Results-driven communication expert with over a decade of experience in project and team management, specializing in information security. Proven track record in leading complex IT security initiatives, ensuring compliance with industry standards like ISO27001, SOC2, and GDPR. Adept at bridging the gap between technical and non-technical stakeholders, with hands-on expertise in Linux, Unix, and advanced cybersecurity protocols. Known for strategic problem-solving and a proactive approach to mitigating risks, I thrive in dynamic environments where security and innovation intersect. Seeking to leverage my deep technical background and leadership skills to drive organizational excellence in a challenging and evolving security landscape.
2018-05 - present, Hockenheim
DEGIT AG: Member of the Board
- Information Security Officer and Data Protection and Privacy Officer.
- Access to experts from multiple fields.
- Competent and focused partner for all consulting needs.
2024-01 - present, Hamburg
- Project management data center relocation.
- Modernizing backup concept and infrastructure.
- Modernizing Solaris infrastructure.
- Achievement: Successfully managed the relocation of two data centers, resulting in a reduction in downtime.
- Achievement: Modernized the bank’s backup infrastructure, reducing recovery time objectives (RTO) and minimizing the risk of data loss.
- Achievement: Migrated outdated Solaris infrastructure across the organization, improving system performance and cutting maintenance costs.
2023-10 - 2024-06, New York, London, Paris, Belgrade
Threedium Ltd.: Information Security Officer
- Consulting in all questions about and around IT security.
- Support of the DevOps team.
- Integration of services in SSO infrastructure.
- Support of certificate audits (SOC2, ISO27001)
- Advice on all aspects of GDPR.
- Introduction of security guidelines.
- Achievement: Implemented IT security measures that passed a SOC2 audit with zero non-conformities, securing key client contracts.
- Achievement: Integrated SSO infrastructure across multiple platforms, improving security and user experience.
- Achievement: Led the team in passing ISO27001 certification within a tight six-month deadline, which opened new markets for the company.
2019-01 - 2023-09, Frankfurt
Deutsche Vermögensberatung AG: IT-Security Engineer / Management
- Consulting regarding any security topics, focus on server and networks.
- Support and strategy handling during a (large) security incident.
- Writing (security) policies and technical concepts.
- Automation vulnerability and inicident management.
- Support for building IT architecture and strategy.
- Preparation and accompanying of penetration tests.
- Security audits.
- Specialization in the areas of Linux and networking.
- IT security consulting also on Windows, Cloud (primarily Azure) and application development.
- Advice on data protection and certification issues (e.g. ISO27001, BSI Grundschutz, NIST framework, MITRE).
- Achievement: Managed the response to a major security incident, coordinating efforts that minimized data loss and restored operations.
- Achievement: Developed and automated a vulnerability management system, reducing incident response time and increasing system uptime.
- Achievement: Implemented security policies that were later adopted as best practices company-wide.
2015-07 - 2018-12, Frankfurt
Deutsche Vermögensberatung AG: Team coordinator / system engineer
- Coordination (about 50%) and planning of resources of a (8 person) team.
- Focus of the team: e-mail, cloud storage, load balancing, proxy and DNS (all linux based).
- Debugging und solving of problems mainly in the area mail (but not solely).
- Consulting and implementation of IPv6, security topics, high-availability systems and more topics.
- Project part time management: data centre relocation, reconstruction of all servers.
- Achievement: Coordinated a successful data center relocation project.
- Achievement: Led the implementation of IPv6 across the organization, future-proofing the network.
- Achievement: Improved team efficiency through the introduction of automated processes and resource management tools.
Previous projects or references are available upon request.
- Studied Computer Science at Technische Universität Kaiserslautern from 1998-09 to 2003-08.
- Languages
- German: native speaker
- English: business fluent (C2)
- Skills
- IT Security: policies, legal standards (Germany), ISO27001, MITRE, NIST, BSI, DSGVO, GDPR, …
- Software: bash, awk, dovecot, postfix, ceph, haproxy, puppet, bind, unbound, squid, etc.
- Building high-availability systems.
- Operating Systems: Linux, FreeBSD, macOS, Windows.
- IT Security
- All things Apple
- Smartphones
- Smart Home