Freelancer profile translated to English.

Description

Over 7 years of professional experience and a freelancer since 2023. My specialization lies in the area of Penetration Test Management & (IT) Project Management.

Through my previous professional experience (Consultant at KPMG & IT Security Specialist at DekaBank), I possess extensive knowledge of business processes and IT landscapes of financial institutions.

I hold a Bachelor's degree in Business Administration, am a Certified Ethical Hacker (CEH), Certified ScrumMaster®, and possess the ITIL® 4 Foundation certification.

Industry field of expertise

Languages

German
Native or bilingual
English
Fluent
Russian
Conversational

Workplace preferences

Remote only

Primarily works remotely

Hessische Zentrale für Datenverarbeitung
Security Incident Manager (CSIRT)
PUBLIC SECTOR
August 2023 - Today (2 years and 10 months)
Wiesbaden, Germany
• Research, analysis, and evaluation of IT vulnerabilities and IT threat landscapes
• Target group-specific information preparation and provision of recommendations for action regarding IT vulnerabilities and IT threat landscapes
• Initiation, consultation on mitigation, and follow-up of security incidents
• Vulnerability scans and management (Nessus, Greenbone, Nuclei)
• Processing and follow-up of security incidents (Remedy)
• Optimization of existing CSIRT processes
• Organizational support for IT crisis situations
CSIRT Incident Management IT Security BSI IT Basic Protection Vulnerability Analysis Vulnerability Management
DekaBank Deutsche Girozentrale
IT Security Specialist
BANKING AND INSURANCE
December 2020 - June 2023 (2 years and 7 months)
Frankfurt, Germany
Penetration Test Manager | DekaBank
Frankfurt am Main | December 2020 – June 2023
Project Work
Identification of potential for internal process improvements
Project initiation and development of a blueprint for process automation
Analysis of internal and external process-supporting tools
Project plan management (Jira)
Management of Red Team activities in an agile style
Determination of test scope, milestones, and target systems within the framework of a simulated cyber attack
Coordination and moderation of daily meetings
Quality assurance of test results, as well as assignment of derived measures to existing projects & lines
Day-to-day business

Responsibility for the field of penetration testing with an annual budget > EUR 1 million
Coordination of over 150 penetration tests annually
Moderation of kick-off and daily meetings
Onboarding and offboarding of external penetration testers including authorization management (Omada IAM)
Quality control of penetration test results
Vulnerability and incident management (BMC Remedy ITSM, RADAR Cyber Security)
Provider management
Commissioning and management of external service providers
Recording of KPIs & requirements for service providers
Effort / budget controlling (MS Office, SAP)
Collaboration with information security management
Participation in phishing campaigns
Close coordination on risk acceptances from penetration tests
Consultation on the creation of security concepts
Collaboration with the Security Operation Center
Creation and expansion of SIEM use cases from penetration tests
Purple team coordination to improve detection mechanisms
IT Security IT Security PenTest pentest management Project Management Scrum Cybersecurity Cybersecurity ITIL
DekaBank Deutsche Girozentrale
Business Service & Regulatory Control
BANKING AND INSURANCE
November 2018 - November 2020 (2 years)
Business Service & Regulatory Control | DekaBank
Frankfurt am Main | November 2018 – November 2020

Project Work

Sub-project management for identifying digitalization potential of existing processes
Coordination and moderation of status meetings
Recording and tracking of project results and milestones (MS Excel, PowerPoint)

Day-to-day business

Coordination of money transactions between the securities system and the central order platform (SAP)
Project Management Accounting Controlling