FRATCH
Go to website Request project

Pierre Gronau

IT Security and IT Compliance Consultant

Pierre Gronau
 Cologne, Germany

Experience

Sep 2023 - Oct 2023
2 months
Frankfurt, Germany

IT Security and IT Compliance Consultant

OYAK Bank

  • Securing Azure
  • Review of IT security policies
  • BAIT compliance
Sep 2023 - Sep 2023
1 month
Frankfurt, Germany

IT Security and IT Compliance Consultant

Pictet Group

  • Review of IT security policies
  • BAIT compliance
Apr 2023 - Dec 2025
1 year 9 months
Wiesbaden, Germany

IT Security and IT Compliance Consultant

Stadtwerke Wiesbaden ESWE

  • Conduct Should - Is Comparison NIS-2
  • Conceptioning Data Center Design for a Critical Infrastructure
  • Automation of an Active Directory Tier 0 environment
  • Hardening of Windows with Ansible Roles
  • Hardening of Linux with Ansible Roles
  • Hardening of Microsoft 365
  • Hardening of Microsoft Azure
  • Active Directory hardening
  • Automation with bash, Ansible and Terraform
  • Automated control of the hardening with tools: PingCastle, Rusthound, Bloodhound, Microsoft ARI, Scoutsuite, Monkey365, Prowler, Scuba gear
  • Vulnerability Scanning
  • Penetration Tests
  • Automating of Tier 0 hardened Active Directory environments
  • Build a VMware vSphere 8 environment
  • Build Linux Server like Debian Linux and Oracle Linux
  • Build Windows Server like Windows NT, Windows 2008, Windows 2012R2, Windows 2016, Windows 2019, Windows 2022
  • Migration of IVU Server
  • Carve out of an existing Active Directory to a new Tier0 Active Directory
  • Hardening of the VMware vSphere 8 environment
  • Conceptioning of an encryption solution for Microsoft 365 with eperi
Apr 2023 - May 2023
2 months
Munich, Germany

IT Security and IT Compliance Consultant

MONTANA Energie Handel

  • Conducting Audit for two VMware Environments with HPe Omnistack SAN
  • Automation with bash, PowerShell, PowerCLI, Ansible and Terraform
  • Vulnerability Scanning
  • Penetration Tests
Feb 2023 - May 2023
4 months
United States

Incident Response Team Member

MKS Instruments

  • Recreating VMware ESXi and Hyper-V landscape as part of the incident response team after a successful ransomware attack
  • Automating CIS hardened Windows 10 and Windows 11 analyst VMs on AWS with Pulumi, Terraform, Ansible and PowerShell
Jan 2022 - Dec 2025
2 years
Nuremberg, Germany

Information Security Consultant

Federal Office for Migration and Refugees

  • Conduct an Audit for Container Security (Peer Review)
  • Role-based access control (RBAC)
  • IT Compliance Reviews against BSI Basic Protection
  • Conduct Should - Is Comparison NIS-2
  • Secure OpenShift usage
  • Automation with bash, PowerShell, PowerCLI, Ansible and Terraform
  • Define CI/CD pipelines for automation
  • Optimize and automate CI/CD pipelines automation
  • Integration of Static Code Analysis Tools within the CI/CD pipelines
  • Vulnerability Scanning
  • Introduction and implementation of Software Bill of Materials (SBOM)
  • Introduction and implementation of Software Composition Analysis (SCA)
  • Penetration Tests
  • Consulting for an IPv6 implementation project
  • Consulting in the area of VS-NfD IT environments
  • Creating Security Policies for: Patch Management, Vulnerability Management, Log Management, TLS, ssh, Logging, Secure Software Development, Directory Service, Backup and Restore, Backup and Restore - Evidence
  • Creating auditd rules for specific applications and services
  • Malware Analysis for Symantec Protection and ClamAV
Nov 2022 - May 2023
7 months
Tuttlingen, Germany

Cloud Computing Audit Consultant

KARL STORZ

  • Conduct an Audit against CIS Benchmark for Microsoft Azure and VMware on premise
  • Perform Azure Architecture Reviews
  • IT Security Reviews
  • Vulnerability Scanning
  • Penetration Tests
  • Introduction and implementation of Software Bill of Materials (SBOM)
  • Introduction and implementation of Software Composition Analysis (SCA)
  • Creating auditd rules for specific applications and services
  • Creating concept of anonymization of pictures and videos
  • Creating a Security Policy for Patch Management
Jul 2022 - Nov 2022
5 months
Cologne, Germany

Container Security Consultant

City of Cologne

  • Conduct an Audit for Container Security (Peer Review)
  • Role-based access control (RBAC)
  • IT Compliance Reviews against BSI Basic Protection
  • Vulnerability Scanning
  • Penetration Tests
  • IT Security for Keycloak (hardening)
  • Secure Kubernetes usage
  • Define CI/CD pipelines for automation
  • Optimize and automate CI/CD pipelines automation
  • Introduction and implementation of Software Bill of Materials (SBOM)
  • Integration of Static Code Analysis Tools within the CI/CD pipelines
  • Secure VMware Tanzu
Feb 2022 - Mar 2023
1 year 2 months
Stockholm, Sweden

Cloud Computing Audit Consultant

H&M

  • Conduct an Audit against the Customer Best Practices for Microsoft Azure (Peer Review)
  • Perform Azure Architecture Reviews
  • IT Security Reviews
  • Vulnerability Scanning
  • Penetration Tests
  • IT Compliance Reviews
  • Define CI/CD pipelines for automation
  • Automation with bash, Ansible and Terraform
  • Optimize and automate CI/CD pipelines automation
  • Introduction and implementation of Software Bill of Materials (SBOM)
  • Introduction and implementation of Software Composition Analysis (SCA)
  • Integration of Static Code Analysis Tools within the CI/CD pipelines
Aug 2021 - Dec 2021
5 months
Walldorf, Germany

VMware Architecture Consultant

SAP

  • VMware Architecture Review
  • VMware Outside In View (Peer Review)
Aug 2021 - Nov 2021
4 months
Germany

KAIT Consultant

Universal Investment

  • Conduct KAIT BaFin audit preparation
  • Conduct reviews about technical documentation and policies
  • KAIT Compliance, especially Outsourcing of IT services and other service relationships
  • Analyze IAM, PAM, PAM regarding corporate compliance and missing implementation of required controls
  • Draft and definition of Low Level design to mitigate audit issues
  • Development of a running programme structure for full automation solution
  • High Level Design for Compliance as a code
  • Analysis of the existing IAM integration
  • Creation of guidelines for actions to the extended board of directors
Jul 2021 - Feb 2022
8 months
Saudi Arabia

IT Security and IT Compliance Consultant

SABIC

  • IT Security Audit
  • IT Compliance
  • Industry
  • Industrial Internet of Things (IIoT)
  • Distributed Control System (DCS)
  • Supervisory Control and Data Acquisition (SCADA)
  • Vulnerability Management as a Service (VMaaS)
  • Vulnerability Scanning
  • Penetration Tests
  • RBAC review
  • Root Cause Analysis with e.g., Wireshark, TCP dump, Ettercap
  • Automation with bash, PowerShell, PowerCLI, Ansible and Terraform
  • Creating Security Policies for: Patch Management, Internet of Things, Backup and Restore, Backup and Restore - Evidence
Jul 2021 - Dec 2021
6 months
Germany

IT Security and IT Compliance Consultant

MANN + HUMMEL

  • Workflow Design for Alert Handling in Office 365
  • IT data protection under Office 2016 according to GDPR
  • SOC Third Level support
  • Designing Decision Paper for Stakeholder like IT Security, Data protection
  • Creating a Security Policy for Office 365
May 2021 - Dec 2021
8 months
Germany

Cloud Computing and IT Security Consultant

Debeka

  • IT Architecture for Kubernetes
  • IT Security for Kubernetes and CI/CD pipelines
  • IT Architecture Service Mesh with Istio on Kubernetes
  • IT Documentation as a Code
  • IT Architecture for VMware based on VMware Cloud Foundation
  • Role-based access control (RBAC)
  • Firewall
  • Load Balancer
  • Logical separation of networks with special consideration of BAIT and VAIT
Nov 2020 - Jul 2021
9 months
Bonn, Germany

Cloud Computing and IT Security Consultant

BWI GmbH

  • IT Security Architecture for VMware Cloud Foundation
  • IT Security Architecture for VMware NSX-T
  • Consulting in the area of VS-NfD IT environments
  • Automation with bash, PowerShell, PowerCLI, Ansible and Terraform
  • Build Linux Server like Red Hat Linux
  • Build Windows Server like Windows NT, Windows 2016, Windows 2019, Windows 2022
  • Threat Modeling
Jul 2020 - Dec 2021
1 year 6 months
Stockholm, Sweden

Cloud Computing and IT Security Consultant

Vattenfall AB

  • IT Architecture for Kubernetes
  • IT Security for Kubernetes and CI/CD pipelines
  • IT Architecture Service Mesh with Istio on Kubernetes
  • IT Documentation as a Code
  • IT Compliance as a Code
  • Microsoft Azure
  • ISO 17789, 27001, KRITIS/NSI, AtomG Compliance
  • Threat Modeling
  • Build Linux and Windows Servers
  • Linux, Kubernetes and Istio hardening
  • Vulnerability Scanning and Penetration Tests
  • Automation with bash, PowerShell, PowerCLI, Ansible and Terraform
  • Static Application Security Testing
  • CI/CD pipeline optimization
  • Comparison between VMware Tanzu and Kubernetes
  • Creating Security Policies for: Patch Management, IoT, Backup/Restore, Containers, DHCP/DNS, IPv4/IPv6
Jul 2020 - Jun 2021
1 year
Germany

Cloud Computing and IT Security Consultant

HUK Coburg

  • Cloud Computing IT strategy
  • Security Audit for Cloud Computing
  • VAIT BaFin audit preparation
  • VAIT and BAIT Compliance
  • EIOPA Guidelines on cloud service providers
  • ISO 17789 and 27001 Compliance
  • Threat Modeling
  • Vulnerability Management
  • Patch Management
  • IT Spin-off directive according to VAIT and BAIT
  • IDW PS 860 and IDW PH 9.860.2

Summary

My strengths for critical infrastructure and regulated sectors such as banking (e.g. ING-DiBa, Deutsche Wertpapier Service Bank AG) and insurance (like ERGO, HUK Coburg and Hannover Rückversicherungs AG) include: - IT Security and IT Compliance: I have extensive experience in designing and implementing IT security policies and measures for various critical infrastructures. I have created security policies for patch management, vulnerability management, log management, TLS, and backup/restore. I also have experience with auditing and implementing IT compliance policies such as BSI Grundschutz, BaFin (BAIT, VAIT and KAIT), ISO 27001 and GDPR. - Cloud Computing: I have extensive expertise in cloud computing and have designed and implemented cloud architectures for various platforms such as Microsoft Azure, Amazon AWS and IBM Cloud. I have considered security measures for cloud infrastructures such as Role-based Access Control (RBAC), firewall configuration, and load balancing. - Incident Response and Recovery: I implemented effective incident response strategies and recovered systems such as VMware ESXi, and Hyper-V after successful ransomware attacks. - Container Security: I conducted audits for container security and developed hardening concepts to safely use Docker and Kubernetes. - Automation and CI/CD pipelines: I defined, optimized and automated CI/CD pipelines to ensure efficient and secure application deployment. In the process, I also integrated security tools into the CI/CD pipelines to perform static code analysis. - Industrial Internet of Things (IIoT) and SCADA: I have created security concepts for IIoT and SCADA environments and have experience with the specific security requirements of such critical infrastructures. - Experience in a variety of companies and industries: I have worked with a variety of companies including utilities, banks, insurance companies, manufacturers, and IT service providers, giving me a broad understanding of the various requirements and challenges in regulated sectors. Overall, I have a wealth of knowledge in IT security, cloud computing, automation, and compliance that is valuable to critical infrastructure and regulated sectors. My experience and expertise enable me to develop and implement effective security policies and measures to ensure at least the integrity, availability, and confidentiality of systems in such environments.

Languages

German
Native
English
Intermediate

Education

Jan 2004 - Dec 2005

IHK

Security · Germany

Jan 2004 - Dec 2005

IHK

Security Coordinator · Germany

Jan 2003 - Dec 2004

SUN

Solaris System Administration II · United States

Certifications & licenses

VMware NSX-T 3.0 Install, Configure and Manage

VMware VSP Foundation

VMware VTSP Foundation

VMware NSX 6.2 Install, Configure and Manage

Certified Scrum Master

Scrum Alliance

Microsoft Certified Solution Associate Windows Server 2012

Microsoft Certified Solution Expert Desktop Infrastructure

VCP410-DT: VMware Certified Professional 4 - Desktop

VCP510-DT: VMware Certified Professional 5 - Desktop

VMware Accreditation: vCenter Configuration Manager 5

VMware Accreditation: vCenter Operations Manager 5

VMware Certified Professional - Cloud

VMware Certified Professional on vSphere 5

VMware vCloud: Design Best Practices - BETA

CompTIA Network+

CompTIA Security+

CompTIA Server+

VMware vSphere 4 Troubleshooting

Microsoft Certified IT Professional Enterprise Administrator

Microsoft Certified Systems Administrator

Microsoft Certified Systems Engineer

PRINCE2 Foundation

Certified PlateSpin Analyst

VMware Certified Professional (VCP3) VI3

VMware Certified Professional VI3

Foundation Certificate in IT Service Management

ITIL

Check Point Certified Security Administrator

Check Point Certified Security Expert

Certified Novell Engineer

Novell

Certified Novell NetWare Instructor

Novell

Certified Novell System Administration

Novell

Master Certified Novell Engineer

Novell

Master Certified Novell Instructor

Novell

Microsoft Certified Professional of Exchange 5.5

Similar Freelancers

Verified Expert
Valeri Milke

Senior IT Security & Compliance CISO ISO 27001 TISAX NIS2 DORA AI Act CRA BSI IT-Grundschutz Penetration Testing ISMS BCM

View Profile
Verified Expert
Christian Fritsch

IT-Komplettlösungen

View Profile
Verified Expert
Alagi Mansaray

Project Manager & IT Security Architect

View Profile
Verified Expert
David Bleyer

Koordinator Für Datenschutz, Sicherheit Und IT-Sicherheit, BSI Grundschutz Praktiker, FIAE

View Profile
Verified Expert
Nikolaus Betzler

Cyber Security Consultant

View Profile
Verified Expert
Markus Willems

ISMS Implementation Consultant

View Profile
Verified Expert
Stefan Radushev

Cyber Security Consultant

View Profile
Verified Expert
Matthias Steinmann

ISO/IEC 27001 Lead Auditor, CEH, PMP, Datenschutz

View Profile
Verified Expert
Samir Soliman

Senior Projekt Manager & Cybersecurity Consultant

View Profile
Verified Expert
Christian Heutger

Lead Auditor

View Profile
Verified Expert
Ali Yazdani

Principal Product Security Engineer

View Profile
Verified Expert
Dirk Behringer

Senior IT Consultant

View Profile
Verified Expert
Björn Bausch

External Data Protection Officer, Project Manager EU-GDPR

View Profile
Verified Expert
Mark Offer

Intune, Dynamics, Ivanti Mobile Iron Consultant

View Profile
Verified Expert
Thomas Bössl

Consultant

View Profile
English
Website Projects Sign in Sign up Imprint Terms and Conditions Privacy Policy
Powered by FRATCH.IO GmbH