Professioneller Experte für Konzerne und Cybersecurity

1. Tätigkeitsfelder

• CTO Chief Information Technology Manager (interim)
• CISO chief information security officer
• ISB ITSibe IT-Sicherheitsbeauftragter
• Projektleitung
• Cybersecurity & Compliance, Cyberressilience

 

• Interner Auditor
• IT Controller
• Service Level Agreements (SLA)
• Service Level Requirements (SLR)

 

• Information Security Management Systeme (ISMS)
• Risikomanagement
• Anforderungsanalyse
• IT Prozesse

 

• Business Impact Analyse (BIA)
• Business Continuity Management (BCM)
• Business Impact Plattform (BIP)

Erfüllung gesetzlicher und normativer Anforderungen

• DIN ISO 27001 Informationssicherheit Management Systeme (ISMS)
• DIN ISO 20000 Service Management
• DIN ISO 9000, Qualitätsmagement
• NIS Richtlinie, NIS2 UmsuCG, KRITIS
• CER Richtlinie, CRA (Cyber Resilience Act), NLF, EU CSA, Certification Scheme for Cloud Services EUCS
• IT Sicherheitsgesetz (ITSig), KRITIS Verordnung, IT-Grundschutz (BSI)
• Branchenspezifische Sicherheitsstandards (B3S) KRITIS
• BSI 200-1, Managementsysteme für Informationssicherheit (ISMS)
• BSI 200-2, IT-Grundschutz Methodik
• BSI 200-3, Risikoanalyse auf Basis von IT-Grundschutz
• BSI 200-4, Business Continuity Management (BCM)
• BSI 100-4, Notfallmanagement (BCM)

1. Qualifikationen

Projekleitung

• Agile Projektmanagement
• Klassisches Projektmanagement, IHK
• Agile Scrum Product Owner, Thomas Nahrgang
• Projektleiter (IHK)

Führung:

• Führungskräfte Training 1+2, Martina Grünewald-Ernst
• Persönlichkeit und Führungskompetenz, Martina Grünewald-Ernst
• Persönlich überzeugen, Martina Grünewald-Ernst
• Ausbildung zur Führungskraft im Vertrieb, Dirk Kreuter
• Verkaufstraining 1+2, Dirk Kreuter
• 1 Jahres-Coachingprogramm für Führungskräfte, Bestseller Verlag
• Problemlösungen und Entscheidungsfindung nach Kepner-Tregoe, Deutsche Gesellschaft für Luft- und Raumfahrt, DLR

Organisation

• Führung im Vertrieb, Dirk Kreuter
• Neukunden mit Garantie, Dirk Kreuter
• Optimierung IT-Technikerproduktivität, ACMEO
• Systemhaus Organisation, ACMEO
• Personalgewinnung, ACMEO
• SLA Verträge, ACMEO
• Gehirngerechtes Arbeiten, Dr. Volker Busch
• Immobilien und Steuern, diverse, Gerald Hörhan
• Unternehmensbeteiligungen, Gerald Hörhan
• Krypto Assets & Blockchain, Gerald Hörhan

KI & artifical intelligence

• Open AI und Chat GPT, Brainymotion

• Github, Azure Open AI, Copilot, Brainymotion
• LLM, ChatGPT, OPEN AI, prompt design

IT Security

• IT-Sicherheitsbeauftragter (ITSiBe), Chief Information Officer (CISO) nach ISO/IEC 27001/27002 und BSI Grundschutz
• Certified Chief Information Security Officer (CCISO, CISO), BITCOM
• ISO 9000 Qualitätsmanagement, Auditoren Qualifikation, LRQA
• DIN ISO 27001 Informationssicherheit Management Systeme (ISMS), BITCOM
• DIN ISO 27001 Foundation, TÜV Süd
• BSI-IT Grundschutz Praktiker, BREDEX
• KRITIS Auditor, BITCOM
• Datenschutz, TÜV Nord

Microsoft

• Microsoft Certified System Engineer (MCSE)
• Microsoft Certified Professional (MCP)
   
• DP-900 Azure Data fundamentals, 2MT
  Azure Blob storage, Azure File storage, Azure Table storage, Azure Data services Power BI
   
• AZ-900 Microsoft Azure AI Fundamentals, 1MT
  LLM, ChatGPT, OPEN AI, prompt design
   
• AZ-500 Microsoft Azure Security Technologies, 4MT
  Microsoft Entra identities, Microsoft Entra authentication, Microsoft Entra authorization, Microsoft Entra application access, virtual networks, access to Azure ressources, Secure compute, storage, and databases, Azure Bastion, JIT, Azure Kubernetes Services(AKS), Azure SQL Database and Azure SQL Managed Instance, security operations, Defender for Cloud, security monitoring, automation
   
• AZ-700 Designing and Implementing Microsoft Azure Networking Solutions, 5MT
  Design and implement core networking infrastructure, implement network segmentation and address spaces, irtual network (VNet), Azure Bastion, design and implement Name resolution (DNS), VNet peering, Azure Router Server, NAT, Defender for Cloud Secure Core, site to site VPN, Entra ID, Azure Express Route, Azure Virtual WAN architecture, Azure Load Balancer, Azure traffic manager
   
• AZ-104 Microsoft Certified Azure Administrator Associate, 4MT
  Manage Microsoft Entra, Azure Roles, Azure ressources, storage, Configure Azure Files and Azure Blob Storage, Deploy and manage Azure compute resources, virtual machines (VM), Azure App Services, Implement and manage virtual networking, monitoring, implement backup & recovery
   
• SC-400T Administring Information Protection and Compliance in Microsoft 365, 4MT
  Implement information protection, pureview, compliance, calssifiers, sensitivity labels, mail encryption, Create and configure DLP policies, data loss prevention, Implement and monitor Endpoint DLP, Monitor and manage DLP activities, data lifecycle, retention label, Purview records management, Purview Compliance Manager, Plan and manage eDiscovery and Content search, analyze audit logs and reports, Manage insider and privacy risk, Communication Compliance, Purview Insider Risk Management, Information Barriers (IBs), manage privacy requirements by using Microsoft Priva
   
• MD-102T Endpoint Administrator, 5MT
  Windows client deployment, Windows Autopilot, Manage identity and compliance, Implement compliance policies, Intune, Manage the device lifecycle, Manage device configuration, monitor devices, Manage device updates, Implement endpoint protection,Deploy and update apps and software, Plan and implement app protection and app configuration policies
   
• SC-100T Microsoft Cybersecurity Architect, 5MT
  Design a resiliency strategy for ransomware and other attacks based on Microsoft Security Best Practices, Design solutions that align with the Microsoft Cybersecurity Reference Architectures (MCRA) and Microsoft cloud security benchmark (MCSB), Design solutions that align with the Microsoft Cloud Adoption Framework for Azure and the Microsoft Azure Well-Architected Framework, Design security operations, identity, and compliance
   

capabilities, Design solutions for identity and access management, Design solutions for securing privileged access, Entra Privileged Identity Management (PIM), Design a solution for securing the administration of cloud tenants, including SaaS and multicloud infrastructure and platforms, Design a solution for cloud infrastructure entitlement management that includes Microsoft Entra Permissions Management, Design a solution for Privileged Access Workstation (PAW) and bastion services

 

• DP-900 Microsoft Security, Compliance, and Identity Fundamentals, 2MT
• Azure Cloud Dienste administrieren, PPEDV, 1MT
• Office356 bereitstellen und administrieren, Markus Tigges, 1MT
• Gruppenrichtlinie (GPOs) für Windows, Mark Heidbrink, 1MT

Amazon Cloud Dienste (AWS)

• AWS technical essentials, Fast Lane, 3MT
• architecting on AWS, Fast Lane, 4MT

Marketing

• Onlinethinking, Karl Kratz, 3 Monate
• Persona, Christina Jacker-Hundt, 2MT
• Konversion Optimierung, David Odenthal, 1MT
• Konversion Optimierung, Kai Radanitsch, 2MT
• ChatGPT-SEA Seminar, Cindy Ebner, 1MT
• E-Mail Marketing, Nico Zorn, 2MT
• Google Ads, Sebastian Stryj, 2MT
• Growth Hacking, Thomas Herzberger, 2MT
• SEO, Astrid Kramer, 2MT
• Online Kundenbindung, Nico Zorn ,2MT
• UX Design, Marc Lilienthal, 2MT
• Digitale Marketing Strategie, 2MT

 

1. Technologie Kenntnisse

IAM

• Azure Active Directory (Azure AD)
• Entra ID
• Active Directory
• Zero Trust
• 802.1x, Radius, RRAS
• Privileged Access Management (PAM)
• Privileged Access Workstation (PAW)
• Microsoft Enhanced Security Administrative Environment (ESAE)
• CISO ISE
• Beyond Trust
   

MFA IAM

• RSA Token, Safeword, Safenet, gemalto
   

Betriebssysteme

• Windows Server 2019, 2016, 2012, 2012R2, 2008, 2008R2, 2003, 2000, NT4
• Windows Storage Server
• Windows 11, 10, 8, 8.1, 7, XP, ME, 98, 95, NT4
   

Emailsysteme

• Exchange 2020, 2019, 2016, 2012, 2010, 2000, 5.5, 5.0
• Exchange online, Kerio
   

Virtualisierung

• Hyper-V, VMWare ESX, XEN
   

Firewall

• Cisco ASA, Cisco Firepower, Astaro, Dell Sonicwall, Watchguard, Kerio, Palo Alto
• IPTables, IPcop, PFSense
   

VPN

• IPSec, SSL-VPN
   

Router  

• Zyxel, Lancom, Bintec, Microsoft Routing und Ras, RRAS
   

WLAN:

• HP, Cisco, Zyxel, ARUBA, Sonicpoint

IPAM (IP-Adressmanagement)

• Microsoft IPAM

DDNS

• Microsoft

Loadbalancer:

• Kemp
   

IDS/IPS Intrusion Detection und Prevention Systeme

• Cisco, Dell Sonicwall, Astaro, Snort
• Security-Solution:
  Sentinell one, Sonicwall Capture Client, Kaspersky, Trendmicro, McAfee
   

Virenscanner im Enterprise Umfeld

• Mcafee EPO, Kaspersky, Bitdefender, F-Secure, Symantec
   

Backup

• Symantec Backup Exec, VEAM, Acronis

zusätzlich
DNS, BIND, WINS, DHCP, IPAM, DDI, TCP/IP, UDP, ICMP, GRE, Ethernet, Routing, VOIP, VPN, IPSEC, SSL-VPN, Radius, PKI, Zertifikate, Plesk, Cpanel, Active Directory, LDAP, Gruppenrichtlinien – GPO, AD Migration, AD Sites, AD Standorte, POP3, SMTP, IMAP, LAN, WAN, DMZ, WSUS, Images, SSO, Single Sign On, AIM (Access and Identitity Management), Autopilot, Intune, MBAM, SQL, MYsql, PHP