Profilbild von Anonymes Profil, Senior Security Expert IT & OT | Security Operation Center SOC SIEM | Schwachstellen Mngt.
verfügbar

Letztes Update: 18.03.2024

Senior Security Expert IT & OT | Security Operation Center SOC SIEM | Schwachstellen Mngt.

Firma: AGIBO UG
Abschluss: nicht angegeben
Stunden-/Tagessatz: anzeigen
Sprachkenntnisse: deutsch (Muttersprache) | englisch (verhandlungssicher)

Skills

Vulnerability management, Cloud, Telecommunication, data protection, Qualys, AZURE, quality assurance, User Management, Firewall, epas DETACK, Nessus, OpenVAS, Metasploit, Active Directory, LDAP, Windows Server, Linux, Oracle, MSSQL, Citrix, MySQL, Microsoft Office, virtual environment, Database, Windows, VMWare, SQL, WAN/LAN, MPLS/VPN connectivity, F5 load balancers, Juniper SSL VPN migration, anti-virus, SaaS, IT Security, Juniper, Cisco, Squid, McAfee, Data privacy, Security/Privacy concepts, network security, cost optimisation, WAN connectivity, MPLS WAN, firewalls, LISP, WAN, Accelerator, Cloud computing, PaaS, IaaS, ITIL, ESX, vCloud, Zimory, Citrix XenApp, BlueCoat Systems, data centre, VLANs, load balancers, routing, firewall environment, IP, F5, MPLS, ATM, SDH, VPN, DMZ, IPSec, BGP, SaaS/PaaS, LAN, PKI, Watchguard firewalls, SSL VPN, IDS, IPS, IPSec VPN, NAT, OTP, two-factor authentication, SAP, router, NAGIOS, Windows Server 2003/2008, Microsoft Project, proxies, JAVA, DNS, DHCP, CoBIT, Office, PowerPoint, Word, Excel, SSL VPN Gateway (SA, MAG, Administration, PenTesting, Vulnerability, Qualysguard, Apache, ISA, Forefront Security, DSI, Director, LAN Access, Debian, Centos, Samba, Cluster, iptables, Postfix, Sendmail, qmail, Scalix, IMAP POP3 SMTP, Shellscript, NFS, Microsoft Windows, Windows Server 2003, 2008, 2012

Projekthistorie

07/2022 - 02/2024
Technical Project Manager / Snr. Expert SOC
LBS Bank (Banken und Finanzdienstleistungen, 250-500 Mitarbeiter)

Technical Project Manager for the establishment of a SOC (Security Operations Center) within the banking group. Integration of all applications in compliance with banking regulatory requirements.
  • Development of Use Cases
  • Planning of the system landscape
  • Setup of the SIEM software
  • Vendor selection
  • Technical implementation and realization
  • Tuning of the Use Cases
  • Development of additional processes for SOC implementation
  • Project management
Starting Q2/23: Technical point of contact for security incidents. Coordinator for incidents. Planning, coordination, and preparation of penetration tests and vulnerability management. Management-oriented reporting for the executive board.

05/2023 - 12/2023
OT SIEM SOC Aufbau
Deutsche Post AG (DHL Group) (Transport und Logistik, >10.000 Mitarbeiter)

Build SOC/SIEM for OT
 
  • Development of a SIEM solution for the OT (Operational Technology) sector
  • Current state analysis (IST Analysis)
  • Technical planning and coordination
  • Design of a SOC SIEM structure for OT systems
  • Consolidation planning for multiple SIEM systems (international)
  • Part-Project Lead for “OT SOC SIEM”

07/2021 - 06/2022
Senior Security Expert / Schwachstellenexperte im OT Umfeld
Daimler AG (Automobil und Fahrzeugbau, >10.000 Mitarbeiter)

Position
Senior Security Expert / Schwachstellenexperte im OT Umfeld

Responsibilities

Expert for Vulnerability Management in the production network (OT Network). Establishing concepts to
scan the sensitive OT Landscape, remediate and vulnerability rating for multiple clients (Daimler
Truck, Central IT. Board Member in the global Vulnerabilty Board, administrator for the Qualys Cloud
Platform with more than one million Assets. Supporting the worldwide Agent Rollout, optimization of
Option Profiles (explicit for OT Scanning).

04/2021 - 07/2021
Senior Security Expert / Incident Management SOC
SEPAGO (Internet und Informationstechnologie, 50-250 Mitarbeiter)

Process implementation and customer onboarding for "SOC as a Service" (Security Operations Center).   Working as Security Expert / Incident Manager for the SOC, evaluation of existing processes and KPIs.  Support the SOC Team to analyze Security Incidents 

 

Products: AZURE, Microsoft Defender für Endpoint, Microsoft Defender ATP


01/2016 - 03/2021
Senior Security Analyst
AXA Group Operation

Period Client/sector Company size
01.01.2016 - 28.03.2021 AXA Group Operation > 100.000 employees

Position
01.01.2016: Senior Security Analyst & 01.11.2020: Vulnerability Management Expert


Responsibilities

1. Senior Security Analyst 
Remediation and coordinating of Pen Test findings (global/local) and Audit tracking. Reporting
of findings and incidents to AXA Management and solver departments. Coordination and
supporting incoming requests to operational resolver groups and supporting them with security
requirements according to AXA Security Guidelines and deep technical knowledge. Regional Manager (Northern Europe Region) for DETACK epas (Enterprise Password Assessment), appliance administration incl. maintenance and central reporting for password quality reports 2. Vulnerability Management Expert Global project supporting of the Qualys Guard Infrastructure Infrastructure Administration and Maintenance from Qualys Guard Reporting of Vulnerabilities Remediation and Tracking Asset Management and Server-Onboarding Vendor-Management / Coordination and support Tickets  

Primary Tasks and responsibilities:

 

  • Perform activities for vulnerability scanning and policy compliance (Qualys Guard)
  • Maintain and operate password hunting and quality assurance tool
  • Manage and control audit remediation activities
  • Manage and support Pen Test activities
  • Perform security and risk assessments
  • Create security concepts

 

Security support for Sub-Tasks:

 

  • Password Clear Text Scanning
  • Support for CyberArk migration
  • Supporting the privileged User Management and recertification
  • Related requests for ICT Infrastructure and Firewall approvals 
  • Security Consultant for other IT Projects
  • Support the global security Incident Management

Tools:

 

  • Security Tools (epas DETACK, Nessus, OpenVAS, Metasploit, Qualys)
  • Operate password hunting for Active Directory, LDAP, Windows Server, Linux, Oracle, MSSQL, Citrix and MySQL
  • Microsoft Office

07/2015 - 12/2015
Senior Security Analyst / Pen Test coordinator
AXA Konzern AG

Period Client/sector Company size
01.07.2015 - 31.12.2015 AXA Konzern AG > 100.000 employees

Position
Senior Security Analyst / Pen Test coordinator

Responsibilities
Pen Test coordination (internal application) and Group Reporting for the Group Pen Test Campaign
2015. Planning and setup Pen Tests with external providers, provider management and assessment of
risks. Detailed preparation and debriefing with stakeholders and support with deep technical
knowledge in the remediation phase. Perform lessons learned workshops after pen test activities.
Preparation of Management escalations and Risk Letters for findings with high risk or high priority,
communication from findings to SOC, external providers or to AXA Tech.

Qualys Guard vulnerability management:
Act as supporter for Pen testers with Qualys Guard Scans, Web application Scans and setup circular
BlackBox Tests (incl. monitoring) for non critical AXA Web Applications

10/2013 - 06/2015
Senior Security Analyst / Vulnerability Management
AXA-Tech

Period Client/sector Company size
01.10.2013 - 30.06.2015 AXA-Tech > 100.000 employees

Position
Senior Security Analyst / Vulnerability Management

Responsibilities
Global project supporting for Qualys Guard vulnerability management:
Establishment of a new Qualys Guard infrastructure and concept for circular vulnerability scans.
Detailed breakdown from the complete AXA Germany and AXA Belgium Network with the restructuring from
the existing appliance solution to a virtual environment. Rebuild new Qualys Assets and integrate
new processes for deployment and vulnerability scans. Maintenance and central contact for the Qualys
environment after the restructure.

Security support for Sub-Projects:
* Tracking from Audit Findings particular for high critical financial systems
* Architecture and Establishment of Privileged User Management Database for Windows, Linux,
VMWare, SQL and Oracle.
* Organizational measure to capture High Privileged Accounts
* Reporting, tracking and remediation of vulnerabilities, system hardening and patch management

01/2013 - 08/2013
Senior Security Expert
Deutsche Annington Immobilien SE

Period Client/sector Company size
01.01.2013 - 31.08.2013 Deutsche Annington Immobilien SE > 4.000 employees
(Heute: Vonovia)
Position
Senior Security Expert

Responsibilities
Establishment of security concepts and processes for the IPO (stock market launch), risk evaluation
and coordination Pen Testing.

* Active vendor management for the WAN/LAN/Security/Data Centre infrastructure (as support for
the service management)
* Installation, reduction and sizing for the MPLS/VPN connectivity
* IP Management (conception and planning) for all locations
* Change management
* Supporting the operational unit as 3rd level support (firewalling, network, BlueCoat Proxy SG,
reverse proxy (TMG) and F5 load balancers)
* Project lead for cross projects (Juniper SSL VPN migration from device SA4000 to MAG6611,
location moves, migration of the anti-virus solution to an external vendor / SaaS)

Products and standards:
* ITSM
* IT Security (Grundschutz, BSI, various security products)
* Juniper, Cisco
* Blue Coat, Squid
* McAfee
* Alcatel-Lucent VitalQIP

07/2012 - 12/2012
Senior Security Consultant Data privacy
Deutsche Telekom AG (ICM, IKS)

Period Client/sector Company size
16.07.2012 - 31.12.2012 Deutsche Telekom AG (ICM, IKS) > 200.000 employees

Position
Senior Security Consultant Data privacy

Responsibilities
Supporting and revision of various EPR Projects (main task: Security/Privacy concepts and
compliance, auditing the plausibility of concepts). Approver for authority of compliance and above
concepts incl. the SoCs (Statement of Compliance) for Group-wide operational standards. Consulting
for network security and infrastructure (security) solutions.

Period Client/sector Company size
01.06.2012 - 15.07.2012 various clients > 1.000 employees

Position
Cloud Strategy / Evaluation for various clients

Responsibilities
Consulting for various clients, evaluation of several cloud infrastructure solutions and IT
Security. Consulting for Data Centre strategy and cost optimisation, conception of the effort and
feasibility into a full managed service.

04/2012 - 05/2012
Security Infrastructure coordinator
SIEMENS ATOS

Period Client/sector Company size
01.04.2012 - 31.05.2012 SIEMENS ATOS > 200.000 employees

Position
Security Infrastructure coordinator

Responsibilities
Analyse of a large ICT infrastructure environment, reporting of missing ICT functions to the ATOS
Board. Creating reports and processes in the area MDS (Mobile Device Service) and Endpoint Security.

07/2009 - 06/2011
Security Architect, International Data centre consolidation
T-Systems International

Period Client/sector Company size
07/2009 - 30.06.2011 T-Systems International (CZ, UK, NL) > 200,000 employees


Position
Security Architect, International Data centre consolidation

Responsibilities
* Migration of an existing data centre environment in the Czech Republic/UK/NL to a German cloud
environment
* Conceptualisation of the data centre inter-connectivity / expansion of existing data centre
connectivity
* Planning of new VLANs within the overall application structure
* Conceptualisation of firewalls, load balancers, reverse proxy environments
* Conceptualisation of application-specific network environments using AppCom / STS
* Process support for business blueprint / security / migration
* Planning and preparation of changes (firewall, load balancers, monitoring,...)
* Documentation of complex projects
* Decommissioning of legacy data centre connections and firewall systems
* IP connectivity planning (routing, firewall environment, IP address management)

Products and standards

* ITIL
* Baseline security requirements in accordance with Corporate Security Policy
* Cisco, F5, Juniper
* Network (routing, MPLS, ATM, SDH, VPN, DMZ, IPSec, BGP)
* Cloud computing (SaaS/PaaS, ESX, Citrix)

04/2008 - 07/2009
Sub-project management Security
DHL

Period Client/sector Company size
04/2008 - 09/2008 DHL > 200,000 employees


Position
Sub-project management Security
Responsibilities
* Sub-project management for a Client migration project (6,000 Users)
* In charge of the areas proxies, networks, firewalls, applications
* Supporting service management
* Preparation of security concepts and processes for an external service provider (T-Systems)
* Deactivation of legacy server systems and network landscapes
* Developing global server concepts
* Planning and migration of a proxy cluster (approx. 6,000 users)
* Modification of the security processes
* Preparation of changes (change management)
* Developing a JAVA PAC file for approx. 3,500 workplace systems
* Planning and matching of bandwidth requirements for the MPLS structure
* Matching of DNS and DHCP

Products and standards
* ITIL
* Checkpoint firewalls
* Network (network coupling, NAT zones, routing, MPLS, ATM)
* Citrix
* App-V (former SoftGrid)
* Proxy/Internet: Squid, Finjan Secure Web Gateway (content security)
* Directory services: Active Directory, LDAP
* Microsoft Project

08/2007 - 03/2008
Security management auditor for DEUTSCHE POST Management Board
DEUTSCHE POST AG

Period Client/sector Company size
08/2007 - 03/2008 DEUTSCHE POST AG > 200,000 employees

Position
Security management auditor for DEUTSCHE POST Management Board
Responsibilities
* Auditing of IT and security projects (ITIL / CoBIT)
* Security management audits at a data centre of a service provider
* Preparing the audit
* Orientation of the control objectives to the corporate structure
* Kick-off, establishing the audit and the audit sphere
* Interviews with the specialist departments
* Weak-point analysis
* Auditing of authorisation processes
* Assessment of risks
* Recommending improvements
* Reporting to the Board

Products and standards
* ITIL
* CoBIT
* Microsoft Office (PowerPoint, Word, Excel)

07/2006 - 07/2007
Service Manager Network / Security
DHL International / Deutsche Post AG

Position
Service Manager Network / Security

05/2005 - 06/2006
Lead Network and Security Architect ESC
DHL International, ESC

Position
Lead Network and Security Architect ESC

08/2003 - 04/2005
Firewall / Linux Administrator
DHL

Position
Firewall / Linux Administrator

Reisebereitschaft

Weltweit verfügbar
Profilbild von Anonymes Profil, Senior Security Expert IT & OT | Security Operation Center SOC SIEM | Schwachstellen Mngt. Senior Security Expert IT & OT | Security Operation Center SOC SIEM | Schwachstellen Mngt.
Registrieren