19.11.2025 aktualisiert
100 % verfügbar
Cyber Security Expert • ISMS Auditor • BSI IT-GS Praktiker • ITIL Expert • IT-Trainer • IT-Gutachter
Frankfurt am Main, Deutschland Computer Science / Cyber Security Expert
Über mich
Exceptionally driven and skilled cybersecurity and IT service management professional with a prooven industry track record and various top-level certifications in the field of information security, risk management, data privacy, IT service management as well as project and process management.
Skills
CybersicherheitcybersecurityISO/IEC 27001ISO/IEC 20000ITIL ExpertIT Service ManagementmentBSI IT-GrundschutzIT SachverständigerIT GutachterISO/IEC 27001 Auditor
Hochqualifizierter und erfahrener Cybersecurity- und IT-Service-Management-Experte mit umfassender Fachkompetenz in den Bereichen Entwurf, Implementierung und Prüfung sicherer IT-Architekturen, Informationssicherheits-Managementsysteme (ISMS) und Standards sowie Rahmenwerke zur Einhaltung gesetzlicher und regulatorischer Cybersicherheitsanforderungen (BSIG, IT-SiG, BSI IT-GS, ISO/IEC 27001, NIS2, DORA).
Nachgewiesene Erfolgsbilanz in komplexen und stark regulierten Unternehmensumgebungen, insbesondere im Bank- und Finanzdienstleistungssektor. Im Laufe meiner Karriere habe ich in Zusammenarbeit mit wichtigen Funktionen wie Regulatory Compliance, IT Governance, Internal Audit, Data Protection, Security Engineering, Identity & Access Management (IAM) und Security Operations kritische Cybersicherheitsinitiativen und -projekte geleitet und unterstützt.
Zusätzlich zu meiner Projektarbeit bringe ich langjährige Erfahrung als engagierter Dozent und Trainer für Cybersicherheit an führenden akademischen und beruflichen Einrichtungen mit, wo ich einem vielfältigen Publikum fortgeschrittene, praxisorientierte Unterweisungen im Bereich Informationssicherheit vermittle.
Qualifikationen & Zertifizierungen:
- 2024: BSI IT-Grundschutz-Praktiker (BSI IT-GS)
- 2023: BISG-zertifizierter IT-Sachverständiger für Cybersicherheit
- 2018: Certified Information Systems Security Professional (CISSP)
- 2018: MoR Risk Management Practitioner
- 2017: TÜV-zertifizierter Datenschutzbeauftragter (GDPR/DSGVO)
- 2016: ISO/IEC 27001 – Information Security Officer & ISMS Auditor
- 2016: PRINCE2 Foundation (Projektmanagement)
- 2014: ISO/IEC 20000 – Consultant/Management & ITSM Auditor
- 2014: COBIT 5 Implementer (Enterprise IT Governance)
- 2013: ITIL v3 Expert in IT Service Management
- 2010: SixSigma Process Manager (Green Belt)
- 2009: Fachinformatiker Systemintegration (IHK)
Relevante Branchenerfahrung:
- Telekommunikation
- Informationstechnologie
- Transport & Logistik
- Finanzdienstleistungen
- Bildungssektor
Sprachen
DeutschMutterspracheEnglischverhandlungssicher
Projekthistorie
Synopsis
External cybersecurity expert assessor for competence and conformity assessments of notified bodies within the framework of the RED Radio Equipment Directive (Radio Equipment Directive) FuAG/RL2014/53/EU.
External cybersecurity expert assessor for competence and conformity assessments of notified bodies within the framework of the RED Radio Equipment Directive (Radio Equipment Directive) FuAG/RL2014/53/EU.
Synopsis
Training of IT specialists in the fields of system integration, digital networking and application development in IT security and data protection, as well as penetration tests. The training is aimed at IT specialists who are
Technology
Kali Linux, Armitage, Metasploit Framework, NMAP, Hashcat etc.
Teaching activities
▪ Fundamentals, drivers, benefits and roles in information security
▪ Fundamentals of information security management systems (ISMS)
▪ Fundamentals of data protection (new BDSG, GDPR) Rights of data subjects,
sensitive personal data, data protection exercises)
▪ National and international cybersecurity frameworks and standards
(ISO/IEC: 27001:2022, BSI IT-Grundschutz Compendium and Building Blocks)
▪ Cybersecurity legislation (IT Security Act, IT-SiG 2.0, BSI-KritisV)
▪ Cybersecurity regulations (BaFin banking supervisory requirements for IT)
▪ Cybersecurity governance and information security risk management
▪ Cybersecurity personal certifications ISACA, ISC², TÜV, DEKRA, EC-Council
▪ Practical exercises in the virtual lab with Kali Linux, Metasploit Framework
and Armitage, network port scans (Nmap), hash cracking (Hashcat)
▪ Expansion of the Metasploit Framework through implementation
of additional payloads using Python modules (exploit libraries)
▪ Leading group work to develop and present
relevant cyber attacks to strengthen ‘cyber awareness’
Training of IT specialists in the fields of system integration, digital networking and application development in IT security and data protection, as well as penetration tests. The training is aimed at IT specialists who are
Technology
Kali Linux, Armitage, Metasploit Framework, NMAP, Hashcat etc.
Teaching activities
▪ Fundamentals, drivers, benefits and roles in information security
▪ Fundamentals of information security management systems (ISMS)
▪ Fundamentals of data protection (new BDSG, GDPR) Rights of data subjects,
sensitive personal data, data protection exercises)
▪ National and international cybersecurity frameworks and standards
(ISO/IEC: 27001:2022, BSI IT-Grundschutz Compendium and Building Blocks)
▪ Cybersecurity legislation (IT Security Act, IT-SiG 2.0, BSI-KritisV)
▪ Cybersecurity regulations (BaFin banking supervisory requirements for IT)
▪ Cybersecurity governance and information security risk management
▪ Cybersecurity personal certifications ISACA, ISC², TÜV, DEKRA, EC-Council
▪ Practical exercises in the virtual lab with Kali Linux, Metasploit Framework
and Armitage, network port scans (Nmap), hash cracking (Hashcat)
▪ Expansion of the Metasploit Framework through implementation
of additional payloads using Python modules (exploit libraries)
▪ Leading group work to develop and present
relevant cyber attacks to strengthen ‘cyber awareness’
Synopsis
Planning, design, project management, commissioning, operationalisation and an audit-compliant DLP solution for ‘Data-InMotion’ and ‘Data-At-Rest’ monitoring
Interfaces
Close cooperation with local and global infrastructure, network and cybersecurity teams as well as the departments
of compliance, data protection and audit.
Technology
Broadcom/Symantec, Oracle 19c, RHEL 8, Windows Server 2019, MS MIP, SharePoint, JIRA, Nessus, Confluence, IAM-Tools
Planning, design, project management, commissioning, operationalisation and an audit-compliant DLP solution for ‘Data-InMotion’ and ‘Data-At-Rest’ monitoring
Interfaces
Close cooperation with local and global infrastructure, network and cybersecurity teams as well as the departments
of compliance, data protection and audit.
Technology
Broadcom/Symantec, Oracle 19c, RHEL 8, Windows Server 2019, MS MIP, SharePoint, JIRA, Nessus, Confluence, IAM-Tools
Zertifikate
Certified Information Systems Security Professional (CISSP)
International Information System Security Certification Consortium (ISC²)2018