Mike Barthel - System and Endpoint Hardening

Meuselwitz, Germany

Experience

Jan 2024 - Nov 2024

11 months

System and Endpoint Hardening

CLAAS

Evaluation and assessment of the current state
Preparation and execution of security audits
Vulnerability characterization and risk analysis
Evaluating, coordinating and converting identified vulnerabilities into target states
Coordinating stakeholder interests
Developing and implementing IT security strategy for OT and IoT (continuous risk assessment and risk management, awareness, multi-layered security solutions, regular security audits, access restrictions)
Organizational and technical documentation, presentations and workshops
Skills: Qualys, Splunk, Nessus, QRadar, National Vulnerability Database (NVD/NIST), OWASP, OT, CERT/CC, BSI baseline protection catalogs, ISO 27001, MITRE ATT&CK, Center for Internet Security (CIS), GitHub, Active Directory, PowerShell, Symantec Endpoint Protection, Microsoft Azure and Office 365 App Security, ITSM

Oct 2023 - Dec 2024

1 year 3 months

Vulnerability Management, GPO and Endpoint Hardening

Thales

Identification, evaluation and prioritization of vulnerabilities in Windows and Linux server and client environments
Implementation of stakeholder and remediation processes
Remediation confirmation, reporting and CIS system and application hardening
Rapid7 Nexpose/InsightVM life cycle management
Implementation of CIS Controls using CIS Community Defense Model v2 and CIS GPO benchmarks for browsers, Windows server/client and SQL Server
Use of Microsoft Security Compliance Toolkit and security baselines and integrated tools against existing GPOs (compare, test, inject)
Preparation of technical and organizational documentation
Skills: vulnerability management with Rapid7 Nexpose/InsightVM, reporting and escalation, remediation, target/actual analysis and implementation of NIS2, KRITIS, BSI baseline protection, VSA, VS-NfD, ISO 27001, NIS-2, CERT, OWASP, NIST, CERT/CC, NVD, MITRE ATT&CK, SQL query design, CIS controls/benchmarks, endpoint hardening, IT service/business continuity management

Aug 2022 - Dec 2024

2 years 5 months

Azure, Defender and Microsoft 365 Administration

DEKRA

Setup of secure file sharing and collaboration with Microsoft Teams
Planning and configuring ransomware protection in Microsoft 365
Provisioning and configuration of remote workstations
Configuration of data protection and security for Microsoft 365 Copilot
Configuration and administration of Microsoft SharePoint and OneDrive
Auditing Microsoft 365 security and compliance
Zero Trust identity and device access configuration
Implementation of SIEM and XDR with Microsoft 365 Sentinel and Defender for OT and IoT endpoints
DLP risk management and data classification in Microsoft Purview
Migration from Kaspersky AV to Microsoft Defender for Endpoint
Office 365 and cloud apps administration
Administration of Azure AD, Intune and M365 Security Center
EDR monitoring, SIEM Sentinel forensics and incident management
Workshops, presentations and documentation
Skills: Azure AD, Intune, Microsoft 365 App Governance, Microsoft 365 Security Center, Microsoft 365 Admin Center, vulnerability management, ISO 27001, business impact analysis, IT service/business continuity management, data loss prevention and data protection risk management in Microsoft Purview, SharePoint, XDR, SIEM, log source monitoring, Copilot

Aug 2022 - Jul 2023

1 year

Administration and rollout of Trend Micro products

Cancom

Rollout and management of Trend Micro products
Apex One and Apex Central

Oct 2021 - Dec 2023

2 years 3 months

IT security consulting

Enervie

Windows and Linux hotfix and security patch management for endpoints in the control center network
Trellix endpoint and ePO administration
Threat and vulnerability management
Optimization of response measures
Asset and network inventory with DocuSnap
Reporting and documentation
Skills: WSUS, BSI baseline protection, NIST, KRITIS, inventory and reporting, Trellix and ePO administration, threat hunting and forensics, incident and change management

Jan 2021 - Jun 2021

6 months

Endpoint Security – Architecture and Policy Redesign for Symantec Endpoint Protection

Olympus

Planning and redesign of the Symantec Endpoint Protection infrastructure with over 10,000 Windows and Linux endpoints
Modeling and adjusting policies based on compliance requirements, and administering the endpoint security solution
Anti-malware protection, incident response, forensic analysis, and malware analysis
Lifecycle and patch management, as well as reporting
Collaboration with departments in 2nd and 3rd level support
Reviewing and adjusting SQL jobs and scripts

Oct 2020 - Dec 2020

3 months

System Administration Hyper-V Data Center, McAfee and Defender

Schmersal

Managing the existing Hyper-V data center and McAfee Endpoint Security with ePo
Infrastructure redesign for migrating the on-premise McAfee solution to Microsoft Defender
Planning strategy and implementation, including creating product comparison matrices
Conducting workshops to teach Defender Suite technology
Showing reduced attack surfaces by using the Microsoft Defender 365 suite
Securing Microsoft 365 services, configuring policies, and hardening systems
Skills: Hyper-V data center cluster administration, McAfee Endpoint Security management, endpoint migration strategy, Z-Scaler, Citrix, Microsoft Azure, Office 365

Jan 2016 - Dec 2024

9 years

Consultant

Sparkassen Finanz Informatik

Working on cybersecurity/defense, compliance, information security management, business continuity, cloud security, Azure Entra ID, IT service management, audits, regulations, license management, and product lifecycle
Planning and implementing a Microsoft Azure security architecture using a structured approach
Conducting a target vs. actual analysis of the existing security infrastructure in Azure based on Microsoft Cybersecurity Reference Architectures (MCRA)
Verifying identified entities like virtual machines, networks, storage resources, and users for security gaps
Designing and planning the Azure security architecture with Microsoft Defender (Network Security Groups, Azure Firewall, WAF, Zero Trust, Sentinel)
Projecting and implementing together with stakeholders like IT operations, DevOps teams, and the security department
Validating the security architecture through automated checks and manual penetration tests
Transitioning the security architecture into operations with continuous monitoring and reporting
Azure Entra ID identity and access management as well as Purview planning and management
Applying Data Loss Prevention classifications and activity monitoring
Purview insider and data protection risk management, and Microsoft 365 app governance with Microsoft Copilot for Security
Managing Exchange, SharePoint, and Teams security in the Microsoft 365 Admin Center
Detecting and analyzing attack vectors (IOC, IOA) and sandbox attack flow analysis
Administering the Qualys platform for vulnerability management and escalation for vulnerability mitigation
Technical preparation and support for security audits to meet regulatory compliance requirements
Creating reports, endpoint hardening, product lifecycle management, and incident, change, and problem management in ServiceNow
Creating operation manuals, technical and organizational documentation, and delivering presentations and workshops
Skills: Microsoft Azure, Microsoft Entra ID, identity and access management, Microsoft Purview, Data Loss Prevention, Intune, Microsoft Active Directory, Microsoft Defender, Microsoft Sentinel, Microsoft 365 App Security, Trellix ePolicy Orchestrator/Endpoint, EDR/XDR, Symantec Endpoint Security, BlueCoat Proxy, SQL scripting and query design, PowerShell scripting, patch and release management, Qualys vulnerability management, SOC, endpoint hardening, architecture design, consulting on regulatory and security requirements for the financial sector (DORA), ECB/TÜVSec audits, license, rights and policy management, privileged access management, Splunk SIEM, MITRE ATT&CK, BSI KRITIS, SecOps, BSI basic protection, NIS-2, BSI C5, ISO 27001, ISMS, IT service/business continuity management, ServiceNow incident, change and problem management

Dec 2014 - Sep 2020

5 years 10 months

Braunschweig, Germany

McAfee Enterprise Security Management

Volkswagen AG / Volkswagen Financial Services

Managing encryption and VS signatures on endpoints
Migrating McAfee ePo from version 4 to version 5
Evaluating MOVE AV and implementing it in Citrix VDI
Implementing and managing domain controller security with McAfee Change and Application Control
Administering and managing McAfee SIEM and SIEM reporting
Creating a product comparison matrix and evaluating antivirus products
Migrating from F-Secure and Symantec Endpoint Protection to McAfee
Evaluating Rapid7, Qualys, Nessus, and IBM SIEM
Gateway administration and creating technical documentation
Incident and escalation management as well as monitoring
Patch and release management of the infrastructure with Microsoft System Center
2nd and 3rd level support
Skills: McAfee ePolicy Orchestrator, VirusScan Enterprise, MOVE AV, McAfee Host Intrusion Prevention, Security for Microsoft Exchange/SharePoint, Change Control, Application Control, DLP, Encryption for Files and Folders, Device Control, SIEM, Vulnerability Manager, Global Threat Intelligence Proxy, Firewall Enterprise, Hyper-V, System Center, Server 2008-2012, SQL Server, Windows 7-10, Active Directory, IPsec, Qualys, Nexpose, Nessus, CyberArk, VMware, Citrix, Symantec Endpoint Protection, Sophos, TrendMicro, Kaspersky, IBM Security QRadar

Jan 2012 - Jul 2014

2 years 7 months

Hamburg, Germany

Backoffice and Enterprise Security

Wincor-Nixdorf

Central administration of McAfee ePolicy Orchestrator servers and the system infrastructure
API scripting, SQL scripting, and carrying out migrations and updates
Managing policies, tasks, antivirus, intrusion, firewall rules, and system encryption
IT emergency planning and management, and enforcing company policies
Successfully migrating McAfee ePolicy Orchestrator from 4.x to 5.x for a central antivirus management system
Replacing Symantec Endpoint Protection with McAfee VirusScan and McAfee Move AV on about 5,000 units
Evaluating and introducing McAfee Move Antivirus multi-platform to boost performance on virtualized systems by 30-50%
Consolidating database management into a scalable Microsoft SQL Server 2008 R2 cluster solution
Administering the SQL Server (ODBC, security, roles, maintenance plans) and monitoring performance with PowerShell
Conducting vulnerability analyses with McAfee Vulnerability Manager and incident response
Creating reports, test environments, product documentation, and knowledge bases
Skills: McAfee, Symantec, TrendMicro, SEP to McAfee migration, database and storage management, Oracle, DB2, MSSQL Server, SQL clustering, patch and release management, Wireshark, SiteAdvisor Enterprise, Installation Designer, SCCM

Jan 2011 - Dec 2012

2 years

Munich, Germany

2nd/3rd Level Support

Unisys Outsourcing

Technical and administrative support for the Bavarian judiciary and the state ministry
Preparation and execution of the migration from Windows XP/Office 2003 to Windows 7/Office 2010/Server 2008 R2
User and role management as well as maintenance of Group Policy Objects (GPO)
Client/server patch and release management
Monitoring network component availability using Nagios and Microsoft System Center
Incident management according to the BSI IT-Grundschutz handbook guidelines
File and print server administration, Exchange administration, and SQL database server administration
Involvement in design processes for virtualization solutions (VMware, Citrix)
Skills: user support, Citrix XenApp 6, terminal server administration, license management, group policies, permission management, application virtualization, System Center Operations and Configuration Manager, MS SQL Server, BSI IT-Grundschutz

Sep 2009 - Dec 2010

1 year 4 months

Coburg, Germany

Project administration and support for McAfee ePolicy Orchestrator 4.5

Brose Automotive

Central management of about 10,000 clients and 1,000 servers in the back office and production
Migration from McAfee ePolicy Orchestrator 3.x to 4.x including policies, tasks, and agents
Integration and customization of the ePO structure into the global Active Directory schema
Analysis and assessment of security incidents and issue resolution in the production environment
SIEM analysis with SOC and administration of SQL Server 2005/2008 (migration, scripting, backup)
Incident, change, and request management according to ITIL and technical support for international branches
Creation of documentation, reports, statistics, and conducting user training
Planning and implementation of a Windows Server 2008 R2 Hyper-V cluster with iSCSI storage connectivity
Skills: McAfee Agent, VirusScan, Host Intrusion Prevention, Endpoint Encryption, GroupShield, SiteAdvisor, SQL Server, Hyper-V cluster, iSCSI, Virtual Machine Manager

Jul 2009 - Aug 2009

2 months

St. Gallen, Switzerland

Project implementation of domain infrastructure migration from Windows Server 2000/2003 to Windows Server 2008, implementation

Server consolidation to VMware ESX 4.0 vSphere and staff training
Setting up domain controllers, terminal servers, and application servers
Provisioning of remote applications and migration of computer and user accounts
Implementation of print service provisioning and printer rollout via GPO
Management of Windows Server 2008 ADDS group policies and DFS/DFS-R shares
Implementation of a bidirectional trust between the old domain and the new domain
Integration of the Trend Micro OfficeScan server and client rollout
Implementation of a backup concept for HP tape library on CA Arcserve Backup 12.5
Providing first, second, and third level support as well as documentation

Jan 2009 - Jun 2009

6 months

Project CRM, Exchange, and Active Directory services

Regionally based companies

Building, administration, and handover of a support hotline with the vTiger CRM system
Training and coaching staff on SUSE Linux Enterprise Server 10
Extension of the Active Directory schema and group policy management on Windows Server 2003 R2 and 2008
Creation of a virtual Exchange Server 2007 infrastructure on VMware Infrastructure 3.5
Implementation of McAfee VirusScan 8.5 Enterprise and antivirus management with McAfee ePolicy Orchestrator 3.x

Jul 2008 - Dec 2008

6 months

Project merger of nationwide control center networks and data center infrastructure

Group4Securicor / Securitas

IT system technician in the central emergency call service control center during the merger
Integration of nationwide network segments (LAN, WAN, WLAN, FC) into the central data center architecture
Administration and management of active and passive network components
Process optimization in the office area and creation of a CMS wiki based on Drupal (PHP)
Migration and management of clients and servers from Windows 2000/XP to XP/Vista and Server 2008
Consolidation of the server infrastructure to VMware ESX Server 3.5 and ensuring failover capability
24x7 first, second, and third level support including on-call duty and ticket management (OTRS)
Monitoring the infrastructure using Nagios and GFI Network Server Monitor
Application delivery via Citrix Metaframe on Windows terminal server farms
Active network security monitoring with products from Symantec, McAfee, Trend Micro, SonicWall, and Cisco
Administration, reporting, and backup of MS SQL Server 2000/2005/2008 and Exchange servers

Feb 2005 - Jun 2008

3 years 5 months

Project planning, integration and management of IT infrastructure

Group4Securicor

Procurement and provisioning of hardware from leading vendors (Dell, HP, IBM, Cisco, SonicWall)
Plan and design the Active Directory infrastructure
Deploy the database infrastructure with MS SQL Server 2000 and 2005
Migrate clients and servers from Windows 2000 to Windows XP/Windows Server 2003 R2
Administer Terminal Services (MS-TS, Citrix Metaframe, ThinPrint)
Manage SQL Server administration including monitoring, reports, backups and security
Oversee backup tape libraries and administer Exchange servers
Monitor clients and servers with GFI NSS and Nagios
Implement and manage VMware Infrastructure

Jan 2004 - Jan 2005

1 year 1 month

Project setup of data center infrastructure

Group4Securicor

Set up a Windows Terminal Server and Citrix Metaframe server farm
Ensure printer driver compatibility and implement load balancing
Develop the domain concept and Active Directory structure
Migrate nationwide cash logistics centers to 32-bit management software
Document and archive according to ITIL guidelines
Administer firewalls and SonicWall VPN remote access
Build a Small Business Server 2003 environment including Exchange and Mobile Remote
Implement Microsoft Software Update Service (WSUS) for automatic updates
Perform network inventory with MOM and administer MS SQL 2000 database
Design backup strategy based on Arcserve 11 backup software

Apr 2003 - Dec 2003

9 months

IT documentation

Mehler Bau GmbH

System and network documentation in preparation for the ISO 9000 certification audit

Oct 2002 - Feb 2003

5 months

Meuselwitz, Germany

WLAN planning and installation

Stadtverwaltung Meuselwitz

Connect a branch office to the central network via wireless LAN
Verify and monitor security and performance

May 2002 - Aug 2002

4 months

Borna, Germany

School network infrastructure planning

Gymnasium Borna

Deploy and administer Linux servers
Manage firewalls and network security
Create network documentation and policy guidelines

Mar 1996 - Dec 2001

5 years 10 months

Administration/IT

TSG Stuttgart

Jan 1986 - Dec 1995

10 years

Administration/IT

TGB Peres

Jul 1984 - Dec 1985

1 year 6 months

Instrumentation and Control Technology

TGB G.-Dreieck

Summary

With many years of experience as a system administrator in Windows environments and in project management, I have strong assertiveness, stress resistance, social skills and communication with customers and employees.

Skills

Cloud Computing
Siem
Splunk
Iso 29001
Bsi Kritis
Bsi C5
Itsm
Bsi Standard
Bcm
Endpoint Security
Risk And Compliance Management

Operating Systems

Windows
Linux / Unix
Mac
Android

Hardware

Bus Systems
Printers
Embedded Systems
Measurement Devices
Microcontrollers
Siemens
Plotters
Proprietary Hardware
Scanners
Sensors
Single And Multi Cpu Systems
Control And Regulation Systems
Streamers
Video Systems
Alarm Management Systems
Ibm
Sonic Wall
3com
Hp
Cisco
Linksys
Diva Server
Adapters
Baystack
Dell
Avm
Mobile Devices
Microsoft

Programming Languages

Visual Basic
C++, C#
Java
Perl
Php
Html
Pl/sql
Sql
Shell

Databases

Ms Access
Ms Sql Server
Mysql
Oracle

Data Communication

Ethernet
Hdsl
Intranet
Isdn
Scsi
Iscsi
San
Nas
Das
Iso
Osi
Lan
Wlan
Wan
Mpls
Atm
Fc
Dlan
Ipx/spx
Rfc
Routing
Rpc
Rs232
Tcp/ip
Winsock
X.400
X.25
X.225
X.75

Knowledge

Administration Of Citrix Xenapp 6 (Managing And Centralizing Applications In The Datacenter, Installing And Configuring Citrix Xenapp 6 And Plugins On Windows Server 2008 R2, Using Administrative Consoles And Tools, Managing Resources, Policies, Servers, Server Farm Settings, Printers And Virtual Applications)
Windows Client And Server Operating Systems / All Products (Migration, Rollout, Distribution, Administration And Management)
Microsoft System Center Product Suite (Deployment, Planning And Management, Planning And Building Sites And Integrating Clients, Configuring Software Distribution, Operating System Deployment And Software Update Management, Using Remote Tools And Mobile Device Management, Planning And Configuring Site Hierarchy)
Incident And Change Management Systems
Bmc Remedy, Iet It-service Management, Assyst, Ars
Microsoft Office Suite (Migration, Document Management, Application Distribution, Security, Usability)
Microsoft Sharepoint Portal Server (Planning, Design, Integration And Management Of Intranet Sites)
Administration And Management Of Exchange Server Communication Infrastructure (Mailboxes, Transport, Connectors, Branch Offices, Owa, Windows Mobile Push, Policies)
Planning, Design, Implementation And Administration Of Microsoft Windows Active Directory Services Infrastructure (Organizational Structure, Group Policy, Rights Management, Server Management, Availability, Security)
Planning, Design, Implementation, Administration And Management Of Virtualized Infrastructures On Vmware Infrastructure Services And Vmware Esx/esxi Servers, Vmware Workstation And Vmware Server (Developing Virtualization Project Plans, Licensing, Requirements, Migrating Existing Systems, High Availability)
Database Administration Of Microsoft Sql Server And Ms Access (Design And Implementation, Access Projects With Sql Server, Performance And Monitoring, Tuning, Availability And Backup, Programming, Business Intelligence, Security, Recovery, Reporting, Administration)
Oracle Dbms Administration (Basic Knowledge)
Enterprise Security Management
Mcafee, Symantec, F-secure, Trendmicro, Microsoft
Administration Of Microsoft Terminal Server Farm With Citrix Metaframe Presentation Server And Thinprint
Administration Of Various Linux/unix Distributions (Debian, Redhat, Ubuntu, Suse, Bsd)
Administration Of Novell Netware (Basic Knowledge)
Administration And Management Of Suse Linux Enterprise Server (Samba, Apache, Mysql, Crm Vtiger, Cms Drupal)
Operator In 24/7 Support Hotline (User Support For Ms Office Applications, Technical Helpdesk For Hardware And External Customer Support, Printer Management, Active Directory Password And Rights Management, Ticket Management, On-call Duty)
Installation, Configuration And Management Of Vtiger Crm And Drupal Cms
Administration Of Gfi Faxmaker For Exchange And Smtp
Client Life Cycle Management (Clm) And Windows Server Update Services (Wsus) (Ms Systems Management Server, Microsoft Operations Manager)
Tape Library Management With Backup Solutions Arcserve And Backupexec
Facility Management (Monitoring And Management Of Emergency Power, Access Systems, Video Systems, Air Conditioning)
Design And Integration Of Vpn, Vlan And Radius Authentication Mechanisms With Windows Server (Sonicwall, Alliedtelesyn, Cisco, Lancom, Hp)
Building And Managing Network Infrastructures (Lan, Wan, Wlan, Dlan, Vpn, Vlan, Fibre Channel, San)
Administration Of Microsoft Internet Information Server
Implementation, Configuration And Management Of San, Das And Nas (Dell And Hp)
Administration Of Vds Certified Emergency Service Control Center Infrastructure (Nsl) And Cash Center
Planning And Implementation Of Organizational Policies For It Security, Data Protection And Compliance According To Bsi Gshb
Administration Of Alarm Management And Video Surveillance Systems
System Building For Special Applications, Hardware Service And Repair
System And Network Inventory, License Management, Documentation And Reporting
Hardware And Software Procurement, Purchasing
Knowledge Management For Wiki Knowledge Base And User Training