Security Experte Schwachstellenmanagement, SOC und Pentesting, OT & IT
Aktualisiert am 06.06.2024
Profil
Freiberufler / Selbstständiger
Remote-Arbeit
Verfügbar ab: 06.06.2024
Verfügbar zu: 100%
davon vor Ort: 100%
Qualys
Vulnerability Management
OT
Audit
EPAS
Splunk
Penetrationstest
Deutsch
Muttersprache
Englisch verhandlungssicher

Einsatzorte

Einsatzorte

Deutschland, Österreich, Schweiz
möglich

Projekte

Projekte

1 Jahr 9 Monate
2022-07 - 2024-03

Projektleiter technische Umsetzung SOC Aufbau

Technischen Projektleiter SOC SIEM
Technischen Projektleiter SOC SIEM

Technical Project Manager for the Establishment of an External SOC/SIEM in the LBS Bank Group

 

 -       Selection and integration of the external SOC service provider

-       Development of use cases

-       Splunk SIEM Installation and integration / Forwarder Installation

-       Creation of processes in the banking environment in accordance with BAIT requirements

-       Technical development and adaptation of additional use cases

-       Integration of bank-specific applications (OS Plus, bit-MaRisk, SAP, etc.)

-       Integration of technical infrastructure (Active Directory, DNS, telecommunications, Sophos Antivirus, Cisco VPN, Citrix, etc.)

 

 

-       Central point of contact for all IT security incidents

-       Incident Manager for IT security incidents

-       Evaluation/analysis of incoming SOC incidents with operations

-       Further development of processes and use cases / technical design

-       Provider management of the SOC service provider

-       Development of incident response plans for emergency planning in emergency management and creation of playbooks for SOC/Operational Teams

-       Improvement of operational security through regular meetings, reports, SLA Tracking etc., on the current SOC threat landscape

-       Intensive collaboration with operational Teams as an interface to the SOC

-       Improvement of processes in the area of penetration testing and vulnerability management

-       Coordination, preparation, and follow-up of pen-test findings, Audit Findings and vulnerabilities

-       Consulting on improving IT security strategy / best practices

-       Evaluation / Consulting from new Security-Tools

-       Member of the Bank emergency Board / Incident Management 

Splunk Enterprise
LBS
Remote
8 Monate
2023-05 - 2023-12

Planung SOC Aufbau OT Netzwerke

Technischer Designer SOC Aufbau für OT Netzwerke
Technischer Designer SOC Aufbau für OT Netzwerke

-       Development of a SIEM solution for the OT (Operational Technology) sector

-       Current state analysis (IST Analysis)

-       Technical planning and coordination

-       Design of a SOC SIEM structure for OT systems

-       Consolidation planning for multiple SIEM systems (international)

-       Project Lead for the Part ?SPLUNK SIEM for OT?

Deutsche Post AG (DHL)
Bonn, Remote
6 Monate
2022-01 - 2022-06

Senior Security Analyst Qualys / Defense Security

Senior Security Analyst OT Schwachstellenmanagement
Senior Security Analyst OT Schwachstellenmanagement

Supporting the Global Defense Team as Security Analyst for Operational Technology (OT) networks with Qualys.

  • Analyse / Testing OT Components (S7, Roboter etc)

  • Supporting Stakeholder with Qualys

  • Supporting different projects

  • Onboard location (OT) into Qualys for Vulnerability scanning

  • Creating special Option Profiles (Lifecycle) for OT Components

Qualys ServiceNow SIMATIC PCS 7
Daimler AG
5 Monate
2021-08 - 2021-12

Senior Security Analyst / Projektleiter Qualys

Projektleiter Vulnerability Management
Projektleiter Vulnerability Management

Implement a Vulnerability Management for Operational Technology (OT) networks with Qualys as Pre-Project Lead for > 20 locations.

1) Analyse of current environment, technologies and Stakeholder.

2) Build up a project plan with Milestones, capacity planning, cost calculation

3) Kickoff the first locations and start onboarding

4) Create a Community with Stakeholders to create Option Profiles for OT

Qualys CentOS ServiceNow
Daimler AG
5 Monate
2021-04 - 2021-08

Rollout SOC / Process implementation

Security Expert
Security Expert

Period                                     Client/sector                                       Company size

01.04.2021 ?25.07.2021                SEPAGO                         > 200 employees

 

Position

Senior Security Expert

 

 

Responsibilities

 

Process implementation and customer onboarding for "SOC as a Service" (Security Operations Center). 

Working as Security Expert / Incident Manager for the SOC, evaluation of existing processes.

Products:

AZURE, Microsoft Defender für Endpoint, Microsoft Defender ATP

Remote
5 Jahre 3 Monate
2016-01 - 2021-03

Senior Security Analyst / Security Remediation Expert Penetration Test

Security Vulnerability Management Audit

Period                                     Client/sector                                       Company size

01.01.2016 – today                 AXA Group Operation                         > 100.000 employees

 

Position

01.01.2016: Senior Security Analyst & 01.11.2020: Vulnerability Management Expert

 

 

Responsibilities

 

  • 1) Senior Security Analyst

Remediation and coordinating of Pen Test findings (global/local) and Audit tracking. Reporting of findings and incidents to AXA Management and solver departments. Coordination and supporting incoming requests to operational resolver groups and supporting them with security requirements according to AXA Security Guidelines and deep technical knowledge.

 

Regional Manager (Northern Europe Region) for DETACK epas (Enterprise Password Assessment), appliance administration incl. maintenance and central reporting for password quality reports.

 

 

  • 2) Vulnerability Management Expert
    • Global project supporting of the Qualys Guard Infrastructure
    • Infrastructure Administration and Maintenance from Qualys Guard
    • Reporting of Vulnerabilities
    • Remediation and Tracking
    • Asset Management and Server-Onboarding
    • Vendor-Management / Coordination and support Tickets

 

 

Primary Tasks and responsibilities:

 

  • Perform activities for vulnerability scanning and policy compliance (Qualys Guard)
  • Maintain and operate password hunting and quality assurance tool
  • Manage and control audit remediation activities
  • Manage and support Pen Test activities
  • Perform security and risk assessments
  • Create security concepts

 

Security support for Sub-Tasks:

 

  • Password Clear Text Scanning
  • Support for CyberArk migration
  • Supporting the privileged User Management and recertification
  • Related requests for ICT Infrastructure and Firewall approvals
  • Security Consultant for other IT Projects
  • Support the global security Incident Management

 

 

 

Tools:

 

  • Security Tools (epas DETACK, Nessus, OpenVAS, Metasploit, Qualys)
  • Operate password hunting for Active Directory, LDAP, Windows Server, Linux, Oracle, MSSQL, Citrix and MySQL
  • Microsoft Office
epas Qualys Linux DETACK
Security Vulnerability Management Audit
AXA Group Operation
Köln
6 Monate
2015-07 - 2015-12

Senior Security Analyst / Koordinator Penetration Testing

Senior Security Analyst / Koordinator Penetration Testing
Senior Security Analyst / Koordinator Penetration Testing

Period                                     Client/sector                                       Company size

01.07.2015 – 31.12.2015        AXA Konzern AG                                > 100.000 employees

 

Position

Senior Security Analyst / Pen Test coordinator

 

Responsibilities

Pen Test coordination (internal application) and Group Reporting for the Group Pen Test Campaign 2015. Planning and setup Pen Tests with external providers, provider management and assessment of risks. Detailed preparation and debriefing with stakeholders  and support with deep technical knowledge in the remediation phase. Perform lessons learned workshops after pen test activities. Preparation of Management escalations and Risk Letters for findings with high risk or high priority, communication from findings to SOC,  external providers or to AXA Tech.

 

Qualys Guard vulnerability management:

Act as supporter for Pen testers with  Qualys Guard Scans, Web application Scans and setup circular BlackBox Tests (incl. monitoring) for non critical AXA Web Applications

AXA Konzern AG
Köln
1 Jahr 9 Monate
2013-10 - 2015-06

Senior Security Analyst / Vulnerability Management

Senior Security Analyst / Vulnerability Management
Senior Security Analyst / Vulnerability Management

Period                                Client/sector                                       Company size

01.10.2013 – 30.06.2015         AXA-Tech                                           > 100.000 employees

 

Position

Senior Security Analyst / Vulnerability Management

 

Responsibilities

Global project supporting for Qualys Guard vulnerability management:

Establishment of a new Qualys Guard infrastructure and concept for circular vulnerability scans. Detailed breakdown from the complete AXA Germany and AXA Belgium Network with the restructuring from the existing appliance solution to a virtual environment. Rebuild new Qualys Assets and integrate new processes for deployment and vulnerability scans. Maintenance and central contact for the Qualys environment after the restructure.

 

Security support for Sub-Projects:

  • Tracking from Audit Findings particular for high critical financial systems
  • Architecture and Establishment of Privileged User Management Database for Windows, Linux, VMWare, SQL and Oracle.
  • Organizational measure to capture High Privileged Accounts

Reporting, tracking and remediation of vulnerabilities, system hardening and patch management

AXA Tech
Köln
8 Monate
2013-01 - 2013-08

Senior Security Expert

Senior Security Expert
Senior Security Expert

Period                                     Client/sector                                         Company size

01.01.2013 – 31.08.2013          Deutsche Annington Immobilien SE       > 4.000 employees

                                               (Heute: Vonovia)

Position

Senior Security Expert

 

Responsibilities

Establishment of security concepts and processes for the IPO (stock market launch), risk evaluation and coordination Pen Testing.

 

  • Active vendor management for the WAN/LAN/Security/Data Centre infrastructure (as support for the service management)
  • Installation, reduction and sizing for the MPLS/VPN connectivity
  • IP Management (conception and planning) for all locations
  • Change management
  • Supporting the operational unit as 3rd level support (firewalling, network, BlueCoat Proxy SG, reverse proxy (TMG) and F5 load balancers)
  • Project lead for cross projects (Juniper SSL VPN migration from device SA4000 to MAG6611, location moves, migration of the anti-virus solution to an external vendor / SaaS)

 

Products and standards:

  • ITSM
  • IT Security (Grundschutz, BSI, various security products)
  • Juniper, Cisco
  • Blue Coat, Squid
  • McAfee
  • Alcatel-Lucent VitalQIP
Deutsche Annington Immobilien SE
Bochum
6 Monate
2012-07 - 2012-12

Senior Security Consultant Data privacy

Senior Security Consultant Data privacy
Senior Security Consultant Data privacy

Period                                     Client/sector                                         Company size

16.07.2012 – 31.12.2012          Deutsche Telekom AG  (ICM, IKS)        > 200.000 employees

 

Position

Senior Security Consultant Data privacy

 

Responsibilities

Supporting and revision of various EPR Projects (main task: Security/Privacy concepts and compliance, auditing the plausibility of concepts). Approver for authority of compliance and above concepts incl. the SoCs (Statement of Compliance) for Group-wide operational standards. Consulting for network security and infrastructure (security) solutions.

Deutsche Telekom AG
2 Monate
2012-06 - 2012-07

Cloud Strategy / Evaluation for various clients

Consultant
Consultant

Period                                     Client/sector                                         Company size

01.06.2012 – 15.07.2012          various clients                                      > 1.000 employees

 

Position

Cloud Strategy / Evaluation for various clients

 

Responsibilities

Consulting for various clients, evaluation of several cloud infrastructure solutions and IT Security. Consulting for Data Centre strategy and cost optimisation, conception of the effort and feasibility into a full managed service.

Diverse
Castrop-Rauxel
2 Monate
2012-04 - 2012-05

Security Infrastructure coordinator

Security Infrastructure coordinator
Security Infrastructure coordinator

Period                                     Client/sector                                         Company size

01.04.2012 – 31.05.2012          SIEMENS ATOS                                  > 200.000 employees

 

Position

Security Infrastructure coordinator

 

Responsibilities

Analyse of a large ICT infrastructure environment, reporting of missing ICT functions to the ATOS Board. Creating reports of Security Incident processes in the area MDS (Mobile Device Service) and Endpoint Security.

SIEMENS
Stuttgard
9 Monate
2011-07 - 2012-03

Sub-project management / set-up of a private cloud for the Deutsche Telekom Group

Sub-project management / set-up of a private cloud for the Deuts
Sub-project management / set-up of a private cloud for the Deuts

Period                                     Client/sector                                       Company size

01.07.2011 – 31.03.2012          Telekom Deutschland GmbH                > 200,000 employees

 

 

Position

Sub-project management / set-up of a private cloud for the Deutsche Telekom Group

 

Responsibilities

Conceptualisation, integration and interconnection of several cloud infrastructure solutions. Harmonisation of the framework conditions and requirements for the strategic projects from an operational standpoint, with a focus on compliance with Group-wide operational standards. Hand-over of the platforms developed during the project in a stable operating condition.

 

Primary responsibilities

  • Sub-project management in the area of technical implementation
  • Reporting, monitoring of milestone achievements and task lists, escalations
  • Product selection / comparison of various cloud products
  • Conceptualisation of the cloud environment and WAN connectivity (MPLS WAN, cloud design, integration of firewalls)
  • Agreement of requirements with the provider
  • Drafting of the operating concept
  • Design of the client’s network and security solutions
  • Conceptualisation of future IT Solution for Telekom Management (LISP, WAN Accelerator)
  • Co-ordination and approval with Group Security
  • Contract management, SLAs, statements of work / technical specification documents
  • Preparation of management-oriented decision point documents
  • Preparation for migration, hand-over to the migration team

 

Products and standards

  • Cloud computing (SaaS, PaaS, IaaS, DSI)
  • ITSM / ITIL
  • Requirements management
  • Virtualisation (ESX, vCloud, Zimory, Citrix XenApp)
  • Network (LISP, Cisco, Juniper, BlueCoat Systems, Riverbed, F5)

 

Telekom Deutschland GmbH
Bonn
2 Jahre
2009-07 - 2011-06

Security Architect, International Data centre consolidation

Security Architect, International Data centre consolidation
Security Architect, International Data centre consolidation

Period                                     Client/sector                                         Company size

07/2009 – 30.06.2011               T-Systems International (CZ, UK, NL)    > 200,000 employees

 

 

Position

Security Architect, International Data centre consolidation

 

Responsibilities

  • Migration of an existing data centre environment in the Czech Republic/UK/NL to a German cloud environment
  • Conceptualisation of the data centre inter-connectivity / expansion of existing data centre connectivity
  • Planning of new VLANs within the overall application structure
  • Conceptualisation of firewalls, load balancers, reverse proxy environments
  • Conceptualisation of application-specific network environments using AppCom / STS
  • Process support for business blueprint / security / migration
  • Planning and preparation of changes (firewall, load balancers, monitoring,…)
  • Documentation of complex projects
  • Decommissioning of legacy data centre connections and firewall systems
  • IP connectivity planning (routing, firewall environment, IP address management)

 


Products and standards

 

  • ITIL
  • Baseline security requirements in accordance with Corporate Security Policy
  • Cisco, F5, Juniper
  • Network (routing, MPLS, ATM, SDH, VPN, DMZ, IPSec, BGP)
  • Cloud computing (SaaS/PaaS, ESX, Citrix)
T-Systems International
Prag, Münster
9 Monate
2008-10 - 2009-06

Sub-project Management Security

Sub-project Manager for a SIEMENS carve out project as lead
Sub-project Manager for a SIEMENS carve out project as lead

Period                                     Client/sector                                       Company size

10/2008 - 06/2009                    SIEMENS                                            > 200,000 employees

 

Position

Sub-project Management Security

Responsibilities

Sub-project Manager for a SIEMENS carve out project as technical lead

 

  • Technical team manager on the security team
  • Planning and development of a new security infrastructure (60 Firewalls, 4 Proxys etc)
  • Categorisation of the IT systems by confidentiality, integrity and availability
  • Establishment of security concepts and processes
  • Preparation of management-oriented decision point documents
  • Drafting the security operation manual
  • On-going target/actual comparison
  • Selection of the security products
  • Planning and deployment of network coupling within the carve out
  • Integration of business partners
  • Conceptualisation and deployment of the remote LAN access structure
  • Planning of a PKI infrastructure
  • International roll-out of the firewall systems worldwide
  • Firewall administration

 

Products and standards

  • ITIL
  • Baselining in accordance with BSI basic IT protection guidelines
  • Watchguard firewalls (SSL VPN, IDS, IPS)
  • Network (routing, IPSec VPN, DMZ, network coupling, skip areas, NAT zones)
  • OTP (VASCO, two-factor authentication)
  • Anti-spam (Azeti), proxy with content/Web security
  • SAP router
  • Monitoring of the security components under NAGIOS
  • Servers (virtualisation using VMWare, Windows Server 2003/2008, Linux)
  • Microsoft Project
SIEMENS Gigaset
München
6 Monate
2008-04 - 2008-09

Sub-project management Security

Sub-project management Security
Sub-project management Security

Period                                     Client/sector                                       Company size

04/2008 - 09/2008                    DHL                                                    > 200,000 employees

                                              

 

Position

Sub-project management Security

Responsibilities

  • Sub-project management for a Client migration project (6,000 Users)
  • In charge of the areas proxies, networks, firewalls, applications
  • Supporting service management
  • Preparation of security concepts and processes for an external service provider (T-Systems)
  • Deactivation of legacy server systems and network landscapes
  • Developing global server concepts
  • Planning and migration of a proxy cluster (approx. 6,000 users)
  • Modification of the security processes
  • Preparation of changes (change management)
  • Developing a JAVA PAC file for approx. 3,500 workplace systems
  • Planning and matching of bandwidth requirements for the MPLS structure
  • Matching of DNS and DHCP

 

Products and standards

  • ITIL
  • Checkpoint firewalls
  • Network (network coupling, NAT zones, routing, MPLS, ATM)
  • Citrix
  • App-V (former SoftGrid)
  • Proxy/Internet: Squid, Finjan Secure Web Gateway (content security)
  • Directory services: Active Directory, LDAP
  • Microsoft Project
DHL
Bonn
8 Monate
2007-08 - 2008-03

Security Audit

Security management auditor for DEUTSCHE POST Management Board
Security management auditor for DEUTSCHE POST Management Board

Period                                     Client/sector                                       Company size

08/2007 - 03/2008                    DEUTSCHE POST AG                         > 200,000 employees

 

Position

Security management auditor for DEUTSCHE POST Management Board

Responsibilities

  • Auditing of IT and security projects (ITIL / CoBIT)
  • Security management audits at a data centre of a service provider
  • Preparing the audit
  • Orientation of the control objectives to the corporate structure
  • Kick-off, establishing the audit and the audit sphere
  • Interviews with the specialist departments
  • Weak-point analysis
  • Auditing of authorisation processes
  • Assessment of risks
  • Recommending improvements
  • Reporting to the Board

 

Products and standards

  • ITIL
  • CoBIT
  • Microsoft Office (PowerPoint, Word, Excel)
Bonn

Kompetenzen

Kompetenzen

Top-Skills

Qualys Vulnerability Management OT Audit EPAS Splunk Penetrationstest

Schwerpunkte

Audit
Security
Vulnerability Management

Produkte / Standards / Erfahrungen / Methoden

DETACK
Experte
epas
Experte
Qualys
Experte

Security:

  • Projektleitung und      Teilprojektleitung

  • Juniper Firewalls / SSL VPN      Gateway (SA und MAG)

  • Administration

  • PenTesting

  • Schwachstellenmanagement

  • BSI Grundschutz

  • Security Konzepte und Audits

  • PEN-Tests

  • Qualys

  • Nessus, OpenVAS, metasploit

  • Sicherheitshandbuch

  • Firewall (Juniper, Watchguard, Astaro, Linux), IDS, IPS

  • Spam, Monitoring (Nagios, Big      Brother, Azeti), Content Security, Proxy Squid

  • DMZ, Reverse Proxy (Apache, ISA, Forefront Security)

  • N-Tier / Multi-Tier

  • Network Access Control (NAC)

  • Mobile Device Security

  • PKI

  • Multi Factor Authentication (RSA,      Kobil, VASCO)

  • Watchguard Firewalls: Core, Peak,      Edge

  • VPN Watchguard SSL Appliance 500      & 1000

 

Projektleitung / Teilprojektleitung:

  • Teamleitung

  • Prince2

  • Depict

  • Compass

  • V Modell

  • Microsoft Project

  • Cobit

 

Cloud Computing:

  • Konzeption

  • Technische Umsetzung

  • Anforderungsmanagement

  • DSI, SaaS, PaaS, IaaS

  • vCloud Director, Zimory, VMWare

 

 

Service Management / Prozesse:

  • ITIL Service Management

  • Prozesse (Design und Implementierung)

  • Einkauf / Vertragsmanagement / SLA      / OLA

  • Providersteuerung

 

Netzwerk:

  • Projektleitung und      Teilprojektleitung

  • Administration

  • WAN, MPLS, ATM, SDH

  • Routing und Switching (OSPF, RIP)

  • VPN / Remote LAN Access, SSL VPN

  • UMTS, LAN

  • Cisco, F5, Juniper, Riverbed

  • VoIP, Asterisk

 

Datenbanken:

  • MySQL

  • MSSQL

 

Linux:

  • Administration

  • SuSE, Redhat, Debian, CentOS

  • DNS mit Bind, DHCP, Squid, Apache, Samba, Cluster, iptables, Postfix, Sendmail, qmail, Proxy

  • Scalix, IMAP POP3 SMTP

  • Shellscript Programmierung

  • NFS

 

Microsoft Windows:

  • Administration

  • Windows Server

  • Active Directory      (Planung/Aufbau/Installation/Administration)

  • Exchange 2007

  • Sharepoint MOS

  • IIS Webserver

  • Clusterlösungen

  • ISA

  • Cloud

 

Storagelösungen:

  • SAN

  • NAS

  • NFS

 

Authentifizierung

  • OTP Token

  • Radius Server

  • PKI

  • SSO (Single Sign On)

 

Telefonanlagen:

  • Siemens Hicom / Hipath

  • VoIP

  • Asterisk

 

Sonstige Produkte und Erfahrungen:

  • Virtualisierung (VMWare, XEN)

  • Aufbau Rechenzentrum / Datacenters

  • Webservices / Portallösungen

  • Cluster /      Hochverfügbarkeitsumgebungen

  • Internationale Migrationsprojekte      / Carve Out bei Großkunden

Betriebssysteme

Linux
MS-DOS
OS/2
Red Hat Enterprise Linux
Unix
Windows
Windows CE

Datenbanken

MySQL
Postgres
SQL

Datenkommunikation

AppleTalk
ATM
CICS
Ethernet
Internet, Intranet
ISDN
ISO/OSI
LAN, LAN Manager
NetBeui
NetBios
OSF/DCE
Packet-Radio
PC-Anywhere
Public Networks
Router
RPC
SMTP
SNMP
TCP/IP
Token Ring
UUCP
Voice
Windows Netzwerk
Winsock

Branchen

Branchen

- Telco / Telekommunikation

- Logistik

- Immobilien

- Herstellung

- Multimedia

- Versicherung

Einsatzorte

Einsatzorte

Deutschland, Österreich, Schweiz
möglich

Projekte

Projekte

1 Jahr 9 Monate
2022-07 - 2024-03

Projektleiter technische Umsetzung SOC Aufbau

Technischen Projektleiter SOC SIEM
Technischen Projektleiter SOC SIEM

Technical Project Manager for the Establishment of an External SOC/SIEM in the LBS Bank Group

 

 -       Selection and integration of the external SOC service provider

-       Development of use cases

-       Splunk SIEM Installation and integration / Forwarder Installation

-       Creation of processes in the banking environment in accordance with BAIT requirements

-       Technical development and adaptation of additional use cases

-       Integration of bank-specific applications (OS Plus, bit-MaRisk, SAP, etc.)

-       Integration of technical infrastructure (Active Directory, DNS, telecommunications, Sophos Antivirus, Cisco VPN, Citrix, etc.)

 

 

-       Central point of contact for all IT security incidents

-       Incident Manager for IT security incidents

-       Evaluation/analysis of incoming SOC incidents with operations

-       Further development of processes and use cases / technical design

-       Provider management of the SOC service provider

-       Development of incident response plans for emergency planning in emergency management and creation of playbooks for SOC/Operational Teams

-       Improvement of operational security through regular meetings, reports, SLA Tracking etc., on the current SOC threat landscape

-       Intensive collaboration with operational Teams as an interface to the SOC

-       Improvement of processes in the area of penetration testing and vulnerability management

-       Coordination, preparation, and follow-up of pen-test findings, Audit Findings and vulnerabilities

-       Consulting on improving IT security strategy / best practices

-       Evaluation / Consulting from new Security-Tools

-       Member of the Bank emergency Board / Incident Management 

Splunk Enterprise
LBS
Remote
8 Monate
2023-05 - 2023-12

Planung SOC Aufbau OT Netzwerke

Technischer Designer SOC Aufbau für OT Netzwerke
Technischer Designer SOC Aufbau für OT Netzwerke

-       Development of a SIEM solution for the OT (Operational Technology) sector

-       Current state analysis (IST Analysis)

-       Technical planning and coordination

-       Design of a SOC SIEM structure for OT systems

-       Consolidation planning for multiple SIEM systems (international)

-       Project Lead for the Part ?SPLUNK SIEM for OT?

Deutsche Post AG (DHL)
Bonn, Remote
6 Monate
2022-01 - 2022-06

Senior Security Analyst Qualys / Defense Security

Senior Security Analyst OT Schwachstellenmanagement
Senior Security Analyst OT Schwachstellenmanagement

Supporting the Global Defense Team as Security Analyst for Operational Technology (OT) networks with Qualys.

  • Analyse / Testing OT Components (S7, Roboter etc)

  • Supporting Stakeholder with Qualys

  • Supporting different projects

  • Onboard location (OT) into Qualys for Vulnerability scanning

  • Creating special Option Profiles (Lifecycle) for OT Components

Qualys ServiceNow SIMATIC PCS 7
Daimler AG
5 Monate
2021-08 - 2021-12

Senior Security Analyst / Projektleiter Qualys

Projektleiter Vulnerability Management
Projektleiter Vulnerability Management

Implement a Vulnerability Management for Operational Technology (OT) networks with Qualys as Pre-Project Lead for > 20 locations.

1) Analyse of current environment, technologies and Stakeholder.

2) Build up a project plan with Milestones, capacity planning, cost calculation

3) Kickoff the first locations and start onboarding

4) Create a Community with Stakeholders to create Option Profiles for OT

Qualys CentOS ServiceNow
Daimler AG
5 Monate
2021-04 - 2021-08

Rollout SOC / Process implementation

Security Expert
Security Expert

Period                                     Client/sector                                       Company size

01.04.2021 ?25.07.2021                SEPAGO                         > 200 employees

 

Position

Senior Security Expert

 

 

Responsibilities

 

Process implementation and customer onboarding for "SOC as a Service" (Security Operations Center). 

Working as Security Expert / Incident Manager for the SOC, evaluation of existing processes.

Products:

AZURE, Microsoft Defender für Endpoint, Microsoft Defender ATP

Remote
5 Jahre 3 Monate
2016-01 - 2021-03

Senior Security Analyst / Security Remediation Expert Penetration Test

Security Vulnerability Management Audit

Period                                     Client/sector                                       Company size

01.01.2016 – today                 AXA Group Operation                         > 100.000 employees

 

Position

01.01.2016: Senior Security Analyst & 01.11.2020: Vulnerability Management Expert

 

 

Responsibilities

 

  • 1) Senior Security Analyst

Remediation and coordinating of Pen Test findings (global/local) and Audit tracking. Reporting of findings and incidents to AXA Management and solver departments. Coordination and supporting incoming requests to operational resolver groups and supporting them with security requirements according to AXA Security Guidelines and deep technical knowledge.

 

Regional Manager (Northern Europe Region) for DETACK epas (Enterprise Password Assessment), appliance administration incl. maintenance and central reporting for password quality reports.

 

 

  • 2) Vulnerability Management Expert
    • Global project supporting of the Qualys Guard Infrastructure
    • Infrastructure Administration and Maintenance from Qualys Guard
    • Reporting of Vulnerabilities
    • Remediation and Tracking
    • Asset Management and Server-Onboarding
    • Vendor-Management / Coordination and support Tickets

 

 

Primary Tasks and responsibilities:

 

  • Perform activities for vulnerability scanning and policy compliance (Qualys Guard)
  • Maintain and operate password hunting and quality assurance tool
  • Manage and control audit remediation activities
  • Manage and support Pen Test activities
  • Perform security and risk assessments
  • Create security concepts

 

Security support for Sub-Tasks:

 

  • Password Clear Text Scanning
  • Support for CyberArk migration
  • Supporting the privileged User Management and recertification
  • Related requests for ICT Infrastructure and Firewall approvals
  • Security Consultant for other IT Projects
  • Support the global security Incident Management

 

 

 

Tools:

 

  • Security Tools (epas DETACK, Nessus, OpenVAS, Metasploit, Qualys)
  • Operate password hunting for Active Directory, LDAP, Windows Server, Linux, Oracle, MSSQL, Citrix and MySQL
  • Microsoft Office
epas Qualys Linux DETACK
Security Vulnerability Management Audit
AXA Group Operation
Köln
6 Monate
2015-07 - 2015-12

Senior Security Analyst / Koordinator Penetration Testing

Senior Security Analyst / Koordinator Penetration Testing
Senior Security Analyst / Koordinator Penetration Testing

Period                                     Client/sector                                       Company size

01.07.2015 – 31.12.2015        AXA Konzern AG                                > 100.000 employees

 

Position

Senior Security Analyst / Pen Test coordinator

 

Responsibilities

Pen Test coordination (internal application) and Group Reporting for the Group Pen Test Campaign 2015. Planning and setup Pen Tests with external providers, provider management and assessment of risks. Detailed preparation and debriefing with stakeholders  and support with deep technical knowledge in the remediation phase. Perform lessons learned workshops after pen test activities. Preparation of Management escalations and Risk Letters for findings with high risk or high priority, communication from findings to SOC,  external providers or to AXA Tech.

 

Qualys Guard vulnerability management:

Act as supporter for Pen testers with  Qualys Guard Scans, Web application Scans and setup circular BlackBox Tests (incl. monitoring) for non critical AXA Web Applications

AXA Konzern AG
Köln
1 Jahr 9 Monate
2013-10 - 2015-06

Senior Security Analyst / Vulnerability Management

Senior Security Analyst / Vulnerability Management
Senior Security Analyst / Vulnerability Management

Period                                Client/sector                                       Company size

01.10.2013 – 30.06.2015         AXA-Tech                                           > 100.000 employees

 

Position

Senior Security Analyst / Vulnerability Management

 

Responsibilities

Global project supporting for Qualys Guard vulnerability management:

Establishment of a new Qualys Guard infrastructure and concept for circular vulnerability scans. Detailed breakdown from the complete AXA Germany and AXA Belgium Network with the restructuring from the existing appliance solution to a virtual environment. Rebuild new Qualys Assets and integrate new processes for deployment and vulnerability scans. Maintenance and central contact for the Qualys environment after the restructure.

 

Security support for Sub-Projects:

  • Tracking from Audit Findings particular for high critical financial systems
  • Architecture and Establishment of Privileged User Management Database for Windows, Linux, VMWare, SQL and Oracle.
  • Organizational measure to capture High Privileged Accounts

Reporting, tracking and remediation of vulnerabilities, system hardening and patch management

AXA Tech
Köln
8 Monate
2013-01 - 2013-08

Senior Security Expert

Senior Security Expert
Senior Security Expert

Period                                     Client/sector                                         Company size

01.01.2013 – 31.08.2013          Deutsche Annington Immobilien SE       > 4.000 employees

                                               (Heute: Vonovia)

Position

Senior Security Expert

 

Responsibilities

Establishment of security concepts and processes for the IPO (stock market launch), risk evaluation and coordination Pen Testing.

 

  • Active vendor management for the WAN/LAN/Security/Data Centre infrastructure (as support for the service management)
  • Installation, reduction and sizing for the MPLS/VPN connectivity
  • IP Management (conception and planning) for all locations
  • Change management
  • Supporting the operational unit as 3rd level support (firewalling, network, BlueCoat Proxy SG, reverse proxy (TMG) and F5 load balancers)
  • Project lead for cross projects (Juniper SSL VPN migration from device SA4000 to MAG6611, location moves, migration of the anti-virus solution to an external vendor / SaaS)

 

Products and standards:

  • ITSM
  • IT Security (Grundschutz, BSI, various security products)
  • Juniper, Cisco
  • Blue Coat, Squid
  • McAfee
  • Alcatel-Lucent VitalQIP
Deutsche Annington Immobilien SE
Bochum
6 Monate
2012-07 - 2012-12

Senior Security Consultant Data privacy

Senior Security Consultant Data privacy
Senior Security Consultant Data privacy

Period                                     Client/sector                                         Company size

16.07.2012 – 31.12.2012          Deutsche Telekom AG  (ICM, IKS)        > 200.000 employees

 

Position

Senior Security Consultant Data privacy

 

Responsibilities

Supporting and revision of various EPR Projects (main task: Security/Privacy concepts and compliance, auditing the plausibility of concepts). Approver for authority of compliance and above concepts incl. the SoCs (Statement of Compliance) for Group-wide operational standards. Consulting for network security and infrastructure (security) solutions.

Deutsche Telekom AG
2 Monate
2012-06 - 2012-07

Cloud Strategy / Evaluation for various clients

Consultant
Consultant

Period                                     Client/sector                                         Company size

01.06.2012 – 15.07.2012          various clients                                      > 1.000 employees

 

Position

Cloud Strategy / Evaluation for various clients

 

Responsibilities

Consulting for various clients, evaluation of several cloud infrastructure solutions and IT Security. Consulting for Data Centre strategy and cost optimisation, conception of the effort and feasibility into a full managed service.

Diverse
Castrop-Rauxel
2 Monate
2012-04 - 2012-05

Security Infrastructure coordinator

Security Infrastructure coordinator
Security Infrastructure coordinator

Period                                     Client/sector                                         Company size

01.04.2012 – 31.05.2012          SIEMENS ATOS                                  > 200.000 employees

 

Position

Security Infrastructure coordinator

 

Responsibilities

Analyse of a large ICT infrastructure environment, reporting of missing ICT functions to the ATOS Board. Creating reports of Security Incident processes in the area MDS (Mobile Device Service) and Endpoint Security.

SIEMENS
Stuttgard
9 Monate
2011-07 - 2012-03

Sub-project management / set-up of a private cloud for the Deutsche Telekom Group

Sub-project management / set-up of a private cloud for the Deuts
Sub-project management / set-up of a private cloud for the Deuts

Period                                     Client/sector                                       Company size

01.07.2011 – 31.03.2012          Telekom Deutschland GmbH                > 200,000 employees

 

 

Position

Sub-project management / set-up of a private cloud for the Deutsche Telekom Group

 

Responsibilities

Conceptualisation, integration and interconnection of several cloud infrastructure solutions. Harmonisation of the framework conditions and requirements for the strategic projects from an operational standpoint, with a focus on compliance with Group-wide operational standards. Hand-over of the platforms developed during the project in a stable operating condition.

 

Primary responsibilities

  • Sub-project management in the area of technical implementation
  • Reporting, monitoring of milestone achievements and task lists, escalations
  • Product selection / comparison of various cloud products
  • Conceptualisation of the cloud environment and WAN connectivity (MPLS WAN, cloud design, integration of firewalls)
  • Agreement of requirements with the provider
  • Drafting of the operating concept
  • Design of the client’s network and security solutions
  • Conceptualisation of future IT Solution for Telekom Management (LISP, WAN Accelerator)
  • Co-ordination and approval with Group Security
  • Contract management, SLAs, statements of work / technical specification documents
  • Preparation of management-oriented decision point documents
  • Preparation for migration, hand-over to the migration team

 

Products and standards

  • Cloud computing (SaaS, PaaS, IaaS, DSI)
  • ITSM / ITIL
  • Requirements management
  • Virtualisation (ESX, vCloud, Zimory, Citrix XenApp)
  • Network (LISP, Cisco, Juniper, BlueCoat Systems, Riverbed, F5)

 

Telekom Deutschland GmbH
Bonn
2 Jahre
2009-07 - 2011-06

Security Architect, International Data centre consolidation

Security Architect, International Data centre consolidation
Security Architect, International Data centre consolidation

Period                                     Client/sector                                         Company size

07/2009 – 30.06.2011               T-Systems International (CZ, UK, NL)    > 200,000 employees

 

 

Position

Security Architect, International Data centre consolidation

 

Responsibilities

  • Migration of an existing data centre environment in the Czech Republic/UK/NL to a German cloud environment
  • Conceptualisation of the data centre inter-connectivity / expansion of existing data centre connectivity
  • Planning of new VLANs within the overall application structure
  • Conceptualisation of firewalls, load balancers, reverse proxy environments
  • Conceptualisation of application-specific network environments using AppCom / STS
  • Process support for business blueprint / security / migration
  • Planning and preparation of changes (firewall, load balancers, monitoring,…)
  • Documentation of complex projects
  • Decommissioning of legacy data centre connections and firewall systems
  • IP connectivity planning (routing, firewall environment, IP address management)

 


Products and standards

 

  • ITIL
  • Baseline security requirements in accordance with Corporate Security Policy
  • Cisco, F5, Juniper
  • Network (routing, MPLS, ATM, SDH, VPN, DMZ, IPSec, BGP)
  • Cloud computing (SaaS/PaaS, ESX, Citrix)
T-Systems International
Prag, Münster
9 Monate
2008-10 - 2009-06

Sub-project Management Security

Sub-project Manager for a SIEMENS carve out project as lead
Sub-project Manager for a SIEMENS carve out project as lead

Period                                     Client/sector                                       Company size

10/2008 - 06/2009                    SIEMENS                                            > 200,000 employees

 

Position

Sub-project Management Security

Responsibilities

Sub-project Manager for a SIEMENS carve out project as technical lead

 

  • Technical team manager on the security team
  • Planning and development of a new security infrastructure (60 Firewalls, 4 Proxys etc)
  • Categorisation of the IT systems by confidentiality, integrity and availability
  • Establishment of security concepts and processes
  • Preparation of management-oriented decision point documents
  • Drafting the security operation manual
  • On-going target/actual comparison
  • Selection of the security products
  • Planning and deployment of network coupling within the carve out
  • Integration of business partners
  • Conceptualisation and deployment of the remote LAN access structure
  • Planning of a PKI infrastructure
  • International roll-out of the firewall systems worldwide
  • Firewall administration

 

Products and standards

  • ITIL
  • Baselining in accordance with BSI basic IT protection guidelines
  • Watchguard firewalls (SSL VPN, IDS, IPS)
  • Network (routing, IPSec VPN, DMZ, network coupling, skip areas, NAT zones)
  • OTP (VASCO, two-factor authentication)
  • Anti-spam (Azeti), proxy with content/Web security
  • SAP router
  • Monitoring of the security components under NAGIOS
  • Servers (virtualisation using VMWare, Windows Server 2003/2008, Linux)
  • Microsoft Project
SIEMENS Gigaset
München
6 Monate
2008-04 - 2008-09

Sub-project management Security

Sub-project management Security
Sub-project management Security

Period                                     Client/sector                                       Company size

04/2008 - 09/2008                    DHL                                                    > 200,000 employees

                                              

 

Position

Sub-project management Security

Responsibilities

  • Sub-project management for a Client migration project (6,000 Users)
  • In charge of the areas proxies, networks, firewalls, applications
  • Supporting service management
  • Preparation of security concepts and processes for an external service provider (T-Systems)
  • Deactivation of legacy server systems and network landscapes
  • Developing global server concepts
  • Planning and migration of a proxy cluster (approx. 6,000 users)
  • Modification of the security processes
  • Preparation of changes (change management)
  • Developing a JAVA PAC file for approx. 3,500 workplace systems
  • Planning and matching of bandwidth requirements for the MPLS structure
  • Matching of DNS and DHCP

 

Products and standards

  • ITIL
  • Checkpoint firewalls
  • Network (network coupling, NAT zones, routing, MPLS, ATM)
  • Citrix
  • App-V (former SoftGrid)
  • Proxy/Internet: Squid, Finjan Secure Web Gateway (content security)
  • Directory services: Active Directory, LDAP
  • Microsoft Project
DHL
Bonn
8 Monate
2007-08 - 2008-03

Security Audit

Security management auditor for DEUTSCHE POST Management Board
Security management auditor for DEUTSCHE POST Management Board

Period                                     Client/sector                                       Company size

08/2007 - 03/2008                    DEUTSCHE POST AG                         > 200,000 employees

 

Position

Security management auditor for DEUTSCHE POST Management Board

Responsibilities

  • Auditing of IT and security projects (ITIL / CoBIT)
  • Security management audits at a data centre of a service provider
  • Preparing the audit
  • Orientation of the control objectives to the corporate structure
  • Kick-off, establishing the audit and the audit sphere
  • Interviews with the specialist departments
  • Weak-point analysis
  • Auditing of authorisation processes
  • Assessment of risks
  • Recommending improvements
  • Reporting to the Board

 

Products and standards

  • ITIL
  • CoBIT
  • Microsoft Office (PowerPoint, Word, Excel)
Bonn

Kompetenzen

Kompetenzen

Top-Skills

Qualys Vulnerability Management OT Audit EPAS Splunk Penetrationstest

Schwerpunkte

Audit
Security
Vulnerability Management

Produkte / Standards / Erfahrungen / Methoden

DETACK
Experte
epas
Experte
Qualys
Experte

Security:

  • Projektleitung und      Teilprojektleitung

  • Juniper Firewalls / SSL VPN      Gateway (SA und MAG)

  • Administration

  • PenTesting

  • Schwachstellenmanagement

  • BSI Grundschutz

  • Security Konzepte und Audits

  • PEN-Tests

  • Qualys

  • Nessus, OpenVAS, metasploit

  • Sicherheitshandbuch

  • Firewall (Juniper, Watchguard, Astaro, Linux), IDS, IPS

  • Spam, Monitoring (Nagios, Big      Brother, Azeti), Content Security, Proxy Squid

  • DMZ, Reverse Proxy (Apache, ISA, Forefront Security)

  • N-Tier / Multi-Tier

  • Network Access Control (NAC)

  • Mobile Device Security

  • PKI

  • Multi Factor Authentication (RSA,      Kobil, VASCO)

  • Watchguard Firewalls: Core, Peak,      Edge

  • VPN Watchguard SSL Appliance 500      & 1000

 

Projektleitung / Teilprojektleitung:

  • Teamleitung

  • Prince2

  • Depict

  • Compass

  • V Modell

  • Microsoft Project

  • Cobit

 

Cloud Computing:

  • Konzeption

  • Technische Umsetzung

  • Anforderungsmanagement

  • DSI, SaaS, PaaS, IaaS

  • vCloud Director, Zimory, VMWare

 

 

Service Management / Prozesse:

  • ITIL Service Management

  • Prozesse (Design und Implementierung)

  • Einkauf / Vertragsmanagement / SLA      / OLA

  • Providersteuerung

 

Netzwerk:

  • Projektleitung und      Teilprojektleitung

  • Administration

  • WAN, MPLS, ATM, SDH

  • Routing und Switching (OSPF, RIP)

  • VPN / Remote LAN Access, SSL VPN

  • UMTS, LAN

  • Cisco, F5, Juniper, Riverbed

  • VoIP, Asterisk

 

Datenbanken:

  • MySQL

  • MSSQL

 

Linux:

  • Administration

  • SuSE, Redhat, Debian, CentOS

  • DNS mit Bind, DHCP, Squid, Apache, Samba, Cluster, iptables, Postfix, Sendmail, qmail, Proxy

  • Scalix, IMAP POP3 SMTP

  • Shellscript Programmierung

  • NFS

 

Microsoft Windows:

  • Administration

  • Windows Server

  • Active Directory      (Planung/Aufbau/Installation/Administration)

  • Exchange 2007

  • Sharepoint MOS

  • IIS Webserver

  • Clusterlösungen

  • ISA

  • Cloud

 

Storagelösungen:

  • SAN

  • NAS

  • NFS

 

Authentifizierung

  • OTP Token

  • Radius Server

  • PKI

  • SSO (Single Sign On)

 

Telefonanlagen:

  • Siemens Hicom / Hipath

  • VoIP

  • Asterisk

 

Sonstige Produkte und Erfahrungen:

  • Virtualisierung (VMWare, XEN)

  • Aufbau Rechenzentrum / Datacenters

  • Webservices / Portallösungen

  • Cluster /      Hochverfügbarkeitsumgebungen

  • Internationale Migrationsprojekte      / Carve Out bei Großkunden

Betriebssysteme

Linux
MS-DOS
OS/2
Red Hat Enterprise Linux
Unix
Windows
Windows CE

Datenbanken

MySQL
Postgres
SQL

Datenkommunikation

AppleTalk
ATM
CICS
Ethernet
Internet, Intranet
ISDN
ISO/OSI
LAN, LAN Manager
NetBeui
NetBios
OSF/DCE
Packet-Radio
PC-Anywhere
Public Networks
Router
RPC
SMTP
SNMP
TCP/IP
Token Ring
UUCP
Voice
Windows Netzwerk
Winsock

Branchen

Branchen

- Telco / Telekommunikation

- Logistik

- Immobilien

- Herstellung

- Multimedia

- Versicherung

Vertrauen Sie auf GULP

Im Bereich Freelancing
Im Bereich Arbeitnehmerüberlassung / Personalvermittlung

Fragen?

Rufen Sie uns an +49 89 500316-300 oder schreiben Sie uns:

Das GULP Freelancer-Portal

Direktester geht's nicht! Ganz einfach Freelancer finden und direkt Kontakt aufnehmen.