Go to Website
  • en
  • de

Stephan S.

IT-Security Manager

Saarlouis, Germany

Experience

Jan 2024 - Dec 2025
2 years

IT-Security Manager

Large industrial group with multiple international locations

  • Planning and managing all projects related to IT security
  • Establishing a cyber security incident response procedure according to ISO/IEC 27035
  • NIS2 readiness: impact analysis, planning and implementation of NIS2 compliance
  • Management reporting based on KPIs
Jan 2024 - Dec 2025
2 years

GRC expert for firewall and vulnerability management in the PCI-DSS environment

Critical infrastructure service provider for finance and banking sector

  • Firewall policy management, ruleset optimization
  • Risk assessment and evaluation in vulnerability management according to CVSS
  • Monitoring and verifying compliance with PCI-DSS and ISO/IEC 27001
  • Extensive experience with the following products/vendors: Palo Alto FW, Check Point FW, Fortinet FW, F5 BigIP, QRadar, Tufin SecureTrack, Greenbone
Jan 2024 - Dec 2025
2 years
Germany

NIS2 consultant

Multiple clients across various industries

  • Impact analysis
  • Creating gap analyses and maturity models
  • Planning and implementing necessary measures to achieve NIS2 compliance
  • Supporting and leading the project as a subject matter expert
Jan 2022 - Dec 2025
4 years
Sweden

ISMS consultant ISO/IEC 27001

Multiple clients across various industries

  • Assisting clients in establishing an information security management system
  • Preparing gap analyses, maturity models, guidelines, policies, and documentation
  • Reviewing guidelines, security policies, processes, and reports
  • Supporting the initial certification process according to ISO/IEC 27001
Jan 2022 - Dec 2024
3 years

External information security officer and business continuity officer

Critical infrastructure telecommunication service provider for nationwide alerts

  • Establishing an ISMS according to ISO 27001 requirements
  • Initial ISO 27001 certification based on IT-Grundschutz
  • Establishing a business continuity management system according to BSI 200-4
  • Planning and selecting an additional data center location
  • NIS2 readiness: impact analysis, planning and implementation of NIS2 compliance
  • Regular IT security and awareness training for employees
  • Extensive experience with the following products/vendors: Palo Alto FW, Cisco ESA, WithSecure AV, KnowBe4, Tenable SC, Splunk, CIS Benchmarks, checkmk, verinice
Jan 2021 - Dec 2024
4 years
Luxembourg

External IT security administrator

German-speaking bank

  • Administering the security infrastructure, maintenance and upkeep
  • Administering firewall infrastructure, firewall policy management, ruleset optimization
  • Vulnerability management to identify and remediate security flaws
  • IDS and SIEM reporting
  • Monitoring and analyzing LAN traffic to detect anomalies and risks
  • Extensive experience with the following products/vendors: Forcepoint FW, Check Point FW, Fortinet FW, Cisco ESA, Clearswift ESG, SkyHigh WebGW, McAfee AV, Tufin SecureTrack, SentinelOne, Symantec DLP, Rapid7, QRadar
Jan 2021 - Dec 2022
2 years
Luxembourg

Building an IT infrastructure for building automation

Facility management provider

  • Rebuilding an IT infrastructure for EMA/BMA, video surveillance, time tracking, and control technology
  • Migrating services from the old infrastructure to the new architecture
  • Extensive experience with the following products/vendors: Fortinet FW, Cisco switches, Synology NAS, checkmk
Mar 2020 - Present
5 years 10 months
Saarlouis, Germany

Independent IT consultant and freelancer

IT consulting Stephan Selnerat

  • Information security
  • Cyber Security Incident Management
  • NIS2 consulting
  • Auditor for ISO/IEC 27001
  • Auditor for BSI IT-Grundschutz
  • Auditor for SWIFT CSP
  • Business Continuity
  • Data protection
Jan 2020 - Dec 2021
2 years
Luxembourg

External IT security and network administrator

International bank

  • Supporting the administration teams for IT infrastructure and security
  • Infrastructure downsizing and migration of IT systems and services to the parent company
  • Developing and implementing solutions to simplify the infrastructure
  • Evaluating and commissioning an NSPM solution (Tufin SecureTrack, AlgoSec)
  • Supporting the information security and business continuity officers
  • Extensive experience with the following products/vendors: Fortinet FW, Check Point FW, Cisco ESA, Clearswift ESG, SkyHigh WebGW, Greenbone, F5 BigIP, Cisco ASA, Sophos AV, Microsoft ePO, Cisco LAN/WAN, Rohde & Schwarz WAF, QRadar SIEM
Jan 2018 - Dec 2020
3 years
Contern, Luxembourg

Security Consultant

dartalis S.A.

  • IT project management
  • Developing IT security policies and processes
  • Technical and procedural vulnerability analyses
  • Security and risk assessments according to ISO 27001 and SWIFT CSP
  • Developing cyber security incident response policies and runbooks
  • Health checks of IT security infrastructures (gap analysis, evaluation, reporting)
  • Project coordination for data center relocations
Jan 2012 - Dec 2017
6 years
Luxembourg

Team leader ICT infrastructure

Unicredit Luxembourg S.A.

  • Building, operating, and enhancing the entire IT infrastructure
  • Establishing and expanding a high level of IT security and availability
  • Planning and executing all new build and migration IT projects
  • Establishing an ISMS according to ISO 27001
  • Developing, implementing, and reviewing IT policies
  • IT Governance, IT Risk Management, IT Compliance (GRC)
  • Business continuity management (BCM), disaster recovery procedures (DRP)
  • Supporting the information security and business continuity officers
Jan 2004 - Dec 2012
9 years
Luxembourg

Network and security administrator

Unicredit Luxembourg S.A. (formerly HVB Luxembourg S.A.)

  • Administering, monitoring, and enhancing overall IT security
  • Vulnerability and patch management
  • Conducting trainings "IPv4 advanced" and "Firewalling advanced"
Jan 2001 - Dec 2004
4 years
Hattersheim am Main, Germany

Network and security consultant

Systemberatung Axel Dunkel GmbH

  • Designing and building network infrastructures, firewalls, and IDS systems
  • Designing and building email and web security systems and reverse proxies
  • Designing and building encryption and authentication systems
  • Pre-sales and consulting for security projects
  • Conducting the training "Firewalling with WATCHGUARD"
  • Setting up and managing BGP routed peering AS8520 at DE-CIX
Jan 2000 - Dec 2001
2 years
Bexbach, Germany

Head of IT department and data protection officer

Syborg Informationssysteme GmbH

  • Planning and executing all new build and migration IT projects
  • Developing, implementing, and reviewing IT policies
  • Operating and enhancing the entire IT infrastructure and applications
  • Supporting client projects on network and firewall security
Jan 1998 - Dec 2000
3 years
Bexbach, Germany

Network and security administrator

Syborg Informationssysteme GmbH

  • Building, operating, and enhancing the network and security infrastructure
  • Supporting client projects on network and firewall security
  • Conducting the training "IPv4 advanced"

Languages

German
Native
English
Advanced
French
Intermediate

Education

Oct 1994 - Jun 1998

University of Applied Sciences HTWdS Saarbrücken

Practical computer science · Saarbrücken, Germany

Certifications & licenses

Business continuity manager (ISO 22301, BSI 200-4)

Data protection officer (GDPR, BDSG)

ISO/IEC 27001 Lead Auditor

IT Risk Manager (ISO 31000)

IT-Grundschutz practitioner and consultant (BSI 200-1/2/3)

IT security auditor (ISO 19011)

Information Security Manager (ISO 27001)

Lead Information Security Incident Manager (ISO 27035)

Need a freelancer? Find your match in seconds.
Try FRATCH GPT
More actions

Similar Freelancers

Discover other experts with similar qualifications and experience

Federico L.

ISO – Senior Consultant Quality & Information Security

View Profile
Manfred L.

Support for the Chief Security Officer (CSO) and Chief Information Security Officer (CISO)

View Profile
Christian D.

Managing Director and Senior Consultant

View Profile
Matthias S.

Senior Consultant Security (freelance)

View Profile
Maxim R.

Information Security Officer

View Profile
Oliver F.

Senior IT Enterprise Security Architect | Bank Migration Project

View Profile
Dirk M.

Senior Program Manager & CISO | IT Transformation, Cybersecurity & GRC Leader

View Profile
Valeri M.

DORA Readiness – Gap Analysis and Implementation for Banks

View Profile
Björn B.

Auditor

View Profile
Henryk O.

Security Consultant

View Profile
Markus W.

IT Security Consultant

View Profile
Christian G.

DORA Implementation Project

View Profile
David B.

Acting Partner

View Profile
Nikolaus B.

ICT Risk Management and Information Security

View Profile
Alagi M.

Project Manager & IT Security Architect Logging & Monitoring for QRadar & Splunk, ISO 27001

View Profile
Fabian F.

OT Security Champion Europe

View Profile
Volker J.

Interim CISO (Germany, Austria, US, APAC), Auditor

View Profile
Lucas L.

Consultant in Information Security, Data Protection and Business Continuity Management

View Profile
Thoralf T.

Consultant Digital Operational Resilience Act (DORA)

View Profile
Andreas K.

Lead Auditor, ICT

View Profile
Arnd F.

Interim Manager “Head of Risk Management and Audit”

View Profile
Gilbert L.

Cyber Security Expert

View Profile
Dirk B.

Senior Consultant

View Profile
Stephan H.

IT Security Consultant

View Profile
Christian H.

Lead Auditor

View Profile
Benno Z.

Freelance Data Protection Officer

View Profile
Sascha L.

CEO

View Profile
Jörg I.

external information security officer

View Profile
Daniel J.

Information Security Consultant

View Profile
Thomas U.

Senior Consultant / PM Infrastructure Services & Workplace Migration – Transport & Logistics, Passenger Transport

View Profile
fratch Part of Bitkom logo
linkedIncrunchbaseyoutube
  • English
  • Deutsch

2025 © FRATCH.IO GmbH. All rights reserved.