Freelancer » IT, Entwicklung » Weitere IT-Qualifikationen
freiberufler Senior Cybersecurity Consultant auf freelance.de

Senior Cybersecurity Consultant

zuletzt online vor wenigen Stunden
  • 120€/Stunde
  • Dittweiler, Pfalz
  • Weltweit
  • de  |  en  |  es
  • 04.12.2023
Jetzt registrieren & Kontakt aufnehmen

Kurzvorstellung

Security Strategy & Goverance | Awareness & Communication | Identity & Trust | Cloud Security | Leadership & Project Management

Auszug Referenzen (1)

"Herr E. hat verantwortlich gezeichnet für die administrative Betreuung der PAM Infrastruktur eines Kunden."
PAM Consultant
Andreas Hartje
Tätigkeitszeitraum

3/2021 – 10/2021

Tätigkeitsbeschreibung

Implementation and adaptation of the CyberArk solution to the existing infrastructure to secure privileged access (PAM) including:
• Creation and management of all accounts, safes & platforms of the acceptance environment via PVWA as well as Rest API
• Administration of CyberArk servers on infrastructure & OS level
• Execution of technical acceptance tests
• Monitoring of infrastructure components
• Documentation of processes, components & platforms

Eingesetzte Qualifikationen

Access Management, Benutzerverwaltung, Berechtigungskonzept, Identitätsmanagement (IDM)

Qualifikationen

  • Cyber Security
  • IT-Governance
  • Projektmanagement (IT)
  • Access Management
  • Cloud (allg.)
  • DevOps
  • Enterprise Architect (EA)
  • Ingenieurwissenschaft
  • IT-Beratung (allg.)
  • IT Sicherheit (allg.)
  • Kontinuierliche Integration (CI)
  • Management-Informationssysteme
  • Wirtschaftsinformatik

Projekt‐ & Berufserfahrung

Security Coordinator in an ISO/ISA supporting role
Kundenname anonymisiert, Stuttgart
4/2023 – 12/2023 (9 Monate)
Automobilindustrie
Tätigkeitszeitraum

4/2023 – 12/2023

Tätigkeitsbeschreibung

Creation and implementation of processes including:
• Analysis of existing policies, security standards and blueprints
• Interviews with different stakeholders to evaluate security status in products to adapt project plan
• Gap analysis
• Adapting of project plan based on risk assessment and gap analysis. Priorizitation by using OWASP Top 10 Cybersecurity risks as a reference
• Support with moving legacy application to cloud (AWS)
• Development of secure coding guidelines, static code analysis and dynamic code analysis by using different tools (SonarQube, BlackDuck, Prisma, …)
• Communication interface between development teams and central cybersecurity (business- and operations side)
• Conducting of workshop to raise awareness on team level and sharpen understanding of responsibilities
• Development of shared responsibilities and RACI-matrix
• Improvement of security standards and blueprints including feedback loops from development teams and central cybersecurity
• Plan and implementation of suitable knowledge management
• Roll-out of new standards, processes and blueprints and enabling of development teams for following topics (excerpt):
o User Access Management
o Vulnerability Management
o Incident Management
o Asset Management
o Hardening
o Backup & Recovery
o Patch Management
o Logging and Monitoring
o Data protection
• Presentation of results on management level to raise awareness about security status

Eingesetzte Qualifikationen

Access Management, Amazon Web Services (AWS), Back up / Recovery, Benutzerverwaltung, Berechtigungskonzept, Cloud (allg.), Cyber Security, Incident Management, Projektleitung / Teamleitung (IT), Prozessmanagement

Lead GDPR Taskforce (Datenschutz)
Kundenname anonymisiert, Stuttgart
10/2022 – 6/2023 (9 Monate)
Automobilindustrie
Tätigkeitszeitraum

10/2022 – 6/2023

Tätigkeitsbeschreibung

Lead GDPR taskforce including coordinating teams, preparing and conducting workshops, preparing management decisions and providing checklists and best practices to teams including:
• Analysis of existing material and guidelines from central security
• Gap analysis
• Design and conduction of management workshops to raise awareness for GDPR
• Set up of a roadmap to be compliant with GDPR requirements before Go-Live
• Design and conduction of workshops on product level to asses GDPR status, clarify open questions, definition of next steps and clarification of (shared) responsibilities
• Creation of documentation blueprints and steps to perform to be able to fulfill:
o RoPA
o TOM
o Retention periods
o Technical requirements
o Data Subject Rights
o Deletion concept
• Analysis of created documentation from products, processing of results, support with steering team discussions and escalation processes

Eingesetzte Qualifikationen

Datenschutz, Projektleitung / Teamleitung (IT)

Lecturer and scientific contact for IT-Security
DHWB Mannheim, Mannheim
9/2022 – offen (1 Jahr, 4 Monate)
Hochschulen und Forschungseinrichtungen
Tätigkeitszeitraum

9/2022 – offen

Tätigkeitsbeschreibung

Reading lectures on specific security topics. Contact person for scientific questions. Proofreader for scientific papers

Eingesetzte Qualifikationen

Cyber Security, Management-Informationssysteme, Enterprise Architect (EA), Ingenieurwissenschaft, Wirtschaftsinformatik

TISAX Implementer
Kundenname anonymisiert, Hamburg
3/2022 – 11/2022 (9 Monate)
Dienstleistungsbranche
Tätigkeitszeitraum

3/2022 – 11/2022

Tätigkeitsbeschreibung

Development and implementation of an ISMS in accordance with TISAX requirements including:
• Assessment of security status and documentation
• Gap analysis
• Processing of TISAX requirements and derivation of necessary steps
• Analysis and editing of security policies
• Implementation of an ISMS in organization
• Creation of processes and documentation
• Readiness assessment
• Audit support

Eingesetzte Qualifikationen

Informationssicherheit

Project Manager for Science
Kundenname anonymisiert, Darmstadt
3/2022 – 7/2022 (5 Monate)
Hochschulen und Forschungseinrichtungen
Tätigkeitszeitraum

3/2022 – 7/2022

Tätigkeitsbeschreibung

Scrum project manager in science for following projects:
• Smart city project to detect traffic jams and accidents automatically with AI
• Smart railway project to improve time forecast for trains
• Internal railway infrastructure project to replace old and hardcoded codebase with object-oriented programming language and dynamic frontend

Eingesetzte Qualifikationen

Ingenieurwissenschaft, Projektleitung / Teamleitung (IT), Projektmanagement (IT)

Security Program Manager
Kundenname anonymisiert, Stuttgart
1/2022 – 6/2023 (1 Jahr, 6 Monate)
Automobilindustrie
Tätigkeitszeitraum

1/2022 – 6/2023

Tätigkeitsbeschreibung

Design and implementation of a security strategy as part of a sales process redesign program involving 1.200 employees including:
• Definition of KPI’s and OKR’s
• Implementation and optimization of Quality Gates on platform level
• Recurring awareness sessions for different stakeholders (management, PO’s, security responsibles, …)
• Preparation and conduction of workshops for different purposes and audiences
• Analysis of existing security tools and AWS services
• Alignment of an appropriate security toolchain (BlackDuck, SecHub, Habor, AWS Services, …)
• Central cybersecurity communication and presentation support
• Development of central documentation strategy
• Creation of central documentation for everyone who wants to onboard on platform
• Moderation of regular security guild meeting including management of topics and guest speakers

Eingesetzte Qualifikationen

Cloud (allg.), Amazon Web Services (AWS), Cyber Security, DevOps (allg.), Incident Management, Programm Management

PAM Consultant
Kundenname anonymisiert, Frankfurt
3/2021 – 10/2021 (8 Monate)
Banken
Tätigkeitszeitraum

3/2021 – 10/2021

Tätigkeitsbeschreibung

Implementation and adaptation of the CyberArk solution to the existing infrastructure to secure privileged access (PAM) including:
• Creation and management of all accounts, safes & platforms of the acceptance environment via PVWA as well as Rest API
• Administration of CyberArk servers on infrastructure & OS level
• Execution of technical acceptance tests
• Monitoring of infrastructure components
• Documentation of processes, components & platforms

Eingesetzte Qualifikationen

Access Management, Benutzerverwaltung, Berechtigungskonzept, Identitätsmanagement (IDM)

IAM Consultant
Kundenname anonymisiert, Düsseldorf
4/2020 – 10/2020 (7 Monate)
Konsumgüterindustrie
Tätigkeitszeitraum

4/2020 – 10/2020

Tätigkeitsbeschreibung

Line support and consulting for Identity & Access implementation requests

Eingesetzte Qualifikationen

Identitätsmanagement (IDM)

Weitere Projekt‐ & Berufserfahrung anzeigen

Ausbildung

Informatik
M.Sc.
TU Darmstadt
2022
Darmstadt
Praktische Informatik
B.Sc.
HTW des Saarlandes
2019
Saarbrücken

Über mich

Technology and management consultant with more than 4 years of experience. Initially focused on software development and later specialized in IT security, Identity and Access Management, and Privilege Management during my master's degree. I developed project leadership and management skills, along with deep knowledge in security strategy, cybersecurity governance, software engineering, and a strong background in Identity & Trust tools.

Persönliche Daten

Sprache
  • Deutsch (Muttersprache)
  • Englisch (Fließend)
  • Spanisch (Grundkenntnisse)
  • Französisch (Grundkenntnisse)
Reisebereitschaft
Weltweit
Arbeitserlaubnis
  • Europäische Union
Home-Office
bevorzugt
Profilaufrufe
203
Alter
28
Berufserfahrung
4 Jahre und 11 Monate (seit 01/2019)
Projektleitung
3 Jahre

Kontaktdaten

Nur registrierte PREMIUM-Mitglieder von freelance.de können Kontaktdaten einsehen.

Jetzt Mitglied werden