Christian Decker

Managing Director and Senior Consultant

Groß-Umstadt, Germany
Experience
Jan 2016 - Present
9 years 7 months
Gross-Umstadt, Germany

Managing Director and Senior Consultant

business-security (b-sec®) GmbH

  • Conceptual consulting for securing business processes
  • Consulting on planning and implementing IT and IT security projects
  • Security and policy checks, process optimizations, emergency planning
  • Project management and interim management in IT infrastructure and information security

Overview of relevant projects:

  • 2025: Consulting on a DLP concept for Digid GmbH.
  • 2025: Advising a client after a cybersecurity attack where the IT infrastructure was compromised and the attacker gained M365 tenant admin rights. Investigated and restored IT infrastructure. Created recommendations to improve IT security.
  • 2025: Continued projects for Thyssenkrupp Marine Systems and Norddeutsche Landesbank.
  • 2024: Developed a DNS concept including advice on DNS strategy and technology, DNS design, DNS security, load balancing, reverse lookup zones and automation. Created a DHCP concept including advice on DHCP design, central DHCP management system and automation. Advised on operation of these products, operational processes, and updated IT documentation and service descriptions for Thyssenkrupp Marine Systems.
  • 2024: Current-state analysis and evaluation of provider-established network and security infrastructure regarding overall architecture, design and components. Designed solutions to improve operations for performance, security and complexity reduction. Presented findings, causes and solution options at C-level with decision templates. Developed a SASE concept based on zero-trust architecture for Norddeutsche Landesbank.
  • 2024: Continued projects for Atlas GmbH and Deutsche Vermögensberatung AG.
  • 2023: Advising on remediation of findings from an IT security assessment of IT infrastructure, conducting proof-of-concepts for DDoS protection, Digital Experience Monitoring (DEM) with Zscaler (ZIA, ZPA & ZDX), creating a new security architecture based on zero trust, redesigning Cisco ISE implementation and designing a DNS security solution to protect guests and financial advisors for Atlas GmbH / Deutsche Vermögensberatung AG.
  • 2023: Continued projects for Digid GmbH, Vaillant Group GmbH (until 09/2023), Federal Institute for Geosciences and Natural Resources (until 05/2023) and Union Investment IT-Services GmbH (until 07/2023).
  • 2022: Created and reviewed whitepapers for infrastructure and security architectures, planned new network infrastructures for the German Aerospace Center.
  • 2022: Developed concept for technical and process modernization of a disaster recovery plan for United Nations Volunteers.
  • 2022: Designed concept for migrating measurement data to a cloud environment, introduced network access control and delivered an awareness training for Digid GmbH.
  • 2022: Designed network segmentation concept for DZ Hyp AG.
  • 2022: Designed network segmentation for the Federal Employment Agency.
  • 2021: Designed a new load balancer architecture for Bundeswehr Fuhrparkservices GmbH.
  • 2021: Vulnerability scan and penetration test of a web frontend including evaluation and remediation recommendations based on risk and likelihood for ifi GmbH.
  • 2021: Consulting, design and subproject management for implementing a network access control solution (certificate authentication and MAC bypass) and macro-segmentation (area and zone concept with dynamic device assignment) in office and production IT for Vaillant Group GmbH.
  • 2021: Upgrade and optimization of LAN and WLAN infrastructure for United Nations Volunteers.
  • 2021: Developed target concept for modernizing IT security infrastructure including DMZ (Cisco switches, firewalls, WSA, ESA, SMA), internet access, admin and management networks and wireless LAN, and supported implementation for Federal Institute for Geosciences and Natural Resources.
  • 2021: Created micro-segmentation concept based on Cisco DNA, SGT and zero trust for Union Investment IT-Services GmbH.
  • 2021: Reviewed and updated ISMS Level-3 policies and created procedures for Software AG.
  • 2021: Project lead for global Tec-Refresh Meraki WLAN 2.0, coordinated outsourcing of LAN/WLAN infrastructure to an MSP and created a WLAN concept for automated guided vehicles for Heraeus Infosystems GmbH.
  • 2021: Project management and support for “Transition of SIEM/SOC Services” project into a shared environment and interim Head of Security Operations at Datagroup SE.
  • 2021: Workshop for future mobile device management implementation at Allgeier Experts Go GmbH.
  • 2021: Subproject lead for implementing a firewall rule management tool and recertification of NAC endpoints based on 802.1x and MAB at Union Investment IT-Services GmbH.
  • 2020: Developed network segmentation concept for two data centers based on Cisco and VMware for Aareon AG. Conducted current-state analysis and initiated the project. Designed micro-segmentation for data center and access network.
  • 2020: Infrastructure and security architecture audit for Stuttgarter Versicherung AG. Analyzed IT and security architecture, reviewed contracts, process docs and manuals. Created recommendations to improve stability and operations. Designed network segmentation concept and led implementation.
  • 2020: Consulting on setting up an ISMS-Light at Josera foodforplanet GmbH & Co. KG.
  • 2020: Security architecture consulting at Datagroup SE. Developed future IT infrastructure and security architecture, current-state analysis of IT across 23 entities, optimization recommendations, perimeter vs. zero trust comparison, security zone concept and infrastructure architecture aligned with all entities.
  • 2018-2019: Stream Lead in cybersecurity program at Deutsche Lufthansa AG. Responsible for design and implementation of 9 projects in IT security infrastructure and user access management and for managing project leads and experts. Project areas: network segmentation and access control, security architecture, privileged identity & access management, simplify user authentication (MFA), mobile & endpoint security, OT security, e-enabled aircraft.
  • 2018: Security architecture consulting at Deutsche Lufthansa AG. Project lead for development, evaluation and management of company-wide information security architecture. Developed security strategy and roadmap for zero trust. Evaluated market security solutions, services and tools. Defined RfP requirements, evaluated offers, maintained architecture artifacts. Conducted security reviews of existing and new IT systems and services.
  • 2018: ISMS consulting at GLS IT Services GmbH. Advised on ISMS implementation and initial operation based on ISO27001. Audited IT environments of GLS national subsidiaries. Analyzed and assessed IT security risks and derived measures. Developed solutions with stakeholders. Managed project and handed over ISMS to operations.
  • 2016-2018: Security pre-sales consultant for Cisco Systems GmbH. Nationwide strategic and conceptual consulting for major enterprise and finance clients on Cisco and Meraki security products and services like Firepower, WSA, ESA, Stealthwatch, ISE.
  • 2017-2018: Designed and built ISMS at Verivox GmbH. Conducted BIAs and gap analyses. Created security policies based on ISO2700x. Served as interim Information Security Officer.
  • 2017: Created emergency plan for VPV Lebensversicherungs-AG. Reviewed and updated IT emergency handbook.
  • 2016: Consulting and project management for cloud & hosting services design at Vodafone Group Services GmbH. Analyzed and optimized sell-build-run process. Created detailed design for cloud products.
Jan 2013 - Dec 2016
4 years
Gross-Umstadt, Germany

Freelance IT Infrastructure and Security Consultant

christiandecker.net

  • 2015-2016: Consulting and project management to set up IT security demand management for corporate security at Vodafone Germany GmbH. Supported the Information Security Officer. Proof-of-concept of a WAF integrated with SIEM. Security check of top 10 applications. Security review of a cloud solution for an internal DMS. Security audit of a data center coupling. Migration of SOC from Kabel Deutschland to Vodafone. Defined security parameters for a VDI environment.
  • 2015: Created telephony security concept for VPV Lebensversicherungs-AG.
  • 2014-2015: Consulting and various IT security project management for corporate security at Kabel Deutschland Vertrieb und Service GmbH. Implemented NAC with 4000 endpoints based on Cisco ISE and 802.1x as preparation for TrustSec microsegmentation. Deployed a firewall policy tool based on Tufin. Optimized processes and SIEM integrations with Arcsight. Deployed a vulnerability scanner based on Tripwire. Introduced mobile device management based on SAP Afaria. Reviewed and aligned security policies of both companies.
Jan 2008 - Dec 2013
6 years
Wiesbaden, Germany

Head of Infrastructure & Security and Service Desk / Information Security Officer

Commerz Real AG

  • Upgraded Windows Server 2003 to 2008.
  • New employee evaluation system.
  • Project management for project managers 1–4.
  • Visualization and presentations.
Jan 2006 - Dec 2008
3 years
Egelsbach, Germany

Head of Technology

Com-Sys Gesellschaft für Netzwerktechnik mbH

  • IT security criteria comparison (ITIL, BS2700x).
  • Realtech network management and Funkwerk UTM appliance.
Jan 2002 - Dec 2006
5 years
Egelsbach, Germany

Senior Support Engineer

Com-Sys Gesellschaft für Netzwerktechnik mbH

  • Avaya Advanced 1st and 3rd level support.
  • Experience with Enterasys PEN, IDS, IDS-Advanced.
  • Experience with Kobil SmartKey, SmartToken, SecOvid and mIDentity.
  • Varysys Packetalarm administrator.
  • Experience with Enterasys routing, VPN, UPN and IDS.
Jan 2000 - Dec 2002
3 years
Frankfurt, Germany

Team Lead IP Network Management

Deutsche Telekom AG

  • Led team in IP network management using Cisco technologies (ICND, BSCN, BCMSN, BCRAN, CVOICE, CIT, CID, CATM, AOSPF, ABGP, SNAM, CCIE-VB).
Jan 1999 - Dec 2000
2 years
Frankfurt, Germany

Network Planning and Design Specialist

Fraport AG

  • Airport management.
  • Cisco router configurations on IOS.
  • Conflict management, facilitation and presentations.
Jan 1997 - Dec 1999
3 years
Frankfurt, Germany

Network Operations Center Specialist

Fraport AG

  • NOC operations trainee.
  • UNIX, migrated to Solaris.
  • Federal Data Protection Act.
  • Basics of Ethernet / Token Ring / ATM.
  • Sniffer Network Analyzer.
Jan 1996 - Dec 1997
2 years
Frankfurt, Germany

Network Installation Service Specialist

Fraport AG

Jan 1993 - Dec 1996
4 years
Frankfurt, Germany

Apprentice Communication Electronics Technician, Telecommunications

Fraport AG

  • Bosch Integral 22x/E.
Summary
  • Conceptual consulting for securing business processes
  • Consulting on planning and implementing IT and IT security projects
  • Security and policy checks, process optimizations, emergency planning
  • Project management and interim management in IT infrastructure and information security
Languages
German
Native
English
Advanced
French
Elementary
Education
Oct 1993 - Jun 1996

Fraport AG

Apprenticeship · Communication Electronics Technician, Telecommunications · Frankfurt, Germany

Certifications & licenses

Cisco Cyber Security Specialist Stage I Exam

Cisco

Cisco CMNA Meraki Training with Certification

Cisco

CISSP Training with Certification

Astaro Certified Administrator v7

Astaro

Astaro Certified Engineer v7

Astaro

Astaro Certified Expert v7

Astaro

Astaro Sales Expert v7

Astaro

Avaya Advanced 1st-Level Support

Avaya

Avaya Advanced 3rd-Level Support

Avaya

Enterasys IDS

Enterasys

Enterasys IDS-Advanced

Enterasys

Enterasys PEN

Enterasys

Enterasys Routing

Enterasys

Enterasys UPN

Enterasys

Enterasys VPN

Enterasys

Kobil SecOvid

Kobil

Kobil SmartKey

Kobil

Kobil SmartToken

Kobil

Kobil mIDentity

Kobil

Varysys Packetalarm Administrator

Varysys

ABGP

Cisco

AOSPF

Cisco

BCMSN

Cisco

BCRAN

Cisco

BSCN

Cisco

CATM

Cisco

CCIE-VB

Cisco

CID

Cisco

CIT

Cisco

CVOICE

Cisco

ICND

Cisco

SNAM

Cisco

Need a freelancer? Find your match in seconds.
Try FRATCH GPT
More actions