Alexander Nagy

Security Expert

Avatar placeholder
Munich, Germany

Experience

Nov 2024 - Jun 2025
8 months

Security Expert

DAK-Gesundheit

  • Penetration testing of mobile applications
  • Code review
  • Gematik audit
  • Development of secure software development methods
  • Creation of security and test concepts
  • Penetration testing of software and architecture
  • Analysis of vulnerabilities
  • Automation and information security
  • Use of Confluence and Jira
  • Work with databases, J2EE, JavaServer Faces, Liquibase, Apache, Maven, Mercurial, Oracle Financials
  • Documentation and creation of security policies
  • Management of software systems, SharePoint, PrimeFaces, Git
  • Ensuring compliance with security requirements for .NET, AWS, APIs
  • Tools: MobSF, Frida, Android Studio, Drozer, Objection, Azure
Dec 2023 - Nov 2024
1 year
Nuremberg, Germany

Security Architect / Penetration Tester

Agentur für Arbeit

  • Penetration testing of web applications and clients
  • Penetration testing of software and architecture
  • Analysis of vulnerabilities
  • Automation and information security
  • Use of Confluence and Jira
  • Work with databases, J2EE, JavaServer Faces, Liquibase, Apache, Maven, Mercurial, SharePoint, Oracle Financials
  • Documentation and creation of security policies
  • Management of software systems, SQL, PrimeFaces, Git
  • Ensuring compliance with KRITIS and security regulations, AWS, APIs
Sep 2022 - Nov 2024
2 years 3 months

IT-Security Manager

Investitionsbank Schleswig-Holstein

  • Coordination of penetration tests and vulnerability management
  • Support of audits of basic security concepts
  • SIEM management
  • Evaluation and management of security concepts
  • Project management
  • Penetration testing of software and API architecture
  • Analysis of vulnerabilities
  • Automation and information security
  • Use of Confluence and Jira
  • Work with databases, J2EE, JavaServer Faces, Liquibase, Apache, Maven, Mercurial, Oracle Financials
  • Documentation and creation of security policies
  • Management of software systems, SharePoint, PrimeFaces, Git
  • Compliance with security regulations and AWS
Jan 2022 - Dec 2022
1 year

Penetration Tester

DHL

  • Penetration testing of web and mobile applications
  • Code review and retesting of findings
  • Penetration testing of software and architecture
  • Analysis of vulnerabilities
  • Automation and information security
  • Use of Confluence and Jira
  • Work with databases, J2EE, JavaServer Faces, Liquibase, Apache, Maven, Mercurial, Oracle Financials
  • Documentation and creation of security policies
  • Management of software systems, SQL, PrimeFaces, Git
  • Compliance with security regulations and .NET, AWS
  • Tools: Burp, SSLyze, Nessus, Wireshark, MobSF, Frida, Android Studio, Drozer, Objection
Jun 2021 - Dec 2021
7 months

Penetration Tester and Project Manager

PwC

  • Penetration testing of mobile applications
  • Code review
  • Gematik audit
  • Development of secure software development methods
  • Creation of security and test concepts
  • Penetration testing of software and architecture
  • Analysis of vulnerabilities
  • Automation and information security
  • Use of Confluence and Jira
  • Work with databases, J2EE, JavaServer Faces, Liquibase, Apache, Maven, Mercurial, Oracle Financials
  • Documentation and creation of security policies
  • Management of software systems, SharePoint, PrimeFaces, Git
  • Ensuring compliance with security requirements for .NET, AWS, APIs
  • Tools: MobSF, Frida, Android Studio, Drozer, Objection, Azure
Apr 2021 - May 2021
2 months

Pentest Coordinator and Security Engineer

DHL

  • Pentesting of web applications
  • Code review
  • Development of secure software development methods
  • Network testing and SIEM
  • Creation of security and test concepts
  • Penetration testing of software and architecture
  • Vulnerability analysis
  • Automation and information security
  • Use of Confluence and Jira
  • Work with databases, J2EE, JavaServer Faces, Liquibase, Apache, Maven, Mercurial, Oracle Financials
  • Documentation and creation of security policies
  • Management of software systems, SQL, PrimeFaces, Git
  • Compliance with security regulations, .NET, AWS
  • Tech Stack: Spring Boot, Kotlin, Apache, Jira, AngularJS, Linux, Windows, NetApp, Aruba, Barracuda, Azure, API
Oct 2020 - Apr 2021
7 months

Security Engineer / Penetration Tester

Federal Ministry of the Interior

  • Pentesting of web applications
  • Code review
  • SIEM
  • Development of secure software development methods
  • Creation of security and test concepts
  • Vulnerability management
  • Penetration testing of software and architecture
  • Vulnerability analysis
  • Automation and information security
  • Use of Confluence and Jira
  • Work with databases, J2EE, JavaServer Faces, Liquibase, Apache, Maven, Mercurial, Oracle Financials
  • Documentation and creation of security policies
  • Management of software systems, SQL, PrimeFaces, Git
  • Compliance with security regulations and AWS
  • Tech Stack: Spring Boot, Java, Apache, Jira, AngularJS, Linux, Splunk
Sep 2020 - Oct 2020
2 months

Penetration Tester and Security Engineer

VHV

  • Pentesting of web and mobile applications
  • Web services testing according to OWASP, BSI, MITRE ATTACK
  • SIEM and vulnerability management
  • Advising on vulnerability remediation
  • Creation of security and test concepts
  • Penetration testing of software and architecture
  • Vulnerability analysis
  • Automation and information security
  • Use of Confluence and Jira
  • Work with databases, J2EE, JavaServer Faces, Liquibase, Apache, Maven, Mercurial, Oracle Financials
  • Documentation and creation of security policies
  • Management of software systems, SQL, PrimeFaces, Git
  • Compliance with security regulations
  • Tech Stack: Tomcat, Angular, Java, Linux, SoapUI, iOS, Android, HP Server
Jun 2020 - Sep 2020
4 months

Penetration Tester and Auditor

VHV

  • Pentesting of web and mobile applications
  • Code review
  • Web services testing according to OWASP, BSI, MITRE ATTACK
  • ISO 27001 audit
  • Advising on vulnerability remediation
  • Creation of security and test concepts
  • Penetration testing of software and architecture
  • Vulnerability analysis
  • Automation and information security
  • Use of Confluence and Jira
  • Work with databases, J2EE, JavaServer Faces, Liquibase, Apache, Maven, Mercurial, Oracle Financials
  • Documentation and creation of security policies
  • Management of software systems, SQL, PrimeFaces, Git
  • Compliance with security regulations
  • Tech Stack: Angular, Java, Apache, Linux and Windows Server, iOS
Jan 2020 - May 2020
5 months
Munich, Germany

Penetration Tester and Auditor

Anonymous

  • Pentesting of web and mobile applications, web services, and networks according to OWASP, BSI, MITRE ATTACK
  • ISO 27001 audit
  • Advising on vulnerability remediation
  • Development of secure software development methods
  • Creation of security and test concepts
  • Penetration testing of software and architecture
  • Vulnerability analysis
  • Automation and information security
  • Use of Confluence and Jira
  • Work with databases, J2EE, JavaServer Faces, Liquibase, Apache, Maven, Mercurial, Oracle Financials
  • Documentation and creation of security policies
  • Management of software systems, SQL, PrimeFaces, Git
  • Compliance with security regulations
  • Tech Stack: Angular, Java, Apache, Linux and Windows Server, Cisco Switch, Fortinet
Oct 2019 - Dec 2019
3 months
Munich, Germany

Penetration Tester

Anonym

  • Penetration tests according to OWASP, BSI, MITRE ATT&CK Framework
  • Code review
  • Consulting on fixing security issues
  • Development of secure software development methods
  • Tech Stack: Angular, React, Java, Linux, AWS, iOS, Android
Jun 2019 - Oct 2019
5 months

Penetration Tester and IT Security Consultant, Auditor

Anonym

  • Penetration testing of web and mobile applications
  • Web services testing according to OWASP, BSI, MITRE ATT&CK
  • Oversight of IT projects as Project Security Officer
  • ISO 27001 audit
  • Consulting on fixing security issues
  • Development of secure software development methods
  • Creation of security and testing concepts
  • Tech Stack: Angular, React, Java, Linux, AWS, iOS, Android
Sep 2018 - May 2019
9 months
Passau, Germany

IT Security Consultant and Auditor

Anonym

  • Threat modeling
  • Vulnerability assessment according to OWASP, BSI, MITRE ATT&CK
  • Managed bug bounty program
  • Security awareness testing, SIEM, ISO 27001 audit
  • System hardening for Industry 4.0 (IT/OT hybrid environment)
  • Consulting on fixing security issues
  • Acting as Project Security Officer
  • Tech Stack: .NET, CentOS, Windows Server, AWS, Sophos Firewall, Jira, Citrix Netscaler, NetApp, VMware
May 2018 - Aug 2018
4 months
Budapest, Hungary

Penetration Tester

Anonym

  • Infrastructure penetration testing
  • Web application and web service penetration testing
  • Wireless network testing
  • Consulting on fixing security issues
  • Tech Stack: Windows Server, Windows and macOS clients, React, Sophos Firewall, Cisco routers
Mar 2018 - Apr 2018
2 months
Munich, Germany

Penetration Tester

Anonym

  • Infrastructure penetration testing
  • Web application and web service penetration testing according to OWASP, BSI, MITRE ATT&CK
  • Consulting on fixing security issues
  • Tech Stack: MEAN stack, Linux, F5 Firewall, NetApp
Nov 2017 - Feb 2018
4 months
Munich, Germany

Penetration Tester

Anonym

  • Vulnerability assessment and threat modeling for web applications and e-commerce
  • Advising on fixing security vulnerabilities
  • Tech Stack: Magento, Salesforce, Windows Server, Sophos Firewall, Jira
Jan 2014 - Sep 2017
3 years 9 months
Budapest, Hungary

Security Engineer (Penetration Tester) and Web Developer

Vesper Development Ltd.

  • Creating websites and online presences
  • Providing customer support
  • Automated security analysis and penetration testing
  • System hardening
Aug 2006 - Jan 2014
7 years 6 months
Budapest, Hungary

IT Support and Administration

Niké Ltd.

  • Supporting the setup and operation of data centers

Skills

  • .Net

  • Java

  • Python

  • Sql

  • Linux

  • Centos

  • Windows Server (2008, 2012, 2016)

  • Aws

  • F5

  • Sophos Firewall

  • Azure

  • Jira

  • F5 Load Balancer

  • Citrix Netscaler

  • Netapp

  • Weblogic

  • Fortinet

  • Salesforce

  • Barracuda

  • Sso

  • Saml

  • Openid

  • Oauth

  • Ios

  • Android

  • Aruba

  • Datadog

  • Burp Suite Pro

  • Nessus

  • Openvas

  • Nmap

  • Wireshark

  • Sslyze

  • Dirbuster

  • Nikto

  • Metasploit

  • Sqlmap

  • Netsparker

  • Splunk

  • Remedy

  • Fortify

  • Owasp (Top 10)

  • Mitre Attack

  • Osstmm

  • Nist

  • Gematik

  • Iso 27001

  • Bsi

Languages

Hungarian
Native
German
Advanced
English
Advanced

Education

Oct 2022 - Present

Middlesex University

MBA · United Kingdom

Lorem ipsum dolor sit amet

Diploma · IT and Cyber Security · United Kingdom

Certifications & licenses

Financial Modeling And Valuation Analyst

Google Project Manager Professional

Offensive Security Certified Professional (OSCP)

Certified Ethical Hacker (CEH)

Need a freelancer? Find your match in seconds.
Try FRATCH GPT
More actions

Similar Freelancers

Discover other experts with similar qualifications and experience

Rick Grassmann
Rick Grassmann

Interim IT Security Analyst

View Profile
Erlijn Van genuchten
Erlijn Van genuchten

Science communicator and change manager

View Profile
Sascha Leitner
Sascha Leitner

CEO

View Profile
Christian Decker
Christian Decker

Managing Director and Senior Consultant

View Profile
Valeri Milke
Valeri Milke

Associate Partner - Information Security Consulting

View Profile
Pierre Gronau
Pierre Gronau

Ansible Automation, Windows Third Level Support

View Profile
Seyed farhad Miri
Seyed farhad Miri

Senior Product Security Engineer

View Profile
Patrick Beck
Patrick Beck

AML Officer

View Profile
Maryam Mouzarani
Maryam Mouzarani

AI Red Team Engineer

View Profile
Matthias Steinmann
Matthias Steinmann

Senior Consultant Security (freelance)

View Profile
Niels Aerts
Niels Aerts

Azure Architect

View Profile
Gilbert Lintner
Gilbert Lintner

Cyber Security Expert

View Profile
Siegfried-thor Bolz
Siegfried-thor Bolz

AI Solutions Architect & Developer

View Profile
Christoph Holzer
Christoph Holzer

Managing Director; Senior IT Infrastructure & Cybersecurity Consultant

View Profile
Volker Jung
Volker Jung

Interim CISO (Germany, Austria, US, APAC), Auditor

View Profile
Stefan Radushev
Stefan Radushev

ISO27001 Certification

View Profile
Alexander Sänn
Alexander Sänn

Owner and Managing Director

View Profile
Henryk Orantek
Henryk Orantek

Security Consultant

View Profile
Evgenii Trembach
Evgenii Trembach

IT-Cybersecurity Engineer

View Profile
Markus Willems
Markus Willems

KRITIS Consultant

View Profile
Bernhard Bowitz
Bernhard Bowitz

Senior Security Architect

View Profile
Stanislaus Stelle
Stanislaus Stelle

Security Consultant at Rohde & Schwarz AG

View Profile
Rudolf Eggelbusch
Rudolf Eggelbusch

Datacenter Engineer, Network & Security Administrator

View Profile
Thomas Bössl
Thomas Bössl

Consultant

View Profile
Daniel Jüntgen
Daniel Jüntgen

Information Security Consultant

View Profile
Martin Wilhelmi
Martin Wilhelmi

Security Auditor

View Profile
Alagi Mansaray
Alagi Mansaray

Senior Project Manager S4HANA in the energy sector

View Profile
Nils Klawitter
Nils Klawitter

Vulnerability Management and Secure SDLC

View Profile
Nikolaus Betzler
Nikolaus Betzler

ICT Risk Management and Information Security

View Profile
Christian Gebhardt
Christian Gebhardt

Deputy Chief Information Security Officer

View Profile