Successfully completed various IT Security projects
A seasoned Information Security Consultant with over 15 years of experience, specializing in ISO 27001 ISMS implementation and compliance, ensuring robust security frameworks across various industries
Expert in cloud and on-premises security, with a focus on AWS and Azure environments, leveraging AI-driven security measures to enhance organizational resilience and compliance with emerging regulations
Proficient in incident response and forensic investigations, leading critical projects to mitigate threats and secure data integrity in both cloud and traditional IT infrastructures
Accomplished public speaker and author, sharing insights on cloud security best practices and contributing to industry standards through publications and professional engagements
)
)
Overview
- Availability
- Asap, full-time, onsite & remote
- Qualification
- Bachelor of Science in Computer Science, specializing in Information Security
- Language Skills
- German (Native), Russian (Native), English (Fluent)
- Relevant Expertise
- Information Security Management, Application & Infrastructure Security, Cloud Security, Incident Response, Risk Management, Compliance, AI-Driven Security, Penetration Testing, Vulnerability Management, Data Protection, ISMS Implementation
Key-Facts
Extract from previous activities
Services Network Company, Germany
DORA Consultant and Implementation
Implementation of an Information Security Management System (ISMS) based on ISO 27001, ensuring systematic risk management and data protection across the organization
DORA Compliance Readiness
Conducting comprehensive Gap Analyse
Developing and executing a detailed Action Plan to address identified gaps, including prioritization of security measures and resource allocation
Services Network Company, Germany
Data Loss Prevention Implementation
Managing and supporting Microsoft Purview Data Loss Prevention (DLP) deployment
Development of DLP policies
Cloud Security: Integration of Microsoft 365 and Azure environments
Implementation of endpoint DLP to control and prevent data leakage through unauthorized channels, including devices, storage, and third-party applications
Establishing data protection controls for email, document sharing, and collaboration tools
Continuous monitoring and response to DLP incidents, ensuring compliance and operational resilience
Audit Service Provider Company, Germany
Security Consultant
Managing and supporting TISAX Certification Process
Implementation Bug Bounty Program
Cloud Security: Implementation of CSPM/CNAPP and Container Security Solutions (Wiz, Aqua & TrendMicro)
Establishing Supplier Management: Integration in purchasing, creation of security requirements: SaaS solutions, Hosting and operations, Software and hardware
Contract Attachements with security commitment
Supporting Pentest plannings incl. Red Teaming and Tiber tests
Creation of several ISMS policies like Supplier Management, Vulnerability and Patch Management, Cloud Security according to ISO 27001:2022
Mobility and construction Trading Company, Germany
Interim Group CISO
Chief Information Security Officer for 42 subsidiaries
Managing 15P internal Security Team as well as Partners, MSPs and Freelancers
Implementation & Operation SIEM/SOAR + SOC, EDR, NDR and Vulnerability Management
Vulnerability Scanning and Patch Management
Security Awareness: Implementation of a Tool-based Awareness Program with SoSafe incl. Phishing Campaign
Penetration Testing: Coordination, Requirements, Analysis, Recommendations of Pentests for the whole application and infrastructure landscape
Cloud Security