Assessment, optimisation and enhancement of IT security incident management and related processes and interfaces
Organization of workshops and trainings
Runbooks Optimization
Improvement & design of new runbooks and playbooks
Consulting
Consulting on information security for business units and projects
Operations
Incident Response: conducting or managing incident response investigations, investigating targeted threats
Product Ownership
Monitoring and assessment of cyber security threats, development of risk position report, development of countermeasures
Providers management
Vulnerabilities management
Design of SOC internal processes and runbooks
Interfaces description
SOAR playbooks development
SOAR playbooks development
Application Security
Definition and documentation of internal security processes
Responsible for designing security concepts, defining and documentation of customers? internal processes
Successfully leased between customer and business units
Monitoring and analyzing potential automated attacks incl. log analysis and implementation of mitigation actions
Managing security issues by means of different tools such as WAF (Web Application Firewall), Bot protection, in alignment with business units and vendor
Support of penetration tests and of the evaluation of the results
SOC Documentation
Optimisation and documentation of SOC internal processes
Designed IT security concept (BSI IT-Grundschutz)
Operations
Implemented device interfaces for integration with the patient data management systems (programming in C++)
Responsible for installation and integration of medical devices of different manufacturers in hospitals
Provided 3rd level Tech Support for customers
Responsible for end to end process design and implementation for the user acceptance testing
Organized trainings for 3rd party testing team
Managed an external international testing team
Tracked, supervised and reported project status to the main project lead
Implemented testing automation
Development Time Management Tool
Software development of core internal tools, programming of interfaces and bug fixing
Administrated of MS SQL Databases
Development Applications Portal
Software development
E-commence CRM database integration
Project management
Technical Consulting
Documentation
Operations
Bug fixing
Implementation of customers requirements
Thesis gladly on request
Skills
Incident Handling
SOAR (Security Orchestration, Automation and Response) tools
Standards:
OWASP
BSI IT-Grundschutz
NIST Cyber Security Framework
ISO 2700x
MITRE ATT&CK, OWASP Top10
LogAnalyse:
SIEM ElasticSearch
Splunk
Web Application Security, Web Application Architecture
Network protocols, Network Security
Botnet and DDoS protection, WAF administration
Cryptography:
encryption algorithms
PKI
Tools:
Burp Suite
Xenu Sleuth
Fiddler
Jira
Confluence
Development environments:
Visual Studio 2005-2015
Eclipse
MS-Office
Word
Excel
PowerPoint
VISIO
Assessment, optimisation and enhancement of IT security incident management and related processes and interfaces
Organization of workshops and trainings
Runbooks Optimization
Improvement & design of new runbooks and playbooks
Consulting
Consulting on information security for business units and projects
Operations
Incident Response: conducting or managing incident response investigations, investigating targeted threats
Product Ownership
Monitoring and assessment of cyber security threats, development of risk position report, development of countermeasures
Providers management
Vulnerabilities management
Design of SOC internal processes and runbooks
Interfaces description
SOAR playbooks development
SOAR playbooks development
Application Security
Definition and documentation of internal security processes
Responsible for designing security concepts, defining and documentation of customers? internal processes
Successfully leased between customer and business units
Monitoring and analyzing potential automated attacks incl. log analysis and implementation of mitigation actions
Managing security issues by means of different tools such as WAF (Web Application Firewall), Bot protection, in alignment with business units and vendor
Support of penetration tests and of the evaluation of the results
SOC Documentation
Optimisation and documentation of SOC internal processes
Designed IT security concept (BSI IT-Grundschutz)
Operations
Implemented device interfaces for integration with the patient data management systems (programming in C++)
Responsible for installation and integration of medical devices of different manufacturers in hospitals
Provided 3rd level Tech Support for customers
Responsible for end to end process design and implementation for the user acceptance testing
Organized trainings for 3rd party testing team
Managed an external international testing team
Tracked, supervised and reported project status to the main project lead
Implemented testing automation
Development Time Management Tool
Software development of core internal tools, programming of interfaces and bug fixing
Administrated of MS SQL Databases
Development Applications Portal
Software development
E-commence CRM database integration
Project management
Technical Consulting
Documentation
Operations
Bug fixing
Implementation of customers requirements
Thesis gladly on request
Skills
Incident Handling
SOAR (Security Orchestration, Automation and Response) tools
Standards:
OWASP
BSI IT-Grundschutz
NIST Cyber Security Framework
ISO 2700x
MITRE ATT&CK, OWASP Top10
LogAnalyse:
SIEM ElasticSearch
Splunk
Web Application Security, Web Application Architecture
Network protocols, Network Security
Botnet and DDoS protection, WAF administration
Cryptography:
encryption algorithms
PKI
Tools:
Burp Suite
Xenu Sleuth
Fiddler
Jira
Confluence
Development environments:
Visual Studio 2005-2015
Eclipse
MS-Office
Word
Excel
PowerPoint
VISIO