Senior Consultant in Cloud Computing, IT Security, IT Compliance, and Automation Architect

My strengths for critical infrastructure and regulated sectors such as banking (e.g. ING-DiBa, Deutsche Wertpapier Service Bank AG) and insurance (like ERGO, HUK Coburg and Hannover Rückversicherungs AG) include:

• IT Security and IT Compliance: I have extensive experience in designing and implementing IT security policies and measures for various critical infrastructures. I have created security policies for patch management, vulnerability management, log management, TLS, and backup/restore. I also have experience with auditing and implementing IT compliance policies such as BSI Grundschutz, BaFin (BAIT, VAIT and KAIT), ISO 27001 and GDPR.
• Cloud Computing: I have extensive expertise in cloud computing and have designed and implemented cloud architectures for various platforms such as Microsoft Azure, Amazon AWS and IBM Cloud. I have considered security measures for cloud infrastructures such as Role-based Access Control (RBAC), firewall configuration, and load balancing.
• Incident Response and Recovery: I implemented effective incident response strategies and recovered systems such as VMware ESXi, and Hyper-V after successful ransomware attacks.
• Container Security: I conducted audits for container security and developed hardening concepts to safely use Docker and Kubernetes.
• Automation and CI/CD pipelines: I defined, optimized and automated CI/CD pipelines to ensure efficient and secure application deployment. In the process, I also integrated security tools into the CI/CD pipelines to perform static code analysis.
• Industrial Internet of Things (IIoT) and SCADA: I have created security concepts for IIoT and SCADA environments and have experience with the specific security requirements of such critical infrastructures.
• Experience in a variety of companies and industries: I have worked with a variety of companies including utilities, banks, insurance companies, manufacturers, and IT service providers, giving me a broad understanding of the various requirements and challenges in regulated sectors.

Overall, I have a wealth of knowledge in IT security, cloud computing, automation, and compliance that is valuable to critical infrastructure and regulated sectors. My experience and expertise enable me to develop and implement effective security policies and measures to ensure at least the integrity, availability, and confidentiality of systems in such environments.