Stephan Selnerat - IT-Security Manager

Q: Where is Stephan based?

Stephan is based in Saarlouis, Germany and prefers 100% remote projects.

Q: What languages does Stephan speak?

Stephan speaks the following languages: German (Native), English (Advanced), French (Intermediate) .

Q: How many years of experience does Stephan have?

Stephan has at least 28 years of experience. During this time, Stephan has worked in at least 14 different roles and for 13 different companies . The average length of individual experience is 1 year and 10 months . Note that Stephan may not have shared all experience and actually has more experience.

Q: What is Stephan's latest experience?

Stephan's most recent position is IT-Security Manager at Large industrial corporation with multiple international locations .

Q: What companies has Stephan worked for in recent years?

In recent years, Stephan has worked for Large industrial corporation with multiple international locations , KRITIS service provider for the finance and banking sector , Multiple clients from various industries in Germany , Multiple clients from various industries in the D-A-CH region, Benelux, and Scandinavia , and KRITIS telecommunications service provider for nationwide alerts .

Q: Which industries is Stephan most experienced in?

Stephan is most experienced in industries like Banking and Finance , Information Technology (IT) , and Professional Services . Stephan also has some experience in Telecommunication and Manufacturing .

Q: Which business areas is Stephan most experienced in?

Stephan is most experienced in business areas like Information Technology (IT) , Project Management , and Audit . Stephan also has some experience in Quality Assurance (QA) and Operations .

Q: Which industries has Stephan worked in recently?

Stephan has recently worked in industries like Banking and Finance , Professional Services , and Information Technology (IT) .

Q: Which business areas has Stephan worked in recently?

Stephan has recently worked in business areas like Information Technology (IT) , Audit , and Quality Assurance (QA) .

Recommended expert

Saarlouis, Germany

Experience

Jan 2024 - Dec 2025

2 years

IT-Security Manager

Large industrial corporation with multiple international locations

Planning and managing all projects in the context of IT security
Establishing a Cyber Security Incident Response procedure according to ISO/IEC 27035
NIS2 readiness: impact analysis, planning and implementation of NIS2 compliance
Management reporting based on KPIs

Jan 2024 - Dec 2025

2 years

GRC expert for firewall and vulnerability management in the context of PCI-DSS

KRITIS service provider for the finance and banking sector

Firewall policy management, ruleset optimization
Risk assessment and evaluation as part of vulnerability management using CVSS
Monitoring and verifying compliance with PCI-DSS and ISO/IEC 27001
Extensive experience with the following products/vendors: PaloAlto FW, CheckPoint FW, Fortinet FW, F5 BigIP, QRadar, Tufin SecureTrack, Greenbone

Jan 2024 - Dec 2025

2 years

NIS2 consultant

Multiple clients from various industries in Germany

Impact analysis
Preparation of gap analyses and maturity models
Planning and implementation of necessary measures to achieve NIS2 compliance
Supporting and steering the project as a subject matter expert

Jan 2022 - Dec 2025

4 years

ISMS consultant ISO/IEC 27001

Multiple clients from various industries in the D-A-CH region, Benelux, and Scandinavia

Assisting clients in establishing an information security management system
Preparation of gap analyses, maturity models, guidelines, policies, documentation
Reviewing guidelines, security policies, processes, and reports
Supporting the initial certification process according to ISO/IEC 27001

Jan 2022 - Dec 2024

3 years

External information security officer and business continuity officer

KRITIS telecommunications service provider for nationwide alerts

Establishing an ISMS based on the requirements of ISO 27001
Initial certification according to ISO 27001 based on IT baseline protection
Establishing a business continuity management system according to BSI 200-4
Planning and selecting an additional data center location
NIS2 readiness: impact analysis, planning and implementation of NIS2 compliance
Regular IT security and awareness training for employees
Extensive experience with the following products/vendors: PaloAlto FW, Cisco ESA, WithSecure AV, KnowBe4, Tennable SC, Splunk, CIS Benchmarks, checkmk, verinice

Jan 2021 - Dec 2024

4 years

External IT Security Administrator

German-speaking bank in Luxembourg

Administration of security infrastructure, maintenance, and upkeep
Administration of the firewall infrastructure, firewall policy management, ruleset optimization
Vulnerability management to detect and fix security gaps
IDS and SIEM reporting
Monitoring and analysis of LAN traffic to detect anomalies and risks
Extensive experience with the following products/vendors: Forcepoint FW, CheckPoint FW, Fortinet FW, Cisco ESA, Clearswift ESG, SkyHigh WebGW, McAfee AV, Tufin SecureTrack, SentinelOne, Symantec DLP, Rapid7, QRadar

Jan 2021 - Dec 2022

2 years

Setting up IT infrastructure for building systems

Facility management provider in Luxembourg

Setting up a new IT infrastructure for fire and intrusion alarm systems (EMA/BMA), video surveillance, time tracking, and building control systems
Migrating services from the old infrastructure to the new architecture
Extensive experience with the following products/vendors: Fortinet FW, Cisco switches, Synology NAS, checkmk

Mar 2020 - Present

6 years

Independent IT Consultant and Freelancer

Stephan Selnerat IT Consulting

Information security
Cyber security incident management
NIS2 consulting
Auditor for ISO/IEC 27001, BSI IT baseline protection, SWIFT CSP
Business continuity
Data protection

Jan 2020 - Dec 2021

2 years

External IT Security and Network Administrator

International bank in Luxembourg

Supporting the IT infrastructure and security admin teams
Infrastructure downsizing and migration of IT systems and services to the parent company
Developing and implementing solutions to simplify the infrastructure
Evaluating and deploying an NSPM solution (Tufin SecureTrack, AlgoSec)
Supporting the information security and business continuity officers
Extensive experience with the following products/vendors: Fortinet FW, CheckPoint FW, Cisco ESA, Clearswift ESG, SkyHigh WebGW, Greenbone, F5 BigIP, Cisco ASA, Sophos AV, Microsoft ePO, Cisco LAN/WAN, Rohde & Schwarz WAF, QRadar SIEM

Jan 2018 - Dec 2020

3 years

Contern, Luxembourg

Security Consultant

dartalis S.A.

IT project management
Drafting IT security policies and processes
Technical and procedural vulnerability analyses
Security and risk assessments according to ISO 27001 and SWIFT CSP
Drafting cyber security incident response policies and runbooks
Health checks of IT security infrastructures (gap analysis, assessment, reporting)
Project coordination for data center relocations

Jan 2012 - Dec 2017

6 years

Luxembourg

Team Leader ICT Infrastructure

Unicredit Luxembourg S.A.

Setup, operation and further development of the entire IT infrastructure
Establishing and expanding a high level of IT security and availability
Planning and execution of all new IT installation and relocation projects
Setting up an ISMS according to ISO 27001
Developing, implementing and reviewing IT policies
IT governance, IT risk management, IT compliance (GRC)
Business continuity management (BCM), disaster recovery procedures (DRP)
Support for information security and business continuity officers

Jan 2004 - Dec 2012

9 years

Luxembourg

Network and Security Administrator

Unicredit Luxembourg S.A.

Administration, monitoring and further development of overall IT security
Vulnerability and patch management
Trainer for "IPv4 advanced" and "Firewalling advanced" courses

Jan 2001 - Dec 2004

4 years

Hattersheim am Main, Germany

Network and Security Consultant

Systemberatung Axel Dunkel GmbH

Design and build of network infrastructures, firewalls and IDS systems
Design and build of email and web security systems and reverse proxies
Design and build of encryption and authentication systems
Pre-sales and consulting for security projects
Trainer for "Firewalling with WATCHGUARD" training
Setup and management of BGP routed peering AS8520 at DE-CIX

Jan 2000 - Dec 2001

2 years

Bexbach, Germany

Head of IT Department and Data Protection Officer

Syborg Informationssysteme GmbH

Planning and execution of all new IT installation and relocation projects
Development, implementation and review of IT policies
Operation and further development of the entire IT infrastructure and applications
Support for customer projects in network and firewall security issues

Jan 1998 - Dec 2000

3 years

Bexbach, Germany

Network and Security Administrator

Syborg Informationssysteme GmbH

Setup, operation and further development of network and security infrastructure
Support for customer projects in network and firewall security issues
Trainer for "IPv4 advanced" training

Skills

Iso/iec 27001 Lead Auditor
Information Security Manager (Iso 27001)
Lead Information Security Incident Manager (Iso 27035)
Business Continuity Manager (Iso 22301, Bsi 200-4)
It Risk Manager (Iso 31000)
It Baseline Protection Practitioner And Consultant (Bsi 200-1/2/3)
Data Protection Officer (Gdpr, Bdsg)
It-security Auditor (Iso 19011)
Nis2, Bait, Vait, Zait, A-960/1, Din 27076, It-sig, Nist Csf
Marisk, Cssf, Eba, Swift Csp, Dora, Pci-dss, Kritisv
Firewall Administration (Packet-filter And Web Application Firewalls)
Remote Access, Ssl Vpn And Ipsec Vpn
Multi-factor Authentication (Mfa)
Intrusion Detection And Prevention Systems (Ids, Ips)
Vulnerability And Patch Management
Cyber Security Incident Response
Content Security Proxy Server For Email And Web Traffic
Security Incident Event Management (Siem), Security Operation Center (Soc)
Network Security, Access Control Lists (Acl), Network Access Control (Nac)
Client And Server Endpoint Protection, Endpoint Detection And Response
Client And Server Operating System Hardening
Shell Scripting In Bash, Python, Powershell, Perl
Network Security Policy Management (Nspm)
Layer-2 And Layer-3 Networking (Ipv4 And Ipv6)
Load Balancing And High Availability Solutions
Encryption
Identity And Access Management (Iam), Privileged Access Management (Pam)
Mobile Device Management (Mdm)
Data Leakage Prevention (Dlp)

Languages

German

Native

English

Advanced

French

Intermediate

Education

Oct 1994 - Jun 1998

University of Applied Sciences, HTWdS, Saarbrücken

Practical Computer Science · Saarbrücken, Germany

Certifications & licenses

BSI IT Baseline Protection Auditor

Auditor ISO/IEC 27001

Auditor SWIFT CSP

Business Continuity Manager (ISO 22301, BSI 200-4)

Data Protection Officer (GDPR, BDSG)

ISO/IEC 27001 Lead Auditor

IT Risk Manager (ISO 31000)

IT Baseline Protection Practitioner and Consultant (BSI 200-1/2/3)

IT-Security Auditor (ISO 19011)

Information Security Manager (ISO 27001)

Lead Information Security Incident Manager (ISO 27035)

Profile

Created

February 2024

Last Update

January 2025

Need a freelancer? Find your match in seconds.

Try FRATCH GPT

Frequently asked questions

Do you have questions? Here you can find further information.

Where is Stephan based?

Stephan is based in Saarlouis, Germany and prefers 100% remote projects.

What languages does Stephan speak?

Stephan speaks the following languages: German (Native), English (Advanced), French (Intermediate).

How many years of experience does Stephan have?

Stephan has at least 28 years of experience. During this time, Stephan has worked in at least 14 different roles and for 13 different companies. The average length of individual experience is 1 year and 10 months. Note that Stephan may not have shared all experience and actually has more experience.

What roles would Stephan be best suited for?

Based on recent experience, Stephan would be well-suited for roles such as: IT-Security Manager, GRC expert for firewall and vulnerability management in the context of PCI-DSS, NIS2 consultant.

What is Stephan's latest experience?

Stephan's most recent position is IT-Security Manager at Large industrial corporation with multiple international locations.

What companies has Stephan worked for in recent years?

In recent years, Stephan has worked for Large industrial corporation with multiple international locations, KRITIS service provider for the finance and banking sector, Multiple clients from various industries in Germany, Multiple clients from various industries in the D-A-CH region, Benelux, and Scandinavia, and KRITIS telecommunications service provider for nationwide alerts.

Which industries is Stephan most experienced in?

Stephan is most experienced in industries like Banking and Finance, Information Technology (IT), and Professional Services. Stephan also has some experience in Telecommunication and Manufacturing.

Which business areas is Stephan most experienced in?

Stephan is most experienced in business areas like Information Technology (IT), Project Management, and Audit. Stephan also has some experience in Quality Assurance (QA) and Operations.

Which industries has Stephan worked in recently?

Stephan has recently worked in industries like Banking and Finance, Professional Services, and Information Technology (IT).

Which business areas has Stephan worked in recently?

Stephan has recently worked in business areas like Information Technology (IT), Audit, and Quality Assurance (QA).

What is Stephan's education?

Stephan attended University of Applied Sciences, HTWdS, Saarbrücken for Practical Computer Science.

Does Stephan have any certificates?

Stephan has 11 certificates. Among them, these include: BSI IT Baseline Protection Auditor, Auditor ISO/IEC 27001, and Auditor SWIFT CSP.

What is the availability of Stephan?

Stephan is immediately available part-time for suitable projects.

What is the rate of Stephan?

Stephan's rate depends on the specific project requirements. Please use the Meet button on the profile to schedule a meeting and discuss the details.