Go to Website
  • en
  • de

Nils K.

Vulnerability Management and Secure SDLC

Lübeck, Germany

Experience

Oct 2023 - Present
2 years 3 months

Vulnerability Management and Secure SDLC

DB InfraGO AG

  • Successfully implemented vulnerability management with DefectDojo

  • Consulting and implementing technical and process aspects of vulnerability management with DefectDojo

  • Advising on implementation for a secure software development lifecycle

  • Skills:** Gitlab, DefectDojo, Vulnerability Management, SCA, SAST, DAST, Python, Kubernetes, ArgoCD, Docker, AWS, Azure, Whitesource/Mend, Greenbone

Aug 2023 - Present
2 years 5 months

Threat Modeling with STRIDE

Festo SE & Co. KG

  • Conducting threat and risk analyses (TARA) on industrial products

  • Advising customers in the threat modeling process

  • Performing STRIDE-based threat modeling using Microsoft Threat Modeling Tool

  • Skills:** STRIDE, TARA, MS Threat Modelling Tool

Aug 2023 - Apr 2024
9 months

Application Security Specialist

ITZBund

  • Consulting and reviewing developer teams on application security and secure coding in a large federal project

  • Promoting awareness of a DevSecOps culture, shift-left, and security-by-design principles

  • Implementing tools for a secure software development lifecycle

  • Skills:** AppSec, DevSecOps, SCA, OWASP ZAP, Tekton, Azure DevOps, OpenShift Advanced Cluster Security, OWASP Dependency-Track, Sonarqube

Feb 2023 - Present
2 years 11 months
Lübeck, Germany

Freelancer

SecuredBytes

  • Application security (AppSec) and DevSecOps
  • Secure software development lifecycle (Secure SDLC)
  • Security and cryptographic concepts
  • Cryptography engineering, PKI, and cryptographic protocols
Apr 2020 - Mar 2024
4 years
Lübeck, Germany

Lab for Secure Hardware and Software Development

Technische Hochschule Lübeck

  • Setting up a secure software development lifecycle using GitLab for students for hands-on testing and learning in software engineering

  • Implementing CI/CD pipelines with various security tools like SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing), and dependency scanners

  • Teaching threat modeling, risk assessments, and incident management in a hands-on course

  • Skills:** Gitlab, SCA, SAST, DAST, TARA, Incident Mangement

Apr 2020 - Mar 2024
4 years
Lübeck, Germany

Research Associate

Technische Hochschule Lübeck

  • Establishing and supporting a lab for secure hardware and software development
  • Teaching in cryptography, secure software development, IT security
  • Research and support for professors in IT security
Jan 2020 - Mar 2020
3 months
Lübeck, Germany

Developing a Proof of Concept for a Security Application Gateway for Industrial Machines

TRIOVEGA GmbH

  • Conceptualizing, defining requirements, and creating a proof of concept for a security application interface for industrial machines

  • Creating a security concept, developing the software and related tools, and organizing a penetration test for the proof of concept

  • Assessing feasibility and presenting results from the proof-of-concept case study

  • Skills:** Docker, Podman, embedded Systems, Bash, Rust, Python, Threat Modelling, Secure SDLC

Jan 2019 - Mar 2020
1 year 3 months
Lübeck, Germany

Introducing DevSecOps/AppSec Processes

TRIOVEGA GmbH

  • Setting up the IT security team in software development

  • Developing guidelines for internal and external software projects regarding the secure software development lifecycle (SSDLC)

  • Training and raising awareness for secure software development

  • Assessing and implementing a DevSecOps process and tools like SCA, SAST, DAST, threat modeling, etc.

  • Skills:** Gitlab, Secure SDLC, Project Management, Threat Modelling, SCA, Dependency-Track

Mar 2017 - Mar 2020
3 years 1 month
Lübeck, Germany

Application Security Engineer

TRIOVEGA GmbH

  • Setting up the IT security team in software development
  • Managing and planning projects in security-relevant system development
  • Assessing and introducing a DevSecOps process and tools
  • External consulting and assessment of system/software architectures for IT security
Oct 2015 - Dec 2018
3 years 3 months
Lübeck, Germany

Master of Science in Computer Science — IT Security and Reliability

Universität zu Lübeck

Oct 2012 - Nov 2015
3 years 2 months
Lübeck, Germany

Bachelor of Science in Computer Science — IT Security and Reliability

Universität zu Lübeck

Summary

I'm Nils, a dedicated freelancer specializing in AppSec and DevSecOps. My focus is on securing software and implementing robust security practices in software development.

Languages

German
Native
English
Advanced

Education

Oct 2015 - Dec 2018

Universität zu Lübeck

Master of Science · Computer Science, IT Security and Reliability · Lübeck, Germany

Oct 2012 - Nov 2015

Universität zu Lübeck

Bachelor of Science · Computer Science, IT Security and Reliability · Lübeck, Germany

Certifications & licenses

Teletrust Professional for Secure Software Engineering (T.P.S.S.E.)

TeleTrust e.V.

Teletrust Information Security Professional (T.I.S.P.)

TeleTrust e.V.

Need a freelancer? Find your match in seconds.
Try FRATCH GPT
More actions

Similar Freelancers

Discover other experts with similar qualifications and experience

Stanislaus S.

Security Consultant

View Profile
Valeri M.

DORA Readiness – Gap Analysis and Implementation for Banks

View Profile
Henryk O.

Security Consultant

View Profile
Manfred L.

Support for the Chief Security Officer (CSO) and Chief Information Security Officer (CISO)

View Profile
Guido S.

Business Analyst/Requirements Engineer

View Profile
Christian D.

Managing Director and Senior Consultant

View Profile
Matthias S.

Senior Consultant Security (freelance)

View Profile
Sascha L.

CEO

View Profile
Christian G.

DORA Implementation Project

View Profile
Nikolaus B.

ICT Risk Management and Information Security

View Profile
Jürgen F.

AR/VR/XR Architect

View Profile
Oliver F.

Senior IT Enterprise Security Architect | Bank Migration Project

View Profile
Ulrich C.

Java Architect/Developer – Freelancer

View Profile
Patrick B.

AML Officer

View Profile
Stephan H.

IT Security Consultant

View Profile
Alagi M.

Project Manager & IT Security Architect Logging & Monitoring for QRadar & Splunk, ISO 27001

View Profile
Werner K.

Test Coordinator, Designer and Engineer

View Profile
Dirk M.

Senior Program Manager & CISO | IT Transformation, Cybersecurity & GRC Leader

View Profile
Ali Y.

Principal Product Security Engineer

View Profile
Stefan B.

Senior Full Stack Developer / Co-Founder / CTO / Head of Development

View Profile
Martin W.

Security Auditor

View Profile
Dirk B.

Senior Software Developer

View Profile
Ales L.

Senior DevOps Consultant (Freelance)

View Profile
Thomas K.

Consultant/Coach ISO/SAE 21434 / UNECE R-155

View Profile
Jan M.

Proof-Of-Concept

View Profile
Samir S.

Project Manager in the Cybersecurity Department for 2 operational companies of the RWE Group

View Profile
Gilbert L.

Cyber Security Expert

View Profile
Steffen M.

Principal Consulting Partner - Freelancing

View Profile
Andreas S.

Lead Developer

View Profile
Björn B.

Auditor

View Profile
fratch Part of Bitkom logo
linkedIncrunchbaseyoutube
  • English
  • Deutsch

2025 © FRATCH.IO GmbH. All rights reserved.