Senior IT Security Architect & Consultant

9/2020 – offen

Trainer for Cloud Security

Cyber Security, Cloud (allg.), Cloud Computing

7/2020 – 11/2024

• Comparison of Vulnerability Scanners
• Consolidation and Management of customer requirements
• Communication with vendors, preparation of RFI and RFP
• Result evaluation
• Report creation

Cyber Security

3/2020 – 6/2020

• Development of Cloud IAM Concepts
• Security concepts for private and public cloud platforms
• IAM related reports for financial audits
• IAM Integration of applications with separation of tenants
• Consulting for modern Identity Management Solutions

Cyber Security

9/2019 – 3/2020

• Development of Target Enterprise Security Architecture
• Definition of Security Architecture Domain Model and Processes
• Consideration of Business Drivers, Security Principies, Goals, Requirements in the Architecture Modell
• Coordination with ISO’s of BU’s, CISO, Program Management, Enterprise and Domain architects
• Definition of project Charters, Deliverables, Milestones
• Bridge from Enterprise Architecture to the Security Architecture, based on TOGAF / SABSA modell
• Modeling of Strategic Security Architecture with TOGAF / SABSA
• Consideration of Cloud / onPrem Services
• Integration of the Cloud Plattform into the Global Security Architecture
• Synchronization with Identity Management, Access Management, PKI
• Management of external suppliers
• Detection of gaps to the target architecture in BU’s
• Change of authentication process
• Introduction of new authentication and SSO solutions
• PoC for different authentication mechanisms
• Definition of Rollout-Plan for major changes
• Synchronization between different IT Security Stakeholders

Architekturvisualisierung, Cyber Security, System Architektur, Infrastrukturarchitektur, Certified Information Systems Security Professional (CISSP)

2/2019 – 8/2019

• IT Security Process optimization
• Management and improvement of IT Security related processes
• Work with stakeholders to implement IT Security Standards
• Coordination of internal & external penetration tests
• Definition of Security-Standards for Cloud based applications (AWS, Azure)
• Managing of external suppliers
• Adaptation of the global security standard
• PCI-DSS Compliance
• Security Consulting

Cyber Security, Security Operations Center (SOC), Penetrationstest

1/2015 – 1/2019

• Defining and designing platforms to comply with International Security Standards
• Security concept for a Big Data and for a IoT platform with multiple Stakeholders
• Support of the management by technical questions
• Cyber Security Trainings for International Siemens Top Management
• Ensure cross-divisional collaboration and coordination with internal departments
• Communication and coordination with suppliers
• Representing the security requirements in the implementation programs as well as mediating between the requirements and the technically and commercially sensible options
• Coordination of off- and nearshore developers
• Leading of Java projects
• Safety analysis of the products used
• Product evaluation in the cloud and on premise
• Review of rollout concepts
• Evaluation of results with regard to the state of the art
• Development of tenant separation concepts
• Consulting on the evaluation of developed components
• Hardening Guidelines for Teradata Data Warehouse, Hortonworks Hadoop, Tibco Spotfire, Tableau, Talend, KNIME Server
• Architecture of the central user management (IAM)
• Architecture of Single Sign On
• Responsibility for the functional and technical architecture and further development of the multitenant Identity and Access Management infrastructure (IAM) (CloudFoundry UAA, MitreID Connect, Auth0)
• Integration of multiple applications with IAM (SAML 2.0, oAuth 2.0, OIDC, LDAP, SCIM)
• Adaptation of corresponding processes with dependence on the Identity and Access Management
• Development of a security concept for the streaming architecture.
Security measures to protect the stored, processed and transmitted data, to control data usage, for the secure design and configuration
• Integration of components into the platform
• Security architecture, code and process reviews for ACP2 projects
• Review of the data encryption and integrity (in-rest, in-motion)
• Review of the application code responsible for data processing, transfer and storage
• Review of the software component configuration responsible for data processing, transfer and storage
• Review of the applicability of multitenant deployments

Cyber Security, Projektmanagement (IT), Software Architektur / Modellierung, System Architektur, Certified Information Systems Security Professional (CISSP)