Freelancer profile translated to English.

Back to original language

Description

Properties:

Loyalty, entrepreneurial and customer-oriented thinking and acting,

Recognition and coordination of complex processes and structures, high as

well as understandable language level, technical and practical knowledge from several IT

supported industries, confident demeanor, very high technical

understanding, very high self-motivation.

Industries:

Automotive, Travel Industry, Chemicals, Manufacturers, Service Providers, Hosts, Security,

Industry, Telecommunications, Authorities, Justice, Bank, Public Service,

Hospital, Textile Industry, Insurance, Financial Service Providers; Energy Sector

Focus Areas:

Managing Director, Project Manager, Security Architect. IT Senior Security Consultant,

Certified EC-Council Instructor, Microsoft Certified Trainer.

Advice, consulting and training in the field of IT Security Management, IT

Security Technologies & Microsoft Enterprise Technologies.

Industry field of expertise

Languages

German
Native or bilingual
English
Fluent

Workplace preferences

Remote only

Primarily works remotely

Veguardex GmbH
Senior IT Security Architect & Senior IT Security Consultant
BANKING AND INSURANCE
May 2023 - Today (3 years and 1 month)
Kirchardt, Germany
Direct interface between IT security and the various business units
Direct reporting to IT Management & IT Security Management
Planning, coordination, and scheduling of vulnerability scans & compliance scans
Execution of vulnerability scans & compliance scans
Data analysis, preparation, and clustering of vulnerability information
Impact analysis together with system administrators
Deduction of measures for mitigation and remediation of existing vulnerabilities
Reporting of implementation progress and threat landscape to IT Security Management
and various boards
Advising system administrators in the area of vulnerability remediation &
system hardening
Creation of vulnerability management concepts
Optimization of vulnerability management
Development of vulnerability management processes
Execution of regular and ad-hoc vulnerability scans
Further development of the current vulnerability scanner
Creation of central reports and evaluations (for management and
affected groups / administrators)
Creation of instructions for administrators
Review of the patch management infrastructure
Creation and optimization of the patch process
Development of a new patch policy
Development of a new server hardening policy
Development of a new vulnerability scanner architecture
Implementation of the new vulnerability scanner architecture
Evaluation of a new tool for vulnerability scans
Implementation of the new tool for vulnerability scans & compliance scans
Creation and implementation of processes for patch management
Creation and implementation of processes for vulnerability scans &
compliance scans
Risk Management
Asset Management
Veguardex GmbH
Senior IT Security Trainer & Senior IT Security Consultant
EDUCATION AND E-LEARNING
January 2024 - Today (2 years and 5 months)
Kirchardt, Germany
IT Security Awareness Training & Education:
Training and awareness of end-users in the context of basic training &
education
Training and awareness of information security officers & general managers from basic training &
education
Conveying techniques that ensure actual action in addition to understanding IT security & information security
Creation of further material such as posters or flyers
IT Security Awareness Consulting:
Development & implementation & continuous further development of coordinated information security requirements for the respective company
Creation, preparation, and execution of phishing campaigns and simulations
Analysis of results
Proposal of concrete measures to increase the awareness level
Development and improvement of processes
Reporting to Information Security & Management
Permanent member of various committees
Direct contact person for all topics related to awareness
Measurability of the effectiveness of measures
ROI of awareness-building measures

Microsoft Product Training:
Official Microsoft training
Customized Microsoft training
Customized Microsoft workshops
In-house and company training
Boot camps and exam preparation

EC-Council Product Training:
EC-Council - Certified Ethical Hacker
EC-Council - Certified SOC Analyst
EC-Council - Certified Network Defender
EC-Council - Certified Hacking Forensics Investigator
Veguardex GmbH
Senior IT Security Manager
AUTOMOBILE
August 2022 - February 2024 (1 year and 7 months)
Kirchardt, Germany
ISMS:
Support in the conception, design, and optimization of the Information Security Management System (ISMS).
Development of complex ISMS processes and methods
Documentation of complex ISMS processes and methods
Execution of general risk assessments
Consulting on various information security topics and compliance with the ISMS
Identification, analysis, and evaluation of new developments and trends in information security
Development of strategic recommendations and analysis of their impact on the value chain
Regulations:
Creation and revision of group-wide information security regulations
Coordination of content in advance with the responsible information security representatives of the business units
Preparation, execution, and follow-up of Standard Working Teams
Preparation & presentation of regulations in committees
Initiation, leadership, and structuring of content discussions with representatives from business units, cyber security, IT, and security line functions on your subject areas
Deriving and presenting decision and action options from the results of the committees
Transferring content discussion results into regulatory texts
Checking regulatory texts for consistency, plausibility, and conformity with applicable standards (ISO 27001, GDPR)
Ensuring the uniform format (structure, outline, references, etc.) of information security standards
Initiation of target group-oriented publication & communication of standards
Development and design of corresponding communication media
Compliance Checks:
Conception and execution of compliance checks of group-internal information security regulations
Verification of the effectiveness of implemented ISMS processes
Creation of meaningful result and final reports, including the derivation of recommendations for action for the business units