Pierre Gronau
IT Security and IT Compliance Consultant
Erfahrungen
Sept. 2023 - Okt. 2023
2 Monaten Frankfurt, Germany
IT Security and IT Compliance Consultant
OYAK Bank
- Securing Azure
- Review of IT security policies
- BAIT compliance
Sept. 2023 - Sept. 2023
1 Monate Frankfurt, Germany
IT Security and IT Compliance Consultant
Pictet Group
- Review of IT security policies
- BAIT compliance
Apr. 2023 - Dez. 2025
1 Jahr 9 Monaten Wiesbaden, Germany
IT Security and IT Compliance Consultant
Stadtwerke Wiesbaden ESWE
- Conduct Should - Is Comparison NIS-2
- Conceptioning Data Center Design for a Critical Infrastructure
- Automation of an Active Directory Tier 0 environment
- Hardening of Windows with Ansible Roles
- Hardening of Linux with Ansible Roles
- Hardening of Microsoft 365
- Hardening of Microsoft Azure
- Active Directory hardening
- Automation with bash, Ansible and Terraform
- Automated control of the hardening with tools: PingCastle, Rusthound, Bloodhound, Microsoft ARI, Scoutsuite, Monkey365, Prowler, Scuba gear
- Vulnerability Scanning
- Penetration Tests
- Automating of Tier 0 hardened Active Directory environments
- Build a VMware vSphere 8 environment
- Build Linux Server like Debian Linux and Oracle Linux
- Build Windows Server like Windows NT, Windows 2008, Windows 2012R2, Windows 2016, Windows 2019, Windows 2022
- Migration of IVU Server
- Carve out of an existing Active Directory to a new Tier0 Active Directory
- Hardening of the VMware vSphere 8 environment
- Conceptioning of an encryption solution for Microsoft 365 with eperi
Apr. 2023 - Mai 2023
2 Monaten Munich, Germany
IT Security and IT Compliance Consultant
MONTANA Energie Handel
- Conducting Audit for two VMware Environments with HPe Omnistack SAN
- Automation with bash, PowerShell, PowerCLI, Ansible and Terraform
- Vulnerability Scanning
- Penetration Tests
Feb. 2023 - Mai 2023
4 Monaten United States
Incident Response Team Member
MKS Instruments
- Recreating VMware ESXi and Hyper-V landscape as part of the incident response team after a successful ransomware attack
- Automating CIS hardened Windows 10 and Windows 11 analyst VMs on AWS with Pulumi, Terraform, Ansible and PowerShell
Jan. 2022 - Dez. 2025
2 Jahren Nuremberg, Germany
Information Security Consultant
Federal Office for Migration and Refugees
- Conduct an Audit for Container Security (Peer Review)
- Role-based access control (RBAC)
- IT Compliance Reviews against BSI Basic Protection
- Conduct Should - Is Comparison NIS-2
- Secure OpenShift usage
- Automation with bash, PowerShell, PowerCLI, Ansible and Terraform
- Define CI/CD pipelines for automation
- Optimize and automate CI/CD pipelines automation
- Integration of Static Code Analysis Tools within the CI/CD pipelines
- Vulnerability Scanning
- Introduction and implementation of Software Bill of Materials (SBOM)
- Introduction and implementation of Software Composition Analysis (SCA)
- Penetration Tests
- Consulting for an IPv6 implementation project
- Consulting in the area of VS-NfD IT environments
- Creating Security Policies for: Patch Management, Vulnerability Management, Log Management, TLS, ssh, Logging, Secure Software Development, Directory Service, Backup and Restore, Backup and Restore - Evidence
- Creating auditd rules for specific applications and services
- Malware Analysis for Symantec Protection and ClamAV
Nov. 2022 - Mai 2023
7 Monaten Tuttlingen, Germany
Cloud Computing Audit Consultant
KARL STORZ
- Conduct an Audit against CIS Benchmark for Microsoft Azure and VMware on premise
- Perform Azure Architecture Reviews
- IT Security Reviews
- Vulnerability Scanning
- Penetration Tests
- Introduction and implementation of Software Bill of Materials (SBOM)
- Introduction and implementation of Software Composition Analysis (SCA)
- Creating auditd rules for specific applications and services
- Creating concept of anonymization of pictures and videos
- Creating a Security Policy for Patch Management
Juli 2022 - Nov. 2022
5 Monaten Cologne, Germany
Container Security Consultant
City of Cologne
- Conduct an Audit for Container Security (Peer Review)
- Role-based access control (RBAC)
- IT Compliance Reviews against BSI Basic Protection
- Vulnerability Scanning
- Penetration Tests
- IT Security for Keycloak (hardening)
- Secure Kubernetes usage
- Define CI/CD pipelines for automation
- Optimize and automate CI/CD pipelines automation
- Introduction and implementation of Software Bill of Materials (SBOM)
- Integration of Static Code Analysis Tools within the CI/CD pipelines
- Secure VMware Tanzu
Feb. 2022 - März 2023
1 Jahr 2 Monaten Stockholm, Sweden
Cloud Computing Audit Consultant
H&M
- Conduct an Audit against the Customer Best Practices for Microsoft Azure (Peer Review)
- Perform Azure Architecture Reviews
- IT Security Reviews
- Vulnerability Scanning
- Penetration Tests
- IT Compliance Reviews
- Define CI/CD pipelines for automation
- Automation with bash, Ansible and Terraform
- Optimize and automate CI/CD pipelines automation
- Introduction and implementation of Software Bill of Materials (SBOM)
- Introduction and implementation of Software Composition Analysis (SCA)
- Integration of Static Code Analysis Tools within the CI/CD pipelines
Aug. 2021 - Dez. 2021
5 Monaten Walldorf, Germany
VMware Architecture Consultant
SAP
- VMware Architecture Review
- VMware Outside In View (Peer Review)
Aug. 2021 - Nov. 2021
4 Monaten Germany
KAIT Consultant
Universal Investment
- Conduct KAIT BaFin audit preparation
- Conduct reviews about technical documentation and policies
- KAIT Compliance, especially Outsourcing of IT services and other service relationships
- Analyze IAM, PAM, PAM regarding corporate compliance and missing implementation of required controls
- Draft and definition of Low Level design to mitigate audit issues
- Development of a running programme structure for full automation solution
- High Level Design for Compliance as a code
- Analysis of the existing IAM integration
- Creation of guidelines for actions to the extended board of directors
Juli 2021 - Feb. 2022
8 Monaten Saudi Arabia
IT Security and IT Compliance Consultant
SABIC
- IT Security Audit
- IT Compliance
- Industry
- Industrial Internet of Things (IIoT)
- Distributed Control System (DCS)
- Supervisory Control and Data Acquisition (SCADA)
- Vulnerability Management as a Service (VMaaS)
- Vulnerability Scanning
- Penetration Tests
- RBAC review
- Root Cause Analysis with e.g., Wireshark, TCP dump, Ettercap
- Automation with bash, PowerShell, PowerCLI, Ansible and Terraform
- Creating Security Policies for: Patch Management, Internet of Things, Backup and Restore, Backup and Restore - Evidence
Juli 2021 - Dez. 2021
6 Monaten Germany
IT Security and IT Compliance Consultant
MANN + HUMMEL
- Workflow Design for Alert Handling in Office 365
- IT data protection under Office 2016 according to GDPR
- SOC Third Level support
- Designing Decision Paper for Stakeholder like IT Security, Data protection
- Creating a Security Policy for Office 365
Mai 2021 - Dez. 2021
8 Monaten Germany
Cloud Computing and IT Security Consultant
Debeka
- IT Architecture for Kubernetes
- IT Security for Kubernetes and CI/CD pipelines
- IT Architecture Service Mesh with Istio on Kubernetes
- IT Documentation as a Code
- IT Architecture for VMware based on VMware Cloud Foundation
- Role-based access control (RBAC)
- Firewall
- Load Balancer
- Logical separation of networks with special consideration of BAIT and VAIT
Nov. 2020 - Juli 2021
9 Monaten Bonn, Germany
Cloud Computing and IT Security Consultant
BWI GmbH
- IT Security Architecture for VMware Cloud Foundation
- IT Security Architecture for VMware NSX-T
- Consulting in the area of VS-NfD IT environments
- Automation with bash, PowerShell, PowerCLI, Ansible and Terraform
- Build Linux Server like Red Hat Linux
- Build Windows Server like Windows NT, Windows 2016, Windows 2019, Windows 2022
- Threat Modeling
Juli 2020 - Dez. 2021
1 Jahr 6 Monaten Stockholm, Sweden
Cloud Computing and IT Security Consultant
Vattenfall AB
- IT Architecture for Kubernetes
- IT Security for Kubernetes and CI/CD pipelines
- IT Architecture Service Mesh with Istio on Kubernetes
- IT Documentation as a Code
- IT Compliance as a Code
- Microsoft Azure
- ISO 17789, 27001, KRITIS/NSI, AtomG Compliance
- Threat Modeling
- Build Linux and Windows Servers
- Linux, Kubernetes and Istio hardening
- Vulnerability Scanning and Penetration Tests
- Automation with bash, PowerShell, PowerCLI, Ansible and Terraform
- Static Application Security Testing
- CI/CD pipeline optimization
- Comparison between VMware Tanzu and Kubernetes
- Creating Security Policies for: Patch Management, IoT, Backup/Restore, Containers, DHCP/DNS, IPv4/IPv6
Juli 2020 - Juni 2021
1 Jahr Germany
Cloud Computing and IT Security Consultant
HUK Coburg
- Cloud Computing IT strategy
- Security Audit for Cloud Computing
- VAIT BaFin audit preparation
- VAIT and BAIT Compliance
- EIOPA Guidelines on cloud service providers
- ISO 17789 and 27001 Compliance
- Threat Modeling
- Vulnerability Management
- Patch Management
- IT Spin-off directive according to VAIT and BAIT
- IDW PS 860 and IDW PH 9.860.2
Zusammenfassung
My strengths for critical infrastructure and regulated sectors such as banking (e.g. ING-DiBa, Deutsche Wertpapier Service Bank AG) and insurance (like ERGO, HUK Coburg and Hannover Rückversicherungs AG) include:
- IT Security and IT Compliance: I have extensive experience in designing and implementing IT security policies and measures for various critical infrastructures. I have created security policies for patch management, vulnerability management, log management, TLS, and backup/restore. I also have experience with auditing and implementing IT compliance policies such as BSI Grundschutz, BaFin (BAIT, VAIT and KAIT), ISO 27001 and GDPR.
- Cloud Computing: I have extensive expertise in cloud computing and have designed and implemented cloud architectures for various platforms such as Microsoft Azure, Amazon AWS and IBM Cloud. I have considered security measures for cloud infrastructures such as Role-based Access Control (RBAC), firewall configuration, and load balancing.
- Incident Response and Recovery: I implemented effective incident response strategies and recovered systems such as VMware ESXi, and Hyper-V after successful ransomware attacks.
- Container Security: I conducted audits for container security and developed hardening concepts to safely use Docker and Kubernetes.
- Automation and CI/CD pipelines: I defined, optimized and automated CI/CD pipelines to ensure efficient and secure application deployment. In the process, I also integrated security tools into the CI/CD pipelines to perform static code analysis.
- Industrial Internet of Things (IIoT) and SCADA: I have created security concepts for IIoT and SCADA environments and have experience with the specific security requirements of such critical infrastructures.
- Experience in a variety of companies and industries: I have worked with a variety of companies including utilities, banks, insurance companies, manufacturers, and IT service providers, giving me a broad understanding of the various requirements and challenges in regulated sectors.
Overall, I have a wealth of knowledge in IT security, cloud computing, automation, and compliance that is valuable to critical infrastructure and regulated sectors. My experience and expertise enable me to develop and implement effective security policies and measures to ensure at least the integrity, availability, and confidentiality of systems in such environments.
Sprachen
Deutsch
Muttersprache
Englisch
Fortgeschritten
Ausbildung
Jan. 2004 - Dez. 2005
IHK
Security · Germany
Jan. 2004 - Dez. 2005
IHK
Security Coordinator · Germany
Jan. 2003 - Dez. 2004