28.03.2024 aktualisiert
CF
40 % verfügbar
Cyber Security and Cloud Consultant
Bochum, Deutschland
Weltweit
Diplom informatikerSkills
IT SicherheitCloudIT SecurityISMSGRCCyber AbwehrProjekt - LeitungSecure CloudSecurity ConceptRisiko Management (EBA)
IT-Security, Cloud Security, Cyber Security, DevSecOps, Auditor, ISMS, Governance, Compliance, Risikomangement, MaRisk, BAIT, VAIT, ISMS, Audit, Prüfungen, Sicherheitskonzepte, Projektleitung, Projektmanager, Service Management, IT-Betrieb, Security Incident Management, Business Continuity Management, Release Management, ITIL V4, Schwachstellen Management, Penetrationstest, Vulnerability Scanner, Rapid 7, Skybox, BMC Helix ITSM, Office Excel, Word, Power Point, Access, Metasploit, CRISC, IT-Security, Share Point, CMMI, ISO/IEC 27002, cloud, DevOps, Salesforce, Docker, Nessus, Slack, OWASP, IEC 27001:2013, Information Security, SIEM, Splunk, PKI, LDAP, X.500, OCSP, RSA Archer, Visio, Borland, Java, J2EE, Servlets, JSP, Enterprise Java Beans, PHP, JavaScript, SAP, ABAP
Sprachen
DeutschMutterspracheEnglischgutFranzösischgutSpanischGrundkenntnisse
Projekthistorie
The course includes the following topics::
1. fundamentals of computer science: this includes core concepts of computer science such as algorithms, data structures, programming and databases.
2. mathematical foundations: mathematical disciplines such as linear algebra, probability theory, statistics and numerical analysis form the basis for many AI algorithms and models.
3. machine learning: Various machine learning techniques and algorithms are studied here, including supervised learning, unsupervised learning and reinforcement learning.
4. neural networks and deep learning: this involves an in-depth study of neural networks, including convolutional neural networks (CNNs), recurrent neural networks (RNNs) and their applications in deep learning.
5. natural language processing (NLP): the processing and generation of natural language by computers is studied, including topics such as syntax analysis, semantics, language modeling and machine translation.
6. computer vision: this area focuses on the processing and interpretation of images and videos by computers, including topics such as object recognition, image classification and segmentation.
Robotics and Autonomous Systems: Techniques for developing and controlling autonomous robots and other intelligent systems are studied here.
7. ethics and law in AI: The ethical and legal implications of the development and use of artificial intelligence are discussed, including topics such as privacy, bias and responsibility.
1. fundamentals of computer science: this includes core concepts of computer science such as algorithms, data structures, programming and databases.
2. mathematical foundations: mathematical disciplines such as linear algebra, probability theory, statistics and numerical analysis form the basis for many AI algorithms and models.
3. machine learning: Various machine learning techniques and algorithms are studied here, including supervised learning, unsupervised learning and reinforcement learning.
4. neural networks and deep learning: this involves an in-depth study of neural networks, including convolutional neural networks (CNNs), recurrent neural networks (RNNs) and their applications in deep learning.
5. natural language processing (NLP): the processing and generation of natural language by computers is studied, including topics such as syntax analysis, semantics, language modeling and machine translation.
6. computer vision: this area focuses on the processing and interpretation of images and videos by computers, including topics such as object recognition, image classification and segmentation.
Robotics and Autonomous Systems: Techniques for developing and controlling autonomous robots and other intelligent systems are studied here.
7. ethics and law in AI: The ethical and legal implications of the development and use of artificial intelligence are discussed, including topics such as privacy, bias and responsibility.
- Consulting, auditing and implementation services with regard to BSI basic protection, KRITIS, § 8a BSIG and B3S, cloud computing C5 in agile software development
- Implementation of agile software development project management based on Confluence and Jira (Kanban board) and agile approach (Scrum)
- Conducting workshops and training courses on secure software development
- Creation of software development guidelines and process models (agile, V-model) for various software development environments (SAP, Java, Cobol, etc.)
- Carrying out BSI basic protection checks and ensuring compliance with the BSI modules CON.8, CON.10 and APP.4.6
- Identification of hazards and threats (Mircosoft STRIDE, OWASP, etc., BSI, NIST) and implementation of compliance checks
- Creation of security concepts based on BSI standards 200-1, 200-2, 200-3
- Definition of scope and critical assets
- Structural analysis (current status)
- Determination of protection requirements
- Modeling (security requirements)
- Basic protection check (target/actual comparison)
- Implementation of risk analyses (ISO 31000) with CRISAM, effort and action planning
- Risk identification, assessment, control and monitoring
- Risk classification, prioritization and visualization
- Implementation of IT security measures for SAP (SAP authorization concept, SAP ABAP programming, SAP security tools (SAP Code Vulnerability Analyser),
Cloud (C5, NIST), Docker and containers (security daemon best practices),
- Implementation of penetration tests in the software development livecycle and implementation of hardening measures (Linux, Windows, etc.)
- Integration of automated security procedures in DevSecOps in all phases of the development cycle (shift left, vulnerability scanner, SAST, DAST)
- Implementation of agile software development project management based on Confluence and Jira (Kanban board) and agile approach (Scrum)
- Conducting workshops and training courses on secure software development
- Creation of software development guidelines and process models (agile, V-model) for various software development environments (SAP, Java, Cobol, etc.)
- Carrying out BSI basic protection checks and ensuring compliance with the BSI modules CON.8, CON.10 and APP.4.6
- Identification of hazards and threats (Mircosoft STRIDE, OWASP, etc., BSI, NIST) and implementation of compliance checks
- Creation of security concepts based on BSI standards 200-1, 200-2, 200-3
- Definition of scope and critical assets
- Structural analysis (current status)
- Determination of protection requirements
- Modeling (security requirements)
- Basic protection check (target/actual comparison)
- Implementation of risk analyses (ISO 31000) with CRISAM, effort and action planning
- Risk identification, assessment, control and monitoring
- Risk classification, prioritization and visualization
- Implementation of IT security measures for SAP (SAP authorization concept, SAP ABAP programming, SAP security tools (SAP Code Vulnerability Analyser),
Cloud (C5, NIST), Docker and containers (security daemon best practices),
- Implementation of penetration tests in the software development livecycle and implementation of hardening measures (Linux, Windows, etc.)
- Integration of automated security procedures in DevSecOps in all phases of the development cycle (shift left, vulnerability scanner, SAST, DAST)
- Supporting SAP IT projects in identifying, assessing and mitigating cybersecurity risks
- Development, implementation and improvement of role and authorizations concepts
- Participation in the definition of guidelines and standards with regards to SAP cybersecurity
- Defining SAP Security definition for diff. SAP Modules/Systems
- Proactively identifying the improvement areas in authorization topic i.e. in both process and technical
areas
- Support technical SAP cybersecurity audits, tests and self-assessments
- Ensuring secure software development in the SAP ABAP and Fiori environment based on the BSI
modules CON.8, CON.10, APP.4.6
- Support in the fundamental concepts and architectures and their impact on IT Security in the
following environments: On Premise, Cloud, Integration or Development,
DevOps, Governance or Identity Management
- Development, implementation and improvement of role and authorizations concepts
- Participation in the definition of guidelines and standards with regards to SAP cybersecurity
- Defining SAP Security definition for diff. SAP Modules/Systems
- Proactively identifying the improvement areas in authorization topic i.e. in both process and technical
areas
- Support technical SAP cybersecurity audits, tests and self-assessments
- Ensuring secure software development in the SAP ABAP and Fiori environment based on the BSI
modules CON.8, CON.10, APP.4.6
- Support in the fundamental concepts and architectures and their impact on IT Security in the
following environments: On Premise, Cloud, Integration or Development,
DevOps, Governance or Identity Management