Patrick G. - Information Security Manager

Kandel, Germany

Experience

Apr 2024 - Dec 2024

9 months

Responsible for computer software validation (CSV) of the IT infrastructure
Supported the operation and maintenance of the Integrated Management System (IMS)
Served as interim Information Security Officer (ISMR) for two companies in the medical technology sector
Ensured ISO 27001 compliance within the organization
Contributed to the implementation of cybersecurity requirements for health software and connected medical devices according to ISO 81001-1

May 2022 - Present

3 years 5 months

Performed IT security audits according to the KBV IT security guideline
Documented and evaluated security measures against the minimum requirements for IT systems in healthcare
Advised on cybersecurity in healthcare, particularly regarding sensitive patient data and data protection requirements

May 2021 - Present

4 years 5 months

Worked as an Information Security Architect for several large international companies, responsible for developing and evaluating security-critical architectures and supporting complex IT projects
Acted as an Information Security Architect in security-critical projects, including developing and evaluating security architectures in regulated environments
Used C4 models for structured architecture visualization and as a basis for risk analysis, threat modeling and security reviews
Conducted threat modeling and created security-relevant documentation, including support for compliance requirements

Oct 2019 - May 2021

1 year 8 months

Conducted complex penetration tests from both external and internal perspectives
Performed technical audits of existing security measures
Analyzed and optimized security processes
Developed monitoring and incident response strategies

solution-oriented and at the same time empathetic team and leadership skills
pronounced independent and goal-oriented way of working
strong analytical skills and mental flexibility
entrepreneurial and economic thinking, planning and acting
loyal and authentic behavior
reflective, open and receptive to criticism
Extensive experience in designing and evaluating security architectures in the regulated MedTech environment
Deep knowledge in risk management, threat modeling and deriving technical protective measures
Development of proven incident response and security operations concepts according to ISO 27001, NIST, FDA
Implementation and documentation of security requirements across the entire product lifecycle
Focus on compliance-driven security architectures according to MDR, FDA and SOP guidelines