freiberufler Security Consultant auf freelance.de

Security Consultant

offline
  • auf Anfrage
  • 63517 Rodenbach bei Hanau
  • Weltweit
  • fr  |  de  |  en
  • 05.01.2021

Kurzvorstellung

A graduate with strong communication and organizational skills gained in information security management system, now seeking to move in Information Security Consulting (ISO 2700x and BSI-Grundschutz), Risk Management, Access Identity Management, etc.

Qualifikationen

  • BSI-Standards
  • Certified in Risk and Information systems Control (CRISC)
  • CISA (Certified Information Systems Auditor)
  • CISM (Certified Information Security Manager)
  • Cloud (allg.)
  • Informationssicherheit
  • Projektmanagement - Risikomanagement
  • Risikoanalyse

Projekt‐ & Berufserfahrung

Senior Information Security GRC
CSL Behring GmbH, Marburg
12/2018 – 12/2020 (2 Jahre, 1 Monat)
Chemieindustrie
Tätigkeitszeitraum

12/2018 – 12/2020

Tätigkeitsbeschreibung

Improvement of the design of security regulations and concepts to governance (SOP, ISF, QMS, cGMP, and DLP), risk management and compliance issues (IT-GRC). In the context of risk analysis (ISO 27005, NIST, ISO 31000, etc.) security workshops, audits (ISO 27001, NIST, and BSI baseline protection) and awareness trainings.

Eingesetzte Qualifikationen

ITIL, BSI-Standards, CISA (Certified Information Systems Auditor), DIN ISO/IEC 27001, DIN ISO/IEC 27002, Certified Information Systems Security Professional (CISSP)

Senior Information Security Consultant
Atos IT Solutions and Services A/S, Mannheim
4/2017 – 12/2018 (1 Jahr, 9 Monate)
Dienstleistungsbranchen (Service)
Tätigkeitszeitraum

4/2017 – 12/2018

Tätigkeitsbeschreibung

Advice companies on the topic of information security from strategic consulting, through the design of security regulations and concepts to governance, risk management and compliance issues (IT-GRC). In the context of risk analysis, security workshops, audits (ISO 27001 and BSI baseline protection) and awareness trainings. Establishment of SIEM concept.

Eingesetzte Qualifikationen

ITIL, BSI-Standards, CISA (Certified Information Systems Auditor), DIN ISO/IEC 27001, DIN ISO/IEC 27002, Certified Information Systems Security Professional (CISSP)

Freelancer IT-Security Consultant
DekaBank – Deutsche Girozentrale, Frankfurt am Main
1/2017 – 3/2017 (3 Monate)
Banken
Tätigkeitszeitraum

1/2017 – 3/2017

Tätigkeitsbeschreibung

Analyze discovered privileged and functional user accounts for risk, ownership and access appropriateness using various analytical tools or platforms
Work with IT and business stakeholders to define PAM target state processes and gather business requirements
Interpret and apply architecture and designs to build Identity and Access Management solutions to support globally dispersed businesses, personnel and customers
Work with the broader IT organizations to interpret policies and Standards, ensuring policies and standards are properly followed by new and existing TPAM solutions Contribute to evaluation, selection and configuration of TPAM products and services from vendors
Identify opportunities and outline action plans to improve existing PAM solution
Technology: Q1IAM / TPAM (DELL)

Eingesetzte Qualifikationen

Certified Information Systems Security Professional (CISSP)

External IT-Security Specialist
ZF Friedrichshafen AG / ZF TRW, Friedrichshafen
3/2016 – 12/2016 (10 Monate)
Bauwirtschaft, Anlagen- und Schiffbau
Tätigkeitszeitraum

3/2016 – 12/2016

Tätigkeitsbeschreibung

Establishment of ISMS-Policies / Requirements Intern security auditor
IT Security Monitoring / Critical Design Review
Incident- / Release-, Change management in focus on Information Security Technology: IS-Technologies / CMS /CMDB (ITIL), AMPEG (KPI-Illustration), Q1IAM (DELL), SOC / SIEM (NET IQ)

Eingesetzte Qualifikationen

ITIL, BSI-Standards, CISA (Certified Information Systems Auditor), DIN ISO/IEC 27001, DIN ISO/IEC 27002, Certified Information Systems Security Professional (CISSP)

Information Security Manager
Anvis Deutschland GmbH, Steinau an der Strasse
7/2015 – 1/2016 (7 Monate)
Maschinen-, Geräte- und Komponentenbau
Tätigkeitszeitraum

7/2015 – 1/2016

Tätigkeitsbeschreibung

Establishment of security policy of basis ISO 27001 / 27002 & BSI-Grundschutz und CoBit
Intern security auditor Asset classification
Asset or information risk management / risk analysis
IAM advice (application of “Quest One Identity Manager”)

Technology: IS-Technologies / GS-Tools (BSI) or Verenice, CMDB (ITIL), Q1IAM

Eingesetzte Qualifikationen

Ingenieurwissenschaft, Mathematik, ITIL, CISA (Certified Information Systems Auditor), Certified Information Systems Security Professional (CISSP)

Security Consulting
Kundenname anonymisiert, Frankfurt
4/2014 – 5/2015 (1 Jahr, 2 Monate)
Dienstleistungsbranche
Tätigkeitszeitraum

4/2014 – 5/2015

Tätigkeitsbeschreibung

▪ Development of new IS-Audit-Check-lists e.g. ISMS / ISO 27001
▪ Development of new IS-Check-lists e. g. computing center
▪ Development of new Check-list for Special Network
▪ Development of new Authority Share concept
▪ Development of a new Information Security Policy

Eingesetzte Qualifikationen

Hardware Entwicklung, BSI-Standards, Informationssicherheit, IT Sicherheit (allg.), DIN ISO/IEC 27001, Qualitätsmanagement / QS / QA (IT), Telekommunikation / Netzwerke (allg.), IT-Beratung (allg.), Auditor, DIN EN ISO 50001, DIN EN ISO 27001

it Security Consulting
Kundenname anonymisiert, Aachen
6/2012 – 3/2014 (1 Jahr, 10 Monate)
Dienstleistungsbranche
Tätigkeitszeitraum

6/2012 – 3/2014

Tätigkeitsbeschreibung

▪ Analysis of network protocols and data flow.
▪ Design of interface specifications for Enterprise Security Management.
▪ Network simulation and performance analysis of mobile ad-hoc networks Radio Failure Classification and Radio Failure Cleanup for Network Provide.

Eingesetzte Qualifikationen

IT Sicherheit (allg.), Telekommunikation / Netzwerke (allg.), IT-Beratung (allg.), Management (allg.), Public Relations

IT Security Consulting
Kundenname anonymisiert, Düsseldorf
1/2012 – 2/2013 (1 Jahr, 2 Monate)
High-Tech- und Elektroindustrie
Tätigkeitszeitraum

1/2012 – 2/2013

Tätigkeitsbeschreibung

Investigation of vulnerabilities of AES cipher on Smartcard implementations and its round key computation using side channel attacks

Eingesetzte Qualifikationen

IT Sicherheit (allg.), SAP Beratung (allg.), IT-Beratung (allg.)

ISPO (Information Security Partner Officer)
Mobility Media GmbH / Bosch Group, Berlin
1/2012 – 12/2012 (1 Jahr)
High-Tech- und Elektroindustrie
Tätigkeitszeitraum

1/2012 – 12/2012

Tätigkeitsbeschreibung

Development of a new Information Security & Privacy concept and Administration of Enterprise Security Management and Implementation.

Eingesetzte Qualifikationen

Hardware Entwicklung, IT Sicherheit (allg.), Informationssicherheit, Management (allg.), Public Relations

IT Help Desk Engineer
Arvato Bertelsmann, Potsdam
2/2011 – 1/2012 (1 Jahr)
Dienstleistungsbranche
Tätigkeitszeitraum

2/2011 – 1/2012

Tätigkeitsbeschreibung

first and second level support for road charge.

Eingesetzte Qualifikationen

2nd & 3rd Level Support, IT-Support (allg.), OnRoad

Zertifikate

Certificate ISO/IEC 27001 Lead Auditor, Firebrand Training GmbH, Rotenburg an der Fulda (Germany)
2018
CISSP Training, Firebrand Training GmbH, Rotenburg an der Fulda (Germany)
2017
Certificate Cyber Defence Analyst, ConSecur GmbH, Meppen (Germany)
2016
Foundation in Information Security Management Systems according to ISO/IEC 2700x. TÜV SÜD Akademie GmbH, München (Germany)
2015
Internal certificate of Information Security Partner Officer (2 Days) Mobility Media GmbH (Bosch Group), Berlin (Germany)
2012
Internal certificate of Access Identity Management (2 Days) Mobility Media GmbH (Bosch Group), Berlin (Germany)
2012
Certificate SAP TERP 10 (10 Days) (without certificate: sick reason) University Brandenburg an der Havel, Brandenburg an der Havel (Germany)
2011
Certificate IT-Service Manager (ITILv2 & ITILv3) (5 Days) SGS Germany GmbH & SGS TÜV SAAR, Hamburg (Germany), Hamburg (Germany)
2011

Ausbildung

Security Management
Master of Science (M. Sc.) - ISMS
2014
University Brandenburg an der Havel, Brandenburg a
Engineer of Electronic & Communications Technology
Ba. Eng.
2010
Beuth Hochschule für Technik, Berlin (Germany)

Über mich

A graduate with strong communication and organizational skills gained in information security management system, now seeking to move in Information Security Consulting (ISO 2700x and BSI - Grundschutz), Risk Management, Access Identity Management, IT-Service Management, Mobil network optimization.

Weitere Kenntnisse

▪ C/C++, shell, LabView; Mobile communications: 2G/ 3G/ 4G (security); IPSec; VoIP; TCP/UDP; TCP/IP (v4/v6); Ethernet

Persönliche Daten

Sprache
  • Französisch (Muttersprache)
  • Deutsch (Fließend)
  • Englisch (Gut)
Reisebereitschaft
Weltweit
Arbeitserlaubnis
  • Europäische Union
  • Schweiz
Profilaufrufe
3011
Alter
41
Berufserfahrung
13 Jahre und 11 Monate (seit 04/2010)
Projektleitung
4 Jahre

Kontaktdaten

Nur registrierte PREMIUM-Mitglieder von freelance.de können Kontaktdaten einsehen.

Jetzt Mitglied werden