Lead Consultant Information Security
Devoteam
Total years of experience :9 years, 10 Months
Selected Project References:
- Implementation ISMS (energy sector)
- Implementation Information Security Risk Management (chemical sector)
- Setup and Execution of 3rd Party Vendor Risk Management (chemical sector)
- Design of Factory Security Standard based on IEC 62443 (chemical sector)
- Execution of NIS-Audit (energy sector)
- Setup of Incident Management Process (including SIEM Use Case Design) (public transportation
sector, energy sector)
- Vendor negotiations of information security requirements for SCADA System procurement
(energy sector)
- Support in Incident Containment/Remediation (Quality Assurance, KPI definition and reporting)
(chemical sector)
- Design of vulnerability management process (energy sector)
- Consulting of Cryptography-related Topics for IT and OT Systems (energy sector, health sector,
satellite service provider)
- Security Concept for digitalization of Power Plants (including Network Architecture integration,
Threat Model, IIoT) (energy sector)
- Security Concept for Public Key Infrastructure (energy sector)
- Security Concept for MS Active Directory (energy sector)
- Planning and Design of IT and OT Networks (incl. Network Segmentation) (energy sector)
- Penetration Testing in IT and OT
- Project Manager of technical IT security audits
- Risk/Threat modeling
- Vendor Assessments
- Vendor Audits
- Execution of Penetration tests (incl. Red Team Methodology)
- Network Segmentation Design and Audit (internal + perimeter)
- Design and Audit Microsoft Active Directory (incl. multiple forests)
- Design of Security Architecture
- Workshops and Courses of various IT Security topics (e.g., awareness, hardening)
- Member of the following Competence Centers:
o Security Architecture
o Red Teaming
o Application Security Management
Design, implementation and operation of applications and systems with related data content to
Geographical Information Services (GIS)