Sergey Komarov - Director Group Cybersecurity

Stuttgart, Germany

Experience

Jan 2024 - Present

2 years 1 month

Germany

Establishing cybersecurity as a strategic business enabler
Implementing IAGM, SOC, SIEM, PAM, EDR, Cloudflare Zero Trust (ZTNA, CASB, DLP), including concepts, tool or service selection, procurement and operations
Developing and implementing the cloud security strategy (Azure, AWS, GCP) under regulatory requirements (DORA, NIST, ISO 27001) and zero trust architecture
Operating cyber security services: vulnerability management, pentesting, red/blue teaming, encryption, cloud security monitoring, PAM, hardening hybrid IT systems
Defining and implementing the cyber security framework & roadmap (on-prem, cloud, hybrid)
Building automated processes to increase efficiency (>30%) and audit readiness according to §44 KWG
Efficiency gains: cost reductions (–15%) through service, provider and license optimization
KPI/KRI dashboards for top management reporting
Chairing the Cyber Security Steering Board, coordinating local CISOs, 'Security by Design' in agile projects, including AI-based solutions

Jan 2021 - Dec 2024

4 years

Germany

Introducing the IT framework for the first line of defense
Implementing SOC, SIEM, pentests, vulnerability management (on-prem & Azure Cloud), including concepts, tool or service selection, procurement and operations
Establishing IT service continuity management processes
Building and leading the cyber security operations, ensuring regulatory compliance (BAIT, ZAIT)
Automated KPI-based application security reporting
Introducing DevSecOps methods
Security for AI-based internal portals
Leading cross-functional teams

Jan 2015 - Dec 2021

7 years

Germany

Jan 2008 - Dec 2015

8 years

Russian Federation

Developing processes and taking responsibility for IT governance, ITSM, EAM, and service delivery
Implementing SAP security (SoD, SSO)
Implementing a custom IAGM system (requirements, development, operations)
Leading security architecture and infrastructure projects
Training in IT security & project management
Project to improve information security (ISO 27002)
Setting up IT for three new joint venture companies

Jan 2006 - Dec 2008

3 years

Russian Federation

Leading IT strategy, planning, budgeting, contract management, and team leadership
Executing the Chrysler carve-out: building the IT infrastructure and application environment for Chrysler Russia and migrating users and data
IT infrastructure projects: setting up IT infrastructure for new sites, establishing an in-house data center, including BCM/ITSCM framework
Developing application landscapes and IT governance for new joint ventures Daimler/KAMAZ and Daimler/GAZ

Jan 2004 - Dec 2006

3 years

Russian Federation

Remote

Jan 2002 - Dec 2004

3 years

Russian Federation

Managing IT operations at a single site
Migrating NT4.0 to Windows 2000, Novell to Active Directory
Building the IT infrastructure (including data center) at the company's new central location: MB Plaza Moscow