Manfred Liebetrau

Support for the Chief Security Officer (CSO) and Chief Information Security Officer (CISO)

Dortmund, Germany

Experience

Oct 2022 - Jul 2024
1 year 10 months
Stuttgart, Germany

Support for the Chief Security Officer (CSO) and Chief Information Security Officer (CISO)

Creditplus Bank AG

  • Design of the information security process based on ITIL 4
  • Design of ITIL 4 incident and change management processes
  • Creation of information security policies for the bank
  • Support in internal audit findings project
  • Advising on building the bank’s internal control system (ICS)
  • Advising on ICS process setup
  • Advising and support on security architecture and risk analysis of the existing IT landscape including IT security architecture, data management, data compliance & physical security
  • Advising and project management on security concept for the bank’s assets
  • Advising and support in contracts with external service providers to meet regulatory (BAIT; MaRisk; DORA; NIS2; GDPR) and information security requirements
  • Support in planning and implementing a SOC/SIEM and risk management
  • Support for the spam mail team in analyzing and handling incidents
  • System environment and software: MS Office; Confluence
Jul 2022 - Feb 2023
8 months
Berlin, Germany

IT-Compliance / Building Internal Control System (ICS) / Audit Findings

Investitionsbank

  • Advising on building the bank’s internal control systems
  • Support in building the bank’s IT compliance department and reorganizing existing risk analysis (MaRisk)
  • Converting old procedure manuals to current operating guidelines
  • Advising on business process changes under regulatory requirements; recertification of permissions and concepts (BRK)
  • Advising on ICS process setup
  • Managing regulatory audit findings resolution with internal audit (BAIT)
  • Checking implementation of regulatory requirements by IT and physical security
  • Reviewing evidence and documentation as proof of implementation
  • As-is vs. should-be analysis of existing documentation and procedures
  • System environment and software: MS Office; Confluence
Apr 2022 - Jan 2023
10 months
Hamburg, Germany

Information Security / Building SOC / SIEM Team / ITIL Security Processes

Technikerkrankenkasse

  • Design of the information security process based on ITIL 4 in collaboration with risk management (MaRisk; risk analysis)
  • Design of ITIL 4 incident processes
  • Advising ITSCM on SOC introduction; preparing PoC based on VAIT
  • Security architecture; vulnerability and patch management
  • Evaluating appropriate measures as a basis for SOC level 1 analysis
  • System environment and software: MS Office; Confluence
Mar 2021 - Dec 2021
10 months
Berlin, Germany

Information Security / SOC Incident Management (L2 SOC Analyst) / SIEM / ITIL Security Processes / CMDB

Bundesministerium

  • Design of IT security and ISMS processes; building MITRE ATT&CK
  • Support in SOC/SIEM project to connect Azure Sentinel to the network infrastructure
  • Security architecture; vulnerability and patch management
  • Analysis and assessment of security alerts in MS 365, Defender for Identity and Azure
  • Planning and building a new CMDB
  • Planning data center physical security and access control
  • Leading the incident response team; MITRE ATT&CK analyses
  • Security awareness training for staff (interim / front-side)
  • System environment and software: MS Office; Confluence; SharePoint; Azure; MCAS; Defender; ServiceNow
Jan 2020 - Mar 2021
3 months
Bonn, Germany

Information Security, Governance & Transition (ISMS)

TCS GmbH / Postbank

  • Advising and explaining my past projects
  • Verifying regulatory correctness of data (data governance)
  • Advising on new key figures in the ISMS report for risk management (MaRisk; risk analysis)
  • Advising on PKI measures catalog
  • Advising on permission concepts
  • System environment and software: MS Office
Sep 2020 - Dec 2020
4 months
Innsbruck, Austria

Security Operations Center Outsourcing Projects (SOC / SIEM)

RMPI-Austria

  • Back-office RFP design for various SOC outsourcing projects
  • Creation of tender documents (RFP)
  • Back-office support
  • Presentation design: SOC tender including SIEM, EDR, vulnerability and patch management and APT/ATP
  • System environment and software: MS Office
Jul 2020 - Aug 2020
2 months
Düsseldorf, Germany

Support in Big Data Environment

Energie Versorger

  • Creating Bash scripts with Talend Open Studio to migrate Excel sheets and Oracle databases to Snowflake Data Lake
  • Exporting data to Excel for analysis as preparation and planning for a data management and data governance project
  • Preparing Talend Pipeline Designer
  • Correcting frontend forms for data entry using Bootstrap and Vue.js; environment Microsoft Azure
  • Project management of analysis for ISMS, SOC and SIEM introduction project preparation
  • Security architecture analysis
  • System environment and software: Talend Open Studio; Talend Pipeline Designer; Snowflake; Bootstrap; Vue.js; Oracle DB
Jan 2020 - May 2020
5 months
Bonn, Germany

Subproject Lead as Security Officer

Deutsche Bank | Technology, Data And Innovation (Postbank Systems AG)

  • IT security & compliance in over 15 projects to merge Postbank IT systems with Deutsche Bank systems based on regulatory requirements from banks and BaFin
  • Creation of security documents and relevant chapters in compliance documents (detailed design, permission concept, operations manual)
  • Assessing criticality of Postbank security test findings in the context of Deutsche Bank group
  • Defining protections to meet basic controls
  • Compliance evaluation with bank specialists and application owners
  • Analysis of applications and data centers (physical security) affected by both banks and creating security concepts
  • Aligning ISMS manuals between Deutsche Bank and Postbank
  • Aligning SOC and SIEM procedures between Deutsche Bank and Postbank
  • Reviewing use of MITRE ATT&CK
  • Checking compliance with legal requirements (BAIT; MaRisk; ITSiG; GDPR)
  • Comparing implemented measures with BSI technical guidelines
  • Handling and closing internal and external (BaFin) audit notes
  • Creating and evaluating risk analyses and reports based on Deutsche Bank risk grid
  • Supporting project management to follow new processes in the approach model (Pre-DeuBa)
  • Staff training on projects (interim)
  • System environment and software: Databases: Oracle, MS-SQL; OS: Windows, Linux, AIX; Software: SAP; SAS; Citrix Webex; HADOOP; Docker; VMware; ECM
Oct 2015 - Jan 2020
4 years 4 months
Bonn, Germany

Subproject Lead as Security Officer; Security Team Lead (PSB)

Postbank Systems AG

  • IT security; governance & compliance in over 150 projects for PCS and cyberthreat projects; initiating the security process
  • Process flow for creating ISMS security documents and planning security tests
  • Supporting SOC on MaSI in incident and event management (SIEM)
  • Assessing criticality of security test findings
  • Defining protections to meet basic controls
  • Advising and assisting on security assessments (BIA impact) with bank specialists
  • Setting advanced measures (risk-driven controls) from assessment results (BCM impact)
  • Advising on permission concepts (BRK)
  • Compliance evaluation with bank specialists and/or application owners
  • Analyzing applications and creating security concepts (BAIT)
  • Contributing to middleware platform security architecture
  • Advising on security awareness under “No Fear of Security”
  • Presentation “Security concept explained simply and quickly”
  • Supporting ISM and SOC in GDPR introduction
  • Handling and closing internal and external (BaFin) audit notes
  • Bridging process gaps between ISO 27001 ISMS and Scrum
  • Developing security strategies for big data projects to avoid data gaps (data governance); consolidating import/export methods and data into a “data lake”
  • Information security training for development and DB teams and internal document management
  • System environment and software: Databases: Oracle, MS-SQL, DB2; OS: Windows, Solaris, Unix, Linux, zOS; Software: BladeLogic; Remedy; ArcSight; Oracle WebLogic; Prometheus; Grafana; Tibco BWH; SAP; ABACUS; ADONIS; Audimex-ee; BrokerTec; LCH Markit; Thomson & Reuters; Bloomberg; Kondor; Prime; in-house Java developments
Jan 2015 - Jan 2020
5 years 1 month
Bonn, Germany

Conducting Security Self-Assessments in 35 Projects

Deutsche Post DHL AG

  • Defining assets
  • Advising on asset evaluation
  • Evaluating assets
  • Answering security questions as recommendations to business units
  • Aligning with business units for risk analysis
  • Preparing for security approval
  • Training business units on self-assessment
  • System environment and software: Databases: Oracle, Teradata, MS-SQL; OS: Windows, Solaris, Unix, Linux; Software: WebSphere; AquaLogic; BEA WebLogic; MS SharePoint; in-house developments
Nov 2014 - Mar 2015
5 months
Prague, Czech Republic

Private Cloud Implementation

DHL International

  • Structuring applications regarding IT security aspects
  • Threat modeling based on MS SDL
  • Aligning MS SDL model with ISMS in Excel
  • Creating security concept
  • Aligning with corporate security
  • Preparing security approval
  • System environment and software: Database: Oracle; OS: Windows; Software: VMware
Oct 2011 - Jan 2019
7 years 4 months
Bonn, Germany

IT Security & Compliance

Deutsche Post DHL AG

  • Conducting security self-assessments; creating STRIDE models and security concepts
  • Structuring applications regarding IT security aspects
  • Threat modeling using UML or MS SDL
  • Checking legal basics concerning the application
  • Developing nonfunctional security requirements
  • Identifying threats
  • Creating measures
  • Ensuring security standards
  • Creating and implementing security standards (ISMS)
  • Training staff on security standards
  • System environment and software: Databases: Oracle, Teradata, MS-SQL; OS: Windows, Solaris, Unix, Linux; Software: WebSphere; AquaLogic; BEA WebLogic; MS SharePoint; in-house developments
Jan 2005 - Oct 2011
5 years 10 months
Germany
Lorem ipsum dolor sit amet

Various SMEs

  • Implementing IT security standards
  • Reviewing and documenting IT systems
  • Creating e-commerce solutions
Jan 2004 - Mar 2005
3 months
Plettenberg, Germany
Lorem ipsum dolor sit amet

Vollmerhaus Oberflächentechnik GmbH

  • Software rollout
  • Security consulting
  • Implementing ISO/TS 16949 standard
Sep 2004 - Dec 2004
4 months
Mönchengladbach, Germany
Lorem ipsum dolor sit amet

Flughafen Mönchengladbach

  • Investigating and optimizing Oracle data
  • Security & IT consulting
  • Development
Mar 2002 - Aug 2004
2 years 6 months
Ratingen, Germany
Lorem ipsum dolor sit amet

AIM-Systems GmbH

  • Security & IT consulting
  • Development
  • Project management
  • Trainer
Dec 2001 - Feb 2002
3 months
Bochum, Germany

Trainer for HTML and JavaScript Courses

Agentur für Arbeit

Jul 2001 - Nov 2001
5 months
Cologne, Germany
Lorem ipsum dolor sit amet

Asstel Versicherungen

  • Security & IT consulting
  • As-is analysis of existing platform
  • Frontend form design
  • Usability optimization
  • IT security gap analysis
  • Recommending security strategies
May 2001 - Jun 2001
2 months
Bonn, Germany
Lorem ipsum dolor sit amet

T-Mobile

  • Security & IT consulting
  • Frontend design
  • Security requirements analysis
Aug 2000 - Apr 2001
9 months
Zürich, Switzerland

Subproject Management “Swiss Payment”; Responsible for MA Intranet

Vontobel Bank

  • Frontend concept and development meeting security requirements

Summary

  • Information Security Management
  • IT Governance (BAIT; VAIT; KAIT; MaRisk; DORA; NIS2; DGA; EU AI Act)
  • Compliance (ICS; Document & Data Management)
  • BSI IT-Grundschutz 200-x
  • ITIL4 / ISO 27000 series
  • ISO 31000 Risk Management (Identification; Analysis; Treatment; Risk Grid; Adoption Procedures)
  • Advising and creating policies, processes and security concepts, security architecture
  • ISO 22317 Business Impact Analysis (BIA); ISO 22301 Business Continuity Management (BCM)

Languages

German
Native
English
Advanced
Dutch
Elementary
French
Elementary

Certifications & licenses

CBAP

CISM

CISSP

IT Security Officer

TÜV