Senior Security Consultant/Engineer

Profil Foto
Verfügbarkeit einsehen
Umkreis (bis 200 km)
de  |  en  |  ru
auf Anfrage
65760 Eschborn
19.11.2018

Kurzvorstellung

• Project management
• Security Consulting, Penetration Testing
• Security risks assessment and management
• Design and implementation security controls
• IT Security audit and monitoring

Ich biete

IT, Entwicklung
  • Cyber Security

Projekt‐ & Berufserfahrung

Senior Consultant and Projects Management
Kundenname anonymisiert, Eschborn
9/2016 – 12/2018 (2 Jahre, 4 Monate)
Banken
Tätigkeitszeitraum

9/2016 – 12/2018

Tätigkeitsbeschreibung

Migration of the local infrastructure to Office365
• Assessment of the current infrastructure, planning of the
migration, rollout, project management.
• Technology affected: Linux, pfSense, Windows Server
2012R2(Hyper-V, AD, NPS(VPN+WiFi)), Client OS – MacOS(+iOS),
Kerio Connect/Controll, Office365.
Migration of the local telephony to Skype for Business.
• Assessment of the current infrastructure, planning of the
migration, rollout, project management.
• Technology affected: Linux, pfSense, Windows Server
2012R2(Hyper-V, AD, MSSQL Server 2014, Skype for Business
2015), Asterisk, SIP trunk, QoS, Client OS – MacOS(+iOS),
Office365.
Projects Management for Deutsche Bank AG, Eschborn
(Banking)
Position: CISO SPOC
Duties:
• Delivery APT compliancy and concurrently management of the
testing process from start to finish for an assigned number of
production and development applications.
• All communication to ITAO’s in regards to testing
and requirements.
• Management the entire testing workflow through completion and
compliancy of the asset. (Test request, scope of test, SOW,
quotes, testing environment, accounts/access, reports, findings
review, compliancy)
• Walking/guidance of ITAO’s through the entire testing process
and provides all assistance required for the testing to take
place, including training of APT tracker
• Allocation of penetration tests to Deutsche Bank approved
penetration test vendors.
• Approval of the scope and the estimated effort required for a
penetration test.
• Reviewing and monitoring the quality of penetration tests
and reports.
• Approval of third party penetration test reports and uploading
these test results and finding to the APT Tracking Tool
• Management of the retest process with the APT vendor
Kenntnisse: Linux, pfSense, Windows Server, iOS, MacOS, Office365, Asterisk, SIP
trunk, QoS

Eingesetzte Qualifikationen

Cyber Security


Security consultant, Senior Systems Engineer and Head
Kundenname anonymisiert, Heidelberg
5/2010 – 5/2016 (6 Jahre, 1 Monat)
Banken
Tätigkeitszeitraum

5/2010 – 5/2016

Tätigkeitsbeschreibung

• Design and implementation of the environment for the customer
projects based on hybrid environment with Linux, Windows, and
virtualization based on Hyper-V and VMware
• Product development – hardware part, Procurement,
Infrastructure design, development and deployment
• Rollout management, establishing support process and tools
• Engineering and Support Teams management
• Project management
• Security Consulting: Security risks assessment and management,
Vulnerability Assessment and Scanning, Security Policy
Development and enforcement, Security Compliance, Security
assessment of software, infrastructure and product
• TÜV Compliance (EU, USA, CANADA)
• CE Compliance
Project name: “COWORKING”, Software Development company.
• Goal: Buildup redundant network and wireless infrastructure for
500+ workers and establish connection(IPSec) with branches (7)
of the company which located over the EU and USA.
• Role: Solution Architecture and realization and Project Management
• Hardware: Mikrotik(Router/Firewall), Lancom(Enterprise
Wireless)
• Technologies, protocols and standards: IPsec, OSPF, NAT, PAT,
Firewall, QoS, AD, NPS, WPA2 Enterprise, VLAN.
Project name: “IS”, Health Insurance company.
• Goal: Buildup complete Server, Storage and Network infrastructure
for the main office and brunches(15), migrate old data to new
infrastructure.
• Role: Solution Architecture, realization of the network and storage
part, Project management.
• Hardware: Cisco, Dell, Synology. Software: Microsoft.
• Technologies, protocols and standards: IPsec, OSPF, PBR, NAT,
PAT, Firewall, QoS, VALN, AD, Storage Cluster, HA, Hyper-V,
Windows Server 2012 R2, Terminal Server(250+ users),
Connection
Broker.
Project name: “Virtual Interactive Promoter”
• Design the hardware and software solution for management,
remote control and administration of the product based on
Windows Embedded 8.1 and Intel VPro technology.
• Security code testing, penetration testing, review, reporting
and management
• Hardware prototyping and design, Solidworks
• Communication with the manufacturing factory, approval of the
drawing data for manufacturing. Team work with external product
designer
• Requirements for the FAT (Factory Acceptance Test)
• Product documentation
• TÜV Compliance (EU, USA, CANADA)
• Preparation and testing of the hardware in accordance to the
relevant norms for the necessary world markets
• Communication with TÜV laboratory during certification process,
resolving the problems they found
Project name: “PMI AppStore”, Philip Morris International
• Design and Implementation of the redundant Server
infrastructure for maintaining of the product(AppStore) based
on windows solutions, LB from F5 and CDN Akamai.
• Information Security Compliance
• Security compliance with IS requirements of PMI
• Security code testing (OWASP), review, reporting and
management.
• Information Security incident management
• Vulnerability assessment and Management
• Contact person for security audits from the client side
Project name: “Travista”, development of www.travista.de
Project Management
Kenntnisse: Linux, Windows, Hyper-V, VMware, Mikrotik, Lancom, IPsec, OSPF, NAT,
PAT, Firewall, QoS, AD, NPS, WPA2 Enterprise, VLAN, Dell, Cisco, Synology

Eingesetzte Qualifikationen

Cyber Security


System and network administrator(DevOPS)
Kundenname anonymisiert, Heidelberg
5/2009 – 5/2010 (1 Jahr, 1 Monat)
Banken
Tätigkeitszeitraum

5/2009 – 5/2010

Tätigkeitsbeschreibung

• Planning, configuration, deployment and maintenance production
and dev servers for the customer applications based on PHP,
Java (Tomcat/Jboss), Python, Ruby and .NET
• Planning, deployment and maintenance of backup procedures for
production systems
• Monitoring and support 24/7 servers and client’s services
• Hardening of the Linux/Windows infrastructure
• Support of the development teams
• Hardening of the local infrastructure
Kenntnisse: PHP, Java, Python, Ruby, .NET, Linux, Windows

Eingesetzte Qualifikationen

IT-Systemmanagement

Ausbildung

Radiophysics & Electronics, Computer science.
(Specialist)
Jahr: 2010
Ort: Tavrida National V.I. Vernadsky University

Über mich

Focus
• Project management
• Security Consulting, Penetration Testing
• Security risks assessment and management
• Design and implementation security controls
• IT Security audit and monitoring
• Design and implementation of enterprise IT Infrastructures
• Migration of IT Infrastructure, planning, rollout

Persönliche Daten

Sprache
  • Deutsch (Gut)
  • Englisch (Fließend)
  • Russisch (Muttersprache)
  • Ukrainisch (Muttersprache)
Reisebereitschaft
Umkreis (bis 200 km)
Arbeitserlaubnis
  • Europäische Union
Profilaufrufe
35
Alter
38
Berufserfahrung
15 Jahre und 3 Monate (seit 09/2003)

Kontaktdaten

Nur registrierte PREMIUM-Mitglieder von freelance.de können Kontaktdaten einsehen.

Jetzt Mitglied werden »