group and Deutsche Bank Security Standards
  • Understand and verify IT security control implementation across DWS technologies & processes
  • Plan and execute internal audit on Google Cloud Infrastructure and Cloud Native/Kubernetes
  • Plan and execute internal audit on CISO products, services and governance of key processes
  • Plan and execute internal audit on Software Development Lifecycle (SDLC)
DWS Cloud Native Kubernetes
DWS Group
1 year
2022-04 - 2023-03

Agile transformation

Cyber Security Consultant - CISO Kanban OKRs Asana ...
Cyber Security Consultant - CISO
  • Lead agile transformation of CISO people and processes to utilise Kanban and OKRs in Asana
  • Lead agile transformation by applying industry standards like Critical Security Controls (CSC)
  • Analyse compliance and implementation state of global and local security controls
  • Consult CISO and PwC projects on best practices and emerging threats in Cyber Security
  • Contribute knowledge to Security Champion by workshops and presentations
  • Establish and extend an Security Consultant program by applying agile methods in Asana
Kanban OKRs Asana CSC
PwC Deutschland
1 year 8 months
2020-09 - 2022-04

Customised Enterprise Solutions

DevSecOps Engineer Scrum .NET Backend AngularJS ...
DevSecOps Engineer
  • Security Specialist in agile Scrum with .NET Backend, AngularJS Frontend, and QA Specialists
  • Create and maintain Data Flow Diagrams (DFD) and Threat Modelling (ATT&CK, STRIDE)
  • Execute Vulnerability Assessments/Discovery Pentests across UI, API & AWS Cloud
  • Perform gap analysis on Application and Cloud against GMP compliance (pharma)
  • Support Lead Engineers across UI, API and AWS Cloud in Secure by Design approaches
Scrum .NET Backend AngularJS ATT&CK STRIDE UI API AWS Cloud
Bayer AG
Leverkusen
3 years 10 months
2018-07 - 2022-04

Custom Enterprise Solutions

Cloud Engineer & Python Developer AWS SCA CI/CD ...
Cloud Engineer & Python Developer
  • Design, Automate, and Operate a Machine Learning Platform in AWS (pharma)
  • Software-Composition Analysis (SCA) and Container Hardening in CI/CD (SAST, DAST, RASP)
  • Infrastructure-as-Code (CloudFormation) and Event-Driven Security (AWS Lambda)
  • SDK and API Development for Flask API (Python)
AWS SCA CI/CD SAST DAST RASP AWS Lambda Python
Bayer AG
Leverkusen
1 year 10 months
2020-01 - 2021-10

Global Secure by Design

Cyber Security Specialist AZU GCP AWS ...
Cyber Security Specialist
  • Ensure Secure by Design in a Global Multi-Cloud Service Catalogue (AZU, GCP, AWS)
  • Perform Threat Modelling and Risk Analysis for all Multi-Cloud Product Lines
  • Develop Agile Security Assessments in Sprint at Scale with Automated Tools
  • Support Scrum Teams on Security Practices by hands-on Engineering (DevSecOps)
AZU GCP AWS DevSecOps
Vodafone Group
Düsseldorf
11 months
2019-01 - 2019-11

Cloud Operations

Cloud Engineer J2EE Python Terraform ...
Cloud Engineer
  • Design, Automate, and Operate a Cloud Native Platform in Google Cloud Platform
  • Move and Improve J2EE and Python Applications to Google Kubernetes Engines
  • Infrastructure-as-Code (Terraform, Python-SDK)
  • Evaluate Container Security with Falco/Twistlock (SCA, SAST) and other DevSecOps controls
J2EE Python Terraform Falco Twistlock SCA SAST
ALDI International IT Services
Mülheim a.d.R.
2 years 1 month
2016-06 - 2018-06

Security Assessment

IT Security Consultant Node.js API security OAuth2 ...
IT Security Consultant

  • Perform security assessments and propose risk mitigation strategies
  • Perform threat analysis on various technologies and business propositions
  • Manage security pentests and support risk remediation
  • Extend baseline security requirements with DevSecOps and AWS security controls
  • Security champion in agile software development projects
  • Apigee API Gateway (Node.js, API security, OAuth2, OIDC)
  • Microservice B2B Integration (Kubernetes, Docker, Java Springboot, Microservice   Security, mTLS, JWT, Bearer-Tokens)
  • Cloud SD-WAN Viptela (API Security, SAML Security, CPE/vCPE Security)  

Node.js API security OAuth2 OIDC Kubernetes Docker Java Springboot Microservice Security mTLS JWT Bearer-Tokens API Security SAML Security CPE/vCPE Security
Vodafone Group
Düsseldorf
8 months
2015-10 - 2016-05

Cyber Security

IT Security Consultant
IT Security Consultant

  • Current state assessments on strategic network security capabilities
  • Developing balanced scorecards in cooperation with international SMEs
  • IT infrastructure reporting on KPIs to senior management boards
  • Data validation, KPI improvements and automation of KPI reporting 

Deutsche Bank
Frankfurt am Main
4 years
2011-07 - 2015-06

Impentation of IT security products

Information Security Specialist ISO 27001 BSI ITIL
Information Security Specialist
  • Lead implementer TÜVRheinland "Certified Cloud Service? (ISO 27001, BSI, ITIL)
  • Evaluate, design and implement state-of-art IT security products
  • Act as Subject Matter Expert (SME) on IT security architecture and operations
  • Perform security incident handling, vulnerability/risk management and audits
ISO 27001 BSI ITIL
HELIOS IT Service GmbH
Berlin
7 months
2013-09 - 2014-03

Sabbatical

Australia, Indonesia, Malaysia, and New Zealand
1 year 11 months
2009-08 - 2011-06

Design and operation

Network Security Specialist LAN WAN Firewall ...
Network Security Specialist
  • Design and operation of the heterogeneous LAN/WAN infrastructure
  • Design and operation of the heterogeneous Firewall/VPN/IPS/APT infrastructure
  • Operations of network services like DNS, NTP, NAC, AAA und PKI
  • Operations of network, system, and security monitoring (SIEM)
  • Project management of a network redesign to meet BSI/ISO 27001 requirements
  • 3rd level support and troubleshooting
LAN WAN Firewall VPN IPS APT DNS NTP NAC AAA PKI BSI/ISO 27001
gematik mbH
Berlin
9 months
2008-11 - 2009-07

network security reviews

IT Security Consultant
IT Security Consultant

  • Preparation, analysis and presentation of large-scale network security reviews
  • Perform penetration tests and audits on web services, OS and networks
  • Evaluate best-of-breed IDS-/IPS-, NAC- and DLP Solutions jointly with customers
  • 3rd level support for web-application firewalls

cirosec GmbH
Heilbronn
1 year
2006-09 - 2007-08

TCP/IP and IPv6 essential courses

Trainer and Trainee
Trainer and Trainee
  • Trainer for TCP/IP and IPv6 essential courses based on Cisco products
  • Performing network site survey for an international airline
Salinas IT-Service GmbH
Berlin

Aus- und Weiterbildung

Aus- und Weiterbildung

7 months
2008-03 - 2008-09

Diploma Thesis

cirosec GmbH, Heilbronn
cirosec GmbH, Heilbronn
Topic on request
4 years 6 months
2004-03 - 2008-08

Computer Science

Dipl. Inf. FH, Hochschule Furtwangen University
Dipl. Inf. FH
Hochschule Furtwangen University

  • Computer networks
  • XML- and web services
  • IT security

6 months
2007-09 - 2008-02

Trainee program

cirosec GmbH, Heilbronn
cirosec GmbH, Heilbronn
  • Perform network security reviews, penetration tests and audits
  • Perform IT risk assessments on BSI/ISO 27001 requirements
5 months
2005-03 - 2005-07

Study abroad

Czech Technical University in Prague
Czech Technical University in Prague
  • Local networks
  • C++ programming
  • Applied cryptography
3 years
1999-08 - 2002-07

Apprenticeship IT Engineer

Phoenix Contact GmbH & Co. KG, Blomberg
Phoenix Contact GmbH & Co. KG, Blomberg
  • Principles of electrical engineering, industrial automation, and technology

Position

Position

  • Security Solution Architect
  • Staff Security Engineer
  • Cloud Security Specialist
  • Application Security Specialist
  • Information Security Specialist
  • MLOps/AI Security Specialist
  • Lead Principal Auditor
  • Agile Transformation Specialist
  • GXP Compliance Specialist

Kompetenzen

Kompetenzen

Top-Skills

Cloud Security Application Security Information Security AI & ML Security Compliance AI Agents Threat Modelling Secure SDLC DevSecOps

Produkte / Standards / Erfahrungen / Methoden

Skills

  • Security Solution Architect
  • Technology Security Assessments
  • Threat Modelling
  • Cloud Security
  • Cloud Native Security
  • Application Security
  • MLOps Security
  • AI Security
  • Secure SDLC
  • DevSecOps
  • Risk Management
  • Information Security Management
  • Agile Transformation


Work Experience

01/2025 - today

Role: Security Solution Architect - CISO

Customer: AXA Konzern AG


04/2023 - 03/2025

Role: Lead Principal Auditor 

Customer: DWS Group


Tasks:

Internal Audit


04/2022 - 03/2023

Role: Cyber Security Consultant - CISO

Customer: PwC Deutschland


09/2020 - 04/2022

Role: DevSecOps Engineer 

Customer: Bayer AG


Tasks:

Custom Enterprise Solutions


07/2018 - 04/2022

Role: Cloud Engineer & Python Developer 

Customer: Bayer AG


Tasks:

Custom Enterprise Solutions


01/2020 ? 10/2021

Role: Cyber Security Specialist 

Customer: Vodafone Group


Tasks:

Global Secure by Design


01/2019 - 11/2019

Role: Cloud Engineer

Customer: ALDI International Services


Tasks:

Cloud Operations


06/2016 - 06/2018

Role: IT Security Consultant

Customer: Vodafone Group


Tasks:

Security Assessment


10/2015 - 05/2016

Role: IT Security Consultant

Customer: Deutsche Bank


Tasks:

Cyber Security


07/2011 - 06/2015

Role: Information Security Specialist

Customer: HELIOS IT Service GmbH


08/2009 - 06/2011

Role: Network Security Specialist

Customer: gematik mbH


11/2008 - 07/2009

Role: IT Security Consultant

Customer: cirosec GmbH

Branchen

Branchen

  • IT Service Provider
  • IT Consulting
  • Telecommunications
  • Healthcare
  • Finance and Banking
  • Energy Industry
  • Pharma Industry

Vertrauen Sie auf Randstad

Im Bereich Freelancing
Im Bereich Arbeitnehmerüberlassung / Personalvermittlung

Fragen?

Rufen Sie uns an +49 89 500316-300 oder schreiben Sie uns:

Das Freelancer-Portal

Direktester geht's nicht! Ganz einfach Freelancer finden und direkt Kontakt aufnehmen.