Security Solutions Architect / Staff Security Engineer
- Verfügbarkeit einsehen
- 0 Referenzen
- auf Anfrage
- 45468 Mülheim an der Ruhr
- auf Anfrage
- de | en
- 23.04.2025
Kurzvorstellung
Qualifikationen
Projekt‐ & Berufserfahrung
1/2025 – offen
TätigkeitsbeschreibungThreat analysis on hybrid connectivity and complex cloud network infrastructure across multi-cloud in Azure Cloud, Google Cloud Platform (GCP), and Amazon Web Services (AWS).
Eingesetzte QualifikationenCloud Spezialist, Cyber Security Engineer
4/2023 – 3/2025
Tätigkeitsbeschreibung
- Define audit goals according to DWS Group and Deutsche Bank Security Standards
- Understand and verify IT security control implementation across DWS technologies & processes - Plan and execute internal audit on Google Cloud Infrastructure and Cloud Native/Kubernetes
- Plan and execute internal audit on CISO products, services and governance of key processes
- Plan and execute internal audit on Software Development Lifecycle (SDLC)
Certified Information Systems Auditor, Cloud Spezialist, Cyber Security, Informationssicherheit, Softwareentwicklung (allg.)
4/2022 – 3/2023
Tätigkeitsbeschreibung
- Lead agile transformation of CISO people and processes to utilise Kanban and OKRs in Asana - Lead agile transformation by applying industry standards like Critical Security Controls (CSC) - Analyse compliance and implementation state of global and local security controls
- Consult CISO and PwC projects on best practices and emerging threats in Cyber Security
- Contribute knowledge to Security Champion by workshops and presentations
- Establish and extend an Security Consultant program by applying agile methods in Asana
Agile Coach, Informationssicherheit, IT Architekt Informationssicherheit
9/2020 – 2/2022
Tätigkeitsbeschreibung
- Security Specialist in agile Scrum with .NET Backend, AngularJS Frontend, and QA Specialists
- Create and maintain Data Flow Diagrams (DFD) and Threat Modelling (ATT&CK, STRIDE)
- Execute Vulnerability Assessments/Discovery Pentests across UI, API & AWS Cloud
- Perform gap analysis on Application and Cloud against GMP compliance (pharma)
- Support Lead Engineers across UI, API and AWS Cloud in Secure by Design approaches
Agile Methodologie, Cloud Computing, Cyber Security, Software Design, Software engineering / -technik
1/2020 – 10/2021
Tätigkeitsbeschreibung
- Ensure Secure by Design in a Global Multi-Cloud Service Catalogue (AZU, GCP, AWS)
- Perform Threat Modelling and Risk Analysis for all Multi-Cloud Product Lines
- Develop Agile Security Assessments in Sprint at Scale with Automated Tools
- Support Scrum Teams on Security Practices by hands-on Engineering (DevSecOps)
Cloud Computing, Cyber Security, Software Design
1/2019 – 11/2019
Tätigkeitsbeschreibung
- Design, Automate, and Operate a Cloud Native Platform in Google Cloud Platform
- Move and Improve J2EE and Python Applications to Google Kubernetes Engines
- Infrastructure-as-Code (Terraform, Python-SDK)
- Evaluate Container Security with Falco/Twistlock (SCA, SAST) and other DevSecOps controls
Cloud (allg.), Cloud Computing, Cyber Security
7/2018 – 2/2022
Tätigkeitsbeschreibung
- Design, Automate, and Operate a Machine Learning Platform in AWS (pharma)
- Software-Composition Analysis (SCA) and Container Hardening in CI/CD (SAST, DAST, RASP)
- Infrastructure-as-Code (CloudFormation) and Event-Driven Security (AWS Lambda)
- SDK and API Development for Flask API (Python)
Cloud Computing, Cyber Security, Software engineering / -technik
6/2016 – 6/2018
Tätigkeitsbeschreibung
- Perform security assessments and propose risk mitigation strategies
- Perform threat analysis on various technologies and business propositions
- Manage security pentests and support risk remediation
- Extend baseline security requirements with DevSecOps and AWS security controls
- Security champion in agile software development projects
- Some assessed projects and technologies:
Apigee API Gateway (Node.js, API security, OAuth2, OIDC)
Microservice B2B Integration (Kubernetes, Docker, Java Springboot, Microservice
Security, mTLS, JWT, Bearer-Tokens)
Cloud SD-WAN Viptela (API Security, SAML Security, CPE/vCPE Security)
Certified Information Systems Security Professional (CISSP), Cloud Computing, IT Sicherheit (allg.), Projektmanagement (IT), Scrum
10/2015 – 5/2016
Tätigkeitsbeschreibung
- Current state assessments on strategic network security capabilities
- Developing balanced scorecards in cooperation with international SMEs
- IT infrastructure reporting on KPIs to senior management boards
- Data validation, KPI improvements and automation of KPI reporting
Certified Information Systems Security Professional (CISSP), Informationssicherheit, IT Sicherheit (allg.), Netzwerk-Sicherheit
7/2011 – 7/2015
Tätigkeitsbeschreibung
- Lead implementer TÜVRheinland "Certified Cloud Service“ (ISO 27001, BSI, ITIL) - Evaluate, design and implement state-of-art IT security products
- Act as Subject Matter Expert (SME) on IT security architecture and operations
- Perform security incident handling, vulnerability/risk management and audits
Cloud Computing, DIN EN ISO 27001, Informationssicherheit, It-Beratung, IT Sicherheit (allg.), ITIL, Konzeption (IT), Netzwerk-Sicherheit, Projektleitung / Teamleitung (IT), Qualitätsmanagement / QS / QA (IT), Telekommunikation / Netzwerke (allg.)
8/2009 – 6/2011
Tätigkeitsbeschreibung
- Design and operation of the heterogeneous LAN/WAN infrastructure
- Design and operation of the heterogeneous Firewall/VPN/IPS/APT infrastructure - Operations of network services like DNS, NTP, NAC, AAA und PKI
- Operations of network, system, and security monitoring (SIEM)
- Project management of a network redesign to meet BSI/ISO 27001 requirements - 3rd level support and troubleshooting
BSI-Standards, DIN EN ISO 27001, DNS, Firewalls, Informationssicherheit, IT-Support (allg.), IT Sicherheit (allg.), Lokale Netzwerke, Projektleitung / Teamleitung (IT), Telekommunikation / Netzwerke (allg.), VPN, WAN
11/2008 – 7/2009
Tätigkeitsbeschreibung
- Preparation, analysis and presentation of large-scale network security reviews
- Perform penetration tests and audits on web services, OS and networks
- Evaluate best-of-breed IDS-/IPS-, NAC- and DLP Solutions jointly with customers - 3rd level support for web-application firewalls
Betriebssysteme, Firewalls, IDS (Intrusion Detection System), Informationssicherheit, IPS (Intrusion Prevention System), It-Beratung, IT-Support (allg.), IT Sicherheit (allg.), Qualitätsmanagement / QS / QA (IT), Telekommunikation / Netzwerke (allg.)
Zertifikate
Google Cloud Professional Cloud Security Engineer
Linux Foundation
Linux Foundation
Scaled Agile Framework Inc.
Linux Foundation
Ausbildung
Hochschule Furtwangen University
Über mich
P. Z. earned his degree Diplom-Informatiker (FH) in computer networking and computer science from Furtwangen University in 2008. Over the years, he has taken on diverse roles — from network engineer and IT security consultant to information security specialist and cloud engineer —continually honing and sharing his expertise in secure-by-design principles for cloud platforms, applications, and ML/AI technology stacks. Today, he serves as a security solution architect, tech lead, and trusted advisor for international enterprises and startups, tackling complex security challenges and driving innovative, sustainable results.
Weitere Kenntnisse
Cloud Security Architecture in Azure, GCP, and AWS
Technology Security Assessments
Threat Modelling
Cloud Native Security
Application Security
MLOps & AI Security
Secure SDLC & DevSecOps
Risk Management & Information Security Management
Agile Transformation & OKR Coaching
Security Awareness & Training
Security Operations & Incident Response
Compliance & Audit
Security Automation & Orchestration with Python, Powershell, Terraform, or Bash/Shell
Document, Design and Implement AI agentic workflows
Data Center Networking & Security
Persönliche Daten
- Deutsch (Muttersprache)
- Englisch (Fließend)
Kontaktdaten
Nur registrierte PREMIUM-Mitglieder von freelance.de können Kontaktdaten einsehen.
Jetzt Mitglied werden