André Beran - External Attack Surface Assessment & Cybersecurity Readiness Checks

Q: Where is André based?

André is based in Berlin, Germany .

Q: What languages does André speak?

André speaks the following languages: German (Native), English (Advanced) .

Q: How many years of experience does André have?

André has at least 10 years of experience. During this time, André has worked in at least 9 different roles and for 8 different companies . The average length of individual experience is 1 year and 1 month . Note that André may not have shared all experience and actually has more experience.

Q: What is André's latest experience?

André's most recent position is External Attack Surface Assessment & Cybersecurity Readiness Checks at Graydaxe Cybersecurity GmbH .

Q: What companies has André worked for in recent years?

In recent years, André has worked for Graydaxe Cybersecurity GmbH , Energy provider , Evotec SE , and German Edge Cloud .

Q: Which industries is André most experienced in?

André is most experienced in industries like Information Technology (IT) , Professional Services , and Biotechnology . André also has some experience in Energy and Banking and Finance .

Q: Which business areas is André most experienced in?

André is most experienced in business areas like Information Technology (IT) , Audit , and Project Management . André also has some experience in Product Development , Research and Development (R&D) , and Strategy and Planning .

Q: Which industries has André worked in recently?

André has recently worked in industries like Information Technology (IT) , Biotechnology , and Energy .

Q: Which business areas has André worked in recently?

André has recently worked in business areas like Information Technology (IT) , Audit , and Project Management .

Recommended expert

Berlin, Germany

Experience

Aug 2025 - Feb 2026

7 months

External Attack Surface Assessment & Cybersecurity Readiness Checks

Graydaxe Cybersecurity GmbH

Performed cybersecurity readiness checks based on our own assessment methodology
Analyzed the external attack surface using the Graydaxe EASM platform
Assessed maturity levels and provided prioritized recommendations

Jul 2025 - Feb 2026

8 months

Berlin, Germany

Cybersecurity Architect

Energy provider

Designed passwordless authentication
Designed and implemented an IT/OT zone model based on the Microsoft Enterprise Access Model and zero-trust principles
Created dependency analyses for critical Tier-0 services as part of business continuity management (BCM) and disaster recovery (DR)
Hardened Active Directory environments
Set up and optimized network security monitoring
Introduced and enhanced application controls
Implemented passwordless authentication
Audited and redesigned a next-generation SIEM architecture
Designed network access control (NAC)

Aug 2024 - Present

1 year 7 months

Dallgow-Döberitz, Germany

Co-Founder

Graydaxe Cybersecurity GmbH

Co-founded and strategically grew an AI-driven SaaS cybersecurity platform for external attack surface discovery and internet intelligence
Designed and built solutions focusing on internet intelligence, security architecture, AI-based cybersecurity analyses, and satellite-based security assessment
Conducted regular security assessments for various clients using the Graydaxe platform and additional consulting and analysis services, especially for evaluating external attack surfaces and security risks

Sep 2023 - Jun 2025

1 year 10 months

Toulouse, France

Enterprise Cybersecurity Architect

Evotec SE

Designed and implemented a holistic security architecture based on established frameworks and standards (e.g., NIST CSF, NIST SP 800-53/207, BSI IT-Grundschutz, OWASP Top 10, MITRE ATT&CK)
Responsible for architecture of central IT domains, including application security, endpoint security, network and perimeter architecture, identity & access management, PKI, DNS security, virtualization, and high-performance computing
Implemented vulnerability management, external attack surface management, and threat intelligence, including integration of key security tools
Led and implemented OT and IT security measures after a ransomware incident, including secure migration of GxP-regulated lab systems, OT hardening, segmentation, and risk-based access concepts in close collaboration with IT, OT, and QA
Supported secure software development by defining security requirements, conducting architecture reviews, integrating DevSecOps principles, and threat modeling (STRIDE)
Built and operated central security processes and platforms (e.g., vulnerability management, XDR, SIEM, firewall change management, attack surface management, brand intelligence)
Designed and built a hybrid SOC (cloud & on-premise), including use-case definition, alerting workflows, and selection of external SOC providers
Defined and implemented OS hardening according to CIS benchmarks for on-premise and cloud environments

Aug 2020 - Aug 2023

3 years 1 month

Berlin, Germany

CISO & SOC Team Lead

German Edge Cloud

Held technical responsibility as CISO for a cloud provider with about 170 employees
Led organizational and technical operations of the Security Operations Center (agile team with internal and external specialists, blue & red team)
Designed, built, and operated an SOC including XDR, vulnerability management, SIEM, threat intelligence, and threat hunting
Developed and executed incident detection & response procedures and established related processes
Managed security operations with focus on endpoint detection, malware analysis (phishing), OSINT, and threat hunting
Conducted threat modeling, risk analyses, and built related processes (STRIDE, MITRE ATT&CK)
Ran proof-of-concepts for endpoint and XDR solutions
Managed external security assessments (pentests, DDoS tests)
Supported management and the information security officer in implementing and advancing the ISMS according to ISO/IEC 27001
Assisted with internal and external audits (clients, ISO 27001, BSI C5)

Oct 2019 - Aug 2020

11 months

Eschborn, Germany

CISO

Innovo Cloud

Co-founded and strategically advanced an AI-powered SaaS cybersecurity platform
Designed and built a platform focused on threat intelligence and external attack surface management
Developed the core security logic, use cases, and evaluation methodologies
Handled technical architecture, tool integration, and automation of analysis workflows
Combined data-driven analysis with security architecture consulting

Jun 2019 - Sep 2019

4 months

Frankfurt am Main, Germany

Cybersecurity Architect/Consultant

Helaba

Contributed to the design, development, and audit of a group-wide security framework for the banking sector
Reviewed existing security architectures and standards
Aligned security requirements and concepts with relevant stakeholders

Aug 2018 - May 2019

10 months

Walldorf, Germany

Cloud Security Architect

SAP

Validated and enhanced security automation templates according to the SAP Security Framework for private and public cloud environments
Integrated the security templates into central SAP security automation processes for platforms like Ariba, Concur, Fieldglass, Cloud Foundry, as well as AWS and Azure
Focused on OS hardening for Linux and Windows servers according to internal security guidelines
Analyzed and validated scan results
Managed the technical project rollout of the security automation templates, including coordination between the security and automation teams

Nov 2015 - Jun 2018

2 years 8 months

Berlin, Germany

Senior IT Auditor and IT Security Consultant

Mazars

Performed IT audits and risk assessments of applications, business processes, and IT infrastructures as part of annual financial audits (IDW PS 261, 330)
Audited and advised in regulated environments, including MaRisk, BaFin, BAIT, ISO/IEC 27001, and SOC I and II
Conducted and supported certifications under ISAE 3402 and IDW PS 951
Carried out compliance and security reviews during migrations and system implementations (IDW PS 850) and software certifications (IDW PS 880)
Provided SAP security consulting and IT audits in the SAP environment, particularly authorization management
Performed multidimensional data analyses in ERP systems to support internal control and fraud audits

Industries Experience

See where this freelancer has spent most of their professional time. Longer bars indicate deeper hands-on experience, while shorter ones reflect targeted or project-based work.

Experienced in Information Technology (6 years), Professional Services (2.5 years), Biotechnology (2 years), Energy (0.5 years), and Banking and Finance (0.5 years).

Information Technology

Professional Services

Biotechnology

Energy

Banking and Finance

Business Areas Experience

The graph below provides a cumulative view of the freelancer's experience across multiple business areas, calculated from completed and active engagements. It highlights the areas where the freelancer has most frequently contributed to planning, execution, and delivery of business outcomes.

Experienced in Information Technology (10 years), Audit (6 years), Project Management (4 years), Product Development (2.5 years), Research and Development (2.5 years), and Strategy (1.5 years).

Information Technology

Audit

Project Management

Product Development

Research and Development

Strategy

Summary

Experienced cybersecurity expert with a software- and technology-agnostic approach and deep expertise in securing complex IT and OT landscapes. Many years of work in various roles, including cybersecurity architect, security consultant, vulnerability and attack surface manager, technical CISO, SOC team lead, and auditor for technical and regulatory security requirements. Solid experience in designing, assessing, and practically implementing modern security architectures, both technically and organizationally. Industry-spanning project experience in critical infrastructures (energy, pharma, finance), with IT and cloud service providers, and in regulated corporate environments. Collaboration with medium-sized companies and international corporations.

Skills

Core Qualifications

Cybersecurity Architectures For It And Ot Environments
Onprem And Cloud-native Security Architectures, Hybrid And Multi-cloud
Security Workflows And Processes
Identity And Access Management
External Attack Surface Management
Vulnerability Management & Exposure Reduction
Security For Ai-driven Systems, Machine Learning, And Data-driven Applications
Security For Satellite-based Systems And Related Ground Infrastructure
Incident Detection & Response (Processes, Playbooks, Architecture)
Siem Design, Optimization, Audit, Multi-siem
Cybersecurity For Satellites
Network Security Monitoring
Application Controls
Security Assessments & Audit-related Reviews
Technical Security Consulting & Project Leadership
Pragmatic Isms Implementation & Development (Technical & Organizational)

Industry Experience

Critical Infrastructures Such As Energy, Pharma, Finance
Cloud And It Service Providers
Industry
Smes And Enterprise Organizations
Regulated Industries With High Compliance Requirements

Technologies

Cloud: Azure, Aws
Cloud-native & Devsecops: Openstack, Kubernetes, Container Security, Gitlab Ci/cd, Infrastructure As Code
Identity & Access: Entra Id, Active Directory, Pam/pim, Passwordless (X.509, Whfb, Fido2, Passkeys)
Siem & Detection: Microsoft Sentinel, Elastic Siem, Splunk Enterprise Security, Alienvault Ossim
Endpoint & Xdr: Microsoft Defender Xdr, Palo Alto Cortex Xdr, Palo Alto Cortex Xsiam, Bitdefender, Thor (Apt Scanner)
Vulnerability & Exposure Management: Rapid7 Insightvm, Tenable.io, Tenable.sc, Qualys, Nuclei, Greenbone/openvas
Attack Surface & Internet Intelligence: Shodan, Censys, Greynoise, Graydaxe
Security Automation & Scripting: Python, Powershell, Bash
Networking: Network Security Monitoring, Dns Security (Ddi), Cisco Sna, Suricata, Zeek, Palo Alto, Firewall Change Management
Ai: Openai Gpt-4, Claude, Gemini, Mistral For Code Generation And Code Reviews For Security Automation, Api Integration, Anomaly Detection, Experimental Llm Use For Recon, Risk Rating, Risk Type Classification (Software Vulnerabilities, Insecure Protocols, Remote Access, Etc.)

Frameworks And Standards

Iso/iec 27001
Nist Cybersecurity Framework
Nist Sp 800-53
Nist Sp 800-207
Nist Sp 800-82
Bsi It-grundschutz
Bsi C5
Nis2
Essential Eight
Mitre Att&ck, Stride (Threat Modeling)

Other

Development And Operation Of Own Platform For External Attack Surface Management And Internet Intelligence

Languages

German

Native

English

Advanced

Education

Sep 2008 - Aug 2012

Nuremberg Institute of Technology Georg Simon Ohm

Bachelor of Business Informatics & Controlling · Business Informatics & Controlling · Nuremberg, Germany

Sep 1996 - Aug 2002

Belarusian National Technical University, Minsk

Diploma in Electrical Engineering · Electrical Engineering · Minsk, Belarus

Certifications & licenses

Security Operations & Defensive Analysis (Soc-200)

Offensive Security

Aws Certified Solutions Architect – Associate

A Cloud Guru

Certificate Of Cloud Security Knowledge (CcsK / Csa V4)

Cloud Security Alliance

SAP Security – Testing and Audit Practice

Ibs Schreiber, Hamburg

Critical infrastructure training under §8a (3) BSI Act

Isaca

Certified Information Systems Auditor (Cisa)

Isaca

Micromaster Cybersecurity

Rochester Institute Of Technology

Profile

Created

February 2026

Need a freelancer? Find your match in seconds.

Try FRATCH GPT

Frequently asked questions

Do you have questions? Here you can find further information.

Where is André based?

André is based in Berlin, Germany.

What languages does André speak?

André speaks the following languages: German (Native), English (Advanced).

How many years of experience does André have?

André has at least 10 years of experience. During this time, André has worked in at least 9 different roles and for 8 different companies. The average length of individual experience is 1 year and 1 month. Note that André may not have shared all experience and actually has more experience.

What roles would André be best suited for?

Based on recent experience, André would be well-suited for roles such as: External Attack Surface Assessment & Cybersecurity Readiness Checks, Cybersecurity Architect, Co-Founder.

What is André's latest experience?

André's most recent position is External Attack Surface Assessment & Cybersecurity Readiness Checks at Graydaxe Cybersecurity GmbH.

What companies has André worked for in recent years?

In recent years, André has worked for Graydaxe Cybersecurity GmbH, Energy provider, Evotec SE, and German Edge Cloud.

Which industries is André most experienced in?

André is most experienced in industries like Information Technology (IT), Professional Services, and Biotechnology. André also has some experience in Energy and Banking and Finance.

Which business areas is André most experienced in?

André is most experienced in business areas like Information Technology (IT), Audit, and Project Management. André also has some experience in Product Development, Research and Development (R&D), and Strategy and Planning.

Which industries has André worked in recently?

André has recently worked in industries like Information Technology (IT), Biotechnology, and Energy.

Which business areas has André worked in recently?

André has recently worked in business areas like Information Technology (IT), Audit, and Project Management.

What is André's education?

André holds a Bachelor in Business Informatics & Controlling from Nuremberg Institute of Technology Georg Simon Ohm and a Bachelor in Electrical Engineering from Belarusian National Technical University, Minsk.

Does André have any certificates?

André has 7 certificates. Among them, these include: Security Operations & Defensive Analysis (Soc-200), Aws Certified Solutions Architect – Associate, and Certificate Of Cloud Security Knowledge (CcsK / Csa V4).

What is the availability of André?

André is immediately available full-time for suitable projects.

What is the rate of André?

André's rate depends on the specific project requirements. Please use the Meet button on the profile to schedule a meeting and discuss the details.