freiberufler Senior IT Security Architect & Consultant auf freelance.de

Senior IT Security Architect & Consultant

zuletzt online vor wenigen Tagen
  • auf Anfrage
  • 81825 München
  • Weltweit
  • de  |  ru  |  en
  • 01.10.2024

Kurzvorstellung

Senior IT Security Architect / Technical Project Lead, Cyber Security Consultant

Qualifikationen

  • Certified Information Systems Security Professional (CISSP)6 J.
  • Cloud (allg.)4 J.
  • Cloud Computing4 J.
  • Cloud Security
  • Cyber Security10 J.
  • IAM
  • Infrastrukturarchitektur1 J.
  • IT Sicherheit (allg.)
  • SABSA
  • Security Operations Center (SOC)2 J.
  • Sicherheitskonzept

Projekt‐ & Berufserfahrung

IT Infrastructure Security Expert
Retail, NRW
3/2023 – offen (1 Jahr, 8 Monate)
Handel
Tätigkeitszeitraum

3/2023 – offen

Tätigkeitsbeschreibung

• Control and implementation of security measures in the IT infrastructure environment
• Continuous review and improvement of the technical environment
• Regular review, assessment and improvement of existing security guidelines
• Establishment of monitoring, logging and controlling instruments/tools
• Coordination of vendors and internal teams
• Conception of a holistic security dashboard
• Evaluation & introduction of a SIEM, integration of security relevant systems
• Supplier management
• Administration & usage of XM Cyber, Darktrace

Eingesetzte Qualifikationen

Certified Information Systems Security Professional (CISSP), Cyber Security, Security Operations Center (SOC)

IT Security Consulting
Siemens AG, München
6/2022 – 4/2023 (11 Monate)
High-Tech- und Elektroindustrie
Tätigkeitszeitraum

6/2022 – 4/2023

Tätigkeitsbeschreibung

• Development of approaches for the elimination of security issues on the basis of protection concepts or results of equivalent asset analyses in compliance with customers rule sets
• Methodical standardization and harmonization (e.g. risks, threats, measures)
• Analysis of risks, threats and measures from data sources and transfer of these into a model for further use in a tool
• Revision and supplementation of questionnaires (e.g. Special networks/infrastructure/network zones/...)
• Presentation, explanation, coordination and implementation of the measures with the customers project team

Eingesetzte Qualifikationen

Certified Information Security Manager

IT Security Program Manager / Senior IT Security Architect
ZF Friedrichshafen AG, Friedrichshafen / München
1/2021 – 6/2022 (1 Jahr, 6 Monate)
Automobilindustrie
Tätigkeitszeitraum

1/2021 – 6/2022

Tätigkeitsbeschreibung

• IT Security program and project management
• Evaluation of existing IT Security Capabilities
• Definition of the Cyber Security Strategy
• Definition and tracking of program and project charters, milestones
• Development of Security Architecture
• IAM consulting
• Cloud migration support
• Adaptation of the Enterprise Security infrastructure to legal, regulatory and compliance requirements
• Optimization of DevSecOps process
• Review and redesign of existing Cyber Security Processes
• Simplification of security processes for customers

Eingesetzte Qualifikationen

Cyber Security, Projektleitung / Teamleitung (IT), Projektmanagement (IT), Projektdurchführung

Cloud Security Trainer
Kundenname anonymisiert, online
9/2020 – offen (4 Jahre, 2 Monate)
IT & Entwicklung
Tätigkeitszeitraum

9/2020 – offen

Tätigkeitsbeschreibung

Trainer for Cloud Security

Eingesetzte Qualifikationen

Cyber Security, Cloud (allg.), Cloud Computing

Senior IT Security Consultant
Siemens AG, München
7/2020 – 11/2024 (4 Jahre, 5 Monate)
High-Tech- und Elektroindustrie
Tätigkeitszeitraum

7/2020 – 11/2024

Tätigkeitsbeschreibung

• Comparison of Vulnerability Scanners
• Consolidation and Management of customer requirements
• Communication with vendors, preparation of RFI and RFP
• Result evaluation
• Report creation

Eingesetzte Qualifikationen

Cyber Security

Expert Identity & Access Management
FI-TS (Finanz Informatik Technologie Service), Haar
3/2020 – 6/2020 (4 Monate)
Finanzdienstleister
Tätigkeitszeitraum

3/2020 – 6/2020

Tätigkeitsbeschreibung

• Development of Cloud IAM Concepts
• Security concepts for private and public cloud platforms
• IAM related reports for financial audits
• IAM Integration of applications with separation of tenants
• Consulting for modern Identity Management Solutions

Eingesetzte Qualifikationen

Cyber Security

Senior IT Security Architect / Project Lead Security Architecture
Lufthansa Group, Frankfurt / Raunheim
9/2019 – 3/2020 (7 Monate)
Luft- und Raumfahrtindustrie
Tätigkeitszeitraum

9/2019 – 3/2020

Tätigkeitsbeschreibung

• Development of Target Enterprise Security Architecture
• Definition of Security Architecture Domain Model and Processes
• Consideration of Business Drivers, Security Principies, Goals, Requirements in the Architecture Modell
• Coordination with ISO’s of BU’s, CISO, Program Management, Enterprise and Domain architects
• Definition of project Charters, Deliverables, Milestones
• Bridge from Enterprise Architecture to the Security Architecture, based on TOGAF / SABSA modell
• Modeling of Strategic Security Architecture with TOGAF / SABSA
• Consideration of Cloud / onPrem Services
• Integration of the Cloud Plattform into the Global Security Architecture
• Synchronization with Identity Management, Access Management, PKI
• Management of external suppliers
• Detection of gaps to the target architecture in BU’s
• Change of authentication process
• Introduction of new authentication and SSO solutions
• PoC for different authentication mechanisms
• Definition of Rollout-Plan for major changes
• Synchronization between different IT Security Stakeholders

Eingesetzte Qualifikationen

Architekturvisualisierung, Cyber Security, System Architektur, Infrastrukturarchitektur, Certified Information Systems Security Professional (CISSP)

IT Security Project Coordinator
Wirecard AG, Aschheim
2/2019 – 8/2019 (7 Monate)
Finanzdienstleister
Tätigkeitszeitraum

2/2019 – 8/2019

Tätigkeitsbeschreibung

• IT Security Process optimization
• Management and improvement of IT Security related processes
• Work with stakeholders to implement IT Security Standards
• Coordination of internal & external penetration tests
• Definition of Security-Standards for Cloud based applications (AWS, Azure)
• Managing of external suppliers
• Adaptation of the global security standard
• PCI-DSS Compliance
• Security Consulting

Eingesetzte Qualifikationen

Cyber Security, Security Operations Center (SOC), Penetrationstest

IT Security Architect / Technical Project Lead
Siemens AG, München
1/2015 – 1/2019 (4 Jahre, 1 Monat)
High-Tech- und Elektroindustrie
Tätigkeitszeitraum

1/2015 – 1/2019

Tätigkeitsbeschreibung

• Defining and designing platforms to comply with International Security Standards
• Security concept for a Big Data and for a IoT platform with multiple Stakeholders
• Support of the management by technical questions
• Cyber Security Trainings for International Siemens Top Management
• Ensure cross-divisional collaboration and coordination with internal departments
• Communication and coordination with suppliers
• Representing the security requirements in the implementation programs as well as mediating between the requirements and the technically and commercially sensible options
• Coordination of off- and nearshore developers
• Leading of Java projects
• Safety analysis of the products used
• Product evaluation in the cloud and on premise
• Review of rollout concepts
• Evaluation of results with regard to the state of the art
• Development of tenant separation concepts
• Consulting on the evaluation of developed components
• Hardening Guidelines for Teradata Data Warehouse, Hortonworks Hadoop, Tibco Spotfire, Tableau, Talend, KNIME Server
• Architecture of the central user management (IAM)
• Architecture of Single Sign On
• Responsibility for the functional and technical architecture and further development of the multitenant Identity and Access Management infrastructure (IAM) (CloudFoundry UAA, MitreID Connect, Auth0)
• Integration of multiple applications with IAM (SAML 2.0, oAuth 2.0, OIDC, LDAP, SCIM)
• Adaptation of corresponding processes with dependence on the Identity and Access Management
• Development of a security concept for the streaming architecture.
Security measures to protect the stored, processed and transmitted data, to control data usage, for the secure design and configuration
• Integration of components into the platform
• Security architecture, code and process reviews for ACP2 projects
• Review of the data encryption and integrity (in-rest, in-motion)
• Review of the application code responsible for data processing, transfer and storage
• Review of the software component configuration responsible for data processing, transfer and storage
• Review of the applicability of multitenant deployments

Eingesetzte Qualifikationen

Cyber Security, Projektmanagement (IT), Software Architecture, System Architektur, Certified Information Systems Security Professional (CISSP)

Ausbildung

Informatik
Dipl-Inf.
University of Applied Sciences Munich
2000
München

Persönliche Daten

Sprache
  • Deutsch (Muttersprache)
  • Russisch (Fließend)
  • Englisch (Fließend)
  • Ukrainisch (Fließend)
Reisebereitschaft
Weltweit
Arbeitserlaubnis
  • Europäische Union
  • Schweiz
Home-Office
bevorzugt
Profilaufrufe
314
Alter
49
Berufserfahrung
24 Jahre und 9 Monate (seit 01/2000)
Projektleitung
10 Jahre

Kontaktdaten

Nur registrierte PREMIUM-Mitglieder von freelance.de können Kontaktdaten einsehen.

Jetzt Mitglied werden