CEO

• Founder & Creator of a cutting-edge Governance, Risk & Compliance SaaS Solution.
• Developing and executing business development strategies to identify new opportunities and expand market presence.
• Providing Information Security Consulting Services specializing in Governance, Risk, and Compliance (GRC) topics such as Risk Management, ISO 27005, ISO 27001, NIS 2, DORA, PCI DSS, EU-GDPR, and more.

Past Projects:

• Kyndryl Austria GmbH: Delivered IAM blueprint, conducted risk assessments, developed transformation strategy and roadmap for client projects, and provided support in pre-sales activities to align solutions with client needs.
• Cashpoint Sportwetten GmbH: Conducted ISO 27001:2022 gap analysis, enhanced ISMS processes, updated security training, aligned with ISO 27001:2022 standards, and improved vulnerability management practices through regular assessments and remediation planning.
• Hornbach Baumarkt AG: Supported the CISO in achieving ISO 27001 compliance, implementing a secure software development lifecycle (SDLC), strengthening vulnerability management practices, and enhancing risk management frameworks.
• MHP Management- und IT-Beratung GmbH: Created and reviewed security concepts aligned with ISO 27001 standards.
• Stromnetz Berlin GmbH: Developed a comprehensive security concept based on ISO 27001 requirements.
• dmTech GmbH: Conducted IT security training for employees, fostering awareness and adherence to security best practices.
• Finanz Informatik GmbH: Managed PCI DSS-related tasks, including compliance assessments and control implementations.
• TIPS Messtechnik GmbH: Conducted NIS2 gap analysis, developed a comprehensive compliance roadmap, and provided supportive actions to address identified gaps and ensure alignment with regulatory requirements.

• Specializing in Software Engineering (Java, Python), Identity & Access Management, Cryptography, and Internet Security.

• Establishment and management of the Information Security Department.
• Maintenance of compliance with PCI DSS, ISO 27001, and GDPR standards.
• Development and enhancement of the ISMS, including risk assessments and mitigation (ISO 27005).
• Leadership of internal and external audits, ensuring alignment with regulatory requirements.
• Executed penetration tests, vulnerability scans, and security reviews (Nessus, Tenable, Qualys, nmap, Acunetix, Burp Suite, Kali Linux), enhancing vulnerability management and mitigation strategies.
• Delivered security training and workshops, including secure coding sessions for developers, to promote awareness and best practices.
• Management of IT security projects, vendor security assessments, and policy development.
• Development of incident response procedures and assurance of robust risk management.

IT & Mobile Security, Master of Science

Business Informatics, Bachelor of Science