Stephan S.
IT-Security Manager
Experience
Jan 2024 - Dec 2025
2 yearsIT-Security Manager
Large industrial group with multiple international locations
- Planning and managing all projects related to IT security
- Establishing a cyber security incident response procedure according to ISO/IEC 27035
- NIS2 readiness: impact analysis, planning and implementation of NIS2 compliance
- Management reporting based on KPIs
Jan 2024 - Dec 2025
2 yearsGRC expert for firewall and vulnerability management in the PCI-DSS environment
Critical infrastructure service provider for finance and banking sector
- Firewall policy management, ruleset optimization
- Risk assessment and evaluation in vulnerability management according to CVSS
- Monitoring and verifying compliance with PCI-DSS and ISO/IEC 27001
- Extensive experience with the following products/vendors: Palo Alto FW, Check Point FW, Fortinet FW, F5 BigIP, QRadar, Tufin SecureTrack, Greenbone
Jan 2024 - Dec 2025
2 yearsGermany
NIS2 consultant
Multiple clients across various industries
- Impact analysis
- Creating gap analyses and maturity models
- Planning and implementing necessary measures to achieve NIS2 compliance
- Supporting and leading the project as a subject matter expert
Jan 2022 - Dec 2025
4 yearsSweden
ISMS consultant ISO/IEC 27001
Multiple clients across various industries
- Assisting clients in establishing an information security management system
- Preparing gap analyses, maturity models, guidelines, policies, and documentation
- Reviewing guidelines, security policies, processes, and reports
- Supporting the initial certification process according to ISO/IEC 27001
Jan 2022 - Dec 2024
3 yearsExternal information security officer and business continuity officer
Critical infrastructure telecommunication service provider for nationwide alerts
- Establishing an ISMS according to ISO 27001 requirements
- Initial ISO 27001 certification based on IT-Grundschutz
- Establishing a business continuity management system according to BSI 200-4
- Planning and selecting an additional data center location
- NIS2 readiness: impact analysis, planning and implementation of NIS2 compliance
- Regular IT security and awareness training for employees
- Extensive experience with the following products/vendors: Palo Alto FW, Cisco ESA, WithSecure AV, KnowBe4, Tenable SC, Splunk, CIS Benchmarks, checkmk, verinice
Jan 2021 - Dec 2024
4 yearsLuxembourg
External IT security administrator
German-speaking bank
- Administering the security infrastructure, maintenance and upkeep
- Administering firewall infrastructure, firewall policy management, ruleset optimization
- Vulnerability management to identify and remediate security flaws
- IDS and SIEM reporting
- Monitoring and analyzing LAN traffic to detect anomalies and risks
- Extensive experience with the following products/vendors: Forcepoint FW, Check Point FW, Fortinet FW, Cisco ESA, Clearswift ESG, SkyHigh WebGW, McAfee AV, Tufin SecureTrack, SentinelOne, Symantec DLP, Rapid7, QRadar
Jan 2021 - Dec 2022
2 yearsLuxembourg
Building an IT infrastructure for building automation
Facility management provider
- Rebuilding an IT infrastructure for EMA/BMA, video surveillance, time tracking, and control technology
- Migrating services from the old infrastructure to the new architecture
- Extensive experience with the following products/vendors: Fortinet FW, Cisco switches, Synology NAS, checkmk
Mar 2020 - Present
5 years 7 monthsSaarlouis, Germany
Independent IT consultant and freelancer
IT consulting Stephan Selnerat
- Information security
- Cyber Security Incident Management
- NIS2 consulting
- Auditor for ISO/IEC 27001
- Auditor for BSI IT-Grundschutz
- Auditor for SWIFT CSP
- Business Continuity
- Data protection
Jan 2020 - Dec 2021
2 yearsLuxembourg
External IT security and network administrator
International bank
- Supporting the administration teams for IT infrastructure and security
- Infrastructure downsizing and migration of IT systems and services to the parent company
- Developing and implementing solutions to simplify the infrastructure
- Evaluating and commissioning an NSPM solution (Tufin SecureTrack, AlgoSec)
- Supporting the information security and business continuity officers
- Extensive experience with the following products/vendors: Fortinet FW, Check Point FW, Cisco ESA, Clearswift ESG, SkyHigh WebGW, Greenbone, F5 BigIP, Cisco ASA, Sophos AV, Microsoft ePO, Cisco LAN/WAN, Rohde & Schwarz WAF, QRadar SIEM
Jan 2018 - Dec 2020
3 yearsContern, Luxembourg
Security Consultant
dartalis S.A.
- IT project management
- Developing IT security policies and processes
- Technical and procedural vulnerability analyses
- Security and risk assessments according to ISO 27001 and SWIFT CSP
- Developing cyber security incident response policies and runbooks
- Health checks of IT security infrastructures (gap analysis, evaluation, reporting)
- Project coordination for data center relocations
Jan 2012 - Dec 2017
6 yearsLuxembourg
Team leader ICT infrastructure
Unicredit Luxembourg S.A.
- Building, operating, and enhancing the entire IT infrastructure
- Establishing and expanding a high level of IT security and availability
- Planning and executing all new build and migration IT projects
- Establishing an ISMS according to ISO 27001
- Developing, implementing, and reviewing IT policies
- IT Governance, IT Risk Management, IT Compliance (GRC)
- Business continuity management (BCM), disaster recovery procedures (DRP)
- Supporting the information security and business continuity officers
Jan 2004 - Dec 2012
9 yearsLuxembourg
Network and security administrator
Unicredit Luxembourg S.A. (formerly HVB Luxembourg S.A.)
- Administering, monitoring, and enhancing overall IT security
- Vulnerability and patch management
- Conducting trainings "IPv4 advanced" and "Firewalling advanced"
Jan 2001 - Dec 2004
4 yearsHattersheim am Main, Germany
Network and security consultant
Systemberatung Axel Dunkel GmbH
- Designing and building network infrastructures, firewalls, and IDS systems
- Designing and building email and web security systems and reverse proxies
- Designing and building encryption and authentication systems
- Pre-sales and consulting for security projects
- Conducting the training "Firewalling with WATCHGUARD"
- Setting up and managing BGP routed peering AS8520 at DE-CIX
Jan 2000 - Dec 2001
2 yearsBexbach, Germany
Head of IT department and data protection officer
Syborg Informationssysteme GmbH
- Planning and executing all new build and migration IT projects
- Developing, implementing, and reviewing IT policies
- Operating and enhancing the entire IT infrastructure and applications
- Supporting client projects on network and firewall security
Jan 1998 - Dec 2000
3 yearsBexbach, Germany
Network and security administrator
Syborg Informationssysteme GmbH
- Building, operating, and enhancing the network and security infrastructure
- Supporting client projects on network and firewall security
- Conducting the training "IPv4 advanced"
Languages
German
NativeEnglish
AdvancedFrench
IntermediateEducation
Oct 1994 - Jun 1998
University of Applied Sciences HTWdS Saarbrücken
Practical computer science · Saarbrücken, Germany
Certifications & licenses
Business continuity manager (ISO 22301, BSI 200-4)
Data protection officer (GDPR, BDSG)
ISO/IEC 27001 Lead Auditor
IT Risk Manager (ISO 31000)
IT-Grundschutz practitioner and consultant (BSI 200-1/2/3)
IT security auditor (ISO 19011)
Information Security Manager (ISO 27001)
Lead Information Security Incident Manager (ISO 27035)
Need a freelancer? Find your match in seconds.
Try FRATCH GPT More actions
Similar Freelancers
Discover other experts with similar qualifications and experience
- English
- Deutsch
2025 © FRATCH.IO GmbH. All rights reserved.