Sven Thiele - IT Security Consultant – Creation & Management of the IT Security Roadmap

Q: Where is Sven based?

Sven is based in Weimar, Germany and can operate in on-site , hybrid , and remote work models.

Q: What languages does Sven speak?

Sven speaks the following languages: German (Native), English (Advanced) .

Q: How many years of experience does Sven have?

Sven has at least 8 years of experience. During this time, Sven has worked in at least 12 different roles and for 8 different companies . The average length of individual experience is 1 year and 8 months . Note that Sven may not have shared all experience and actually has more experience.

Q: What is Sven's latest experience?

Sven's most recent position is IT Security Consultant – Creation & Management of the IT Security Roadmap at Diehl Aviation .

Q: What companies has Sven worked for in recent years?

In recent years, Sven has worked for Diehl Aviation , Railway Infrastructure , Healthcare (KRITIS) , Süddeutsche Landeshauptstadt , and Deutsche Förderbank FFM .

Q: Which industries is Sven most experienced in?

Sven is most experienced in industries like Information Technology (IT) , Banking and Finance , and Government and Public Administration . Sven also has some experience in Healthcare , Manufacturing , and Aerospace and Defense .

Q: Which business areas is Sven most experienced in?

Sven is most experienced in business areas like Information Technology (IT) , Operations , and Project Management . Sven also has some experience in Procurement and Purchasing , Strategy and Planning , and Quality Assurance (QA) .

Q: Which industries has Sven worked in recently?

Sven has recently worked in industries like Banking and Finance , Information Technology (IT) , and Government and Public Administration .

Q: Which business areas has Sven worked in recently?

Sven has recently worked in business areas like Information Technology (IT) , Operations , and Project Management .

Recommended expert

Weimar, Germany

Experience

Jan 2025 - Dec 2025

1 year

IT Security Consultant – Creation & Management of the IT Security Roadmap

Diehl Aviation

Analyze and structure specific IT security requirements
Build a structured requirements backlog as a basis for the sub-group’s IT security initiatives (including separation from group-wide programs)
Conduct a systematic delta comparison with group-wide IT security requirements to identify open needs and dependencies
Develop a multi-level IT security roadmap including implementation and project planning, aligned with internal and external stakeholders
Provide professional project management at the program level, including status analysis, risk management, action tracking, and goal control
Coordinate internal departments and external service providers, including communication planning and managing regular status meetings

Jan 2024 - Dec 2025

2 years

IT Security Consultant – SIEM Readiness & PCI/BAIT/KRITIS Compliance

Enhance the SIEM system (QRadar) including design and implementation of log integration for critical assets (PCI-relevant, BAIT/KRITIS compliant)
Define and implement PCI-relevant use cases to detect security-critical incidents
Plan projects and manage milestones for audit preparation (including creating schedules and assigning responsibilities)
Manage requirements for SOC services, conduct RfI/RfP processes, and evaluate external vendors
Develop audit-proof policies and process documentation (e.g. log onboarding, use case lifecycle, incident detection)
Conduct workshops on log integration with business units and derive technical requirements
Prepare for and support audits (PCI, BAIT, KRITIS) including action tracking based on identified findings

Jan 2024 - Dec 2024

1 year

IT Security Consultant – Coordination of Measures and Implementation of BAIT & DORA Requirements

Derive and detail regulatory measures (BAIT, DORA), integrate into the ISMS
Create and review policies (e.g. use case lifecycle, incident handling)
Manage the tender process for SIEM/SOC (RFI, RfP, evaluation, PoC support)
Evaluate and select external service providers for CDC operations
Strategically advance application monitoring along MITRE ATT&CK
Align with business units, risk management, and IT security

Jan 2023 - Dec 2024

2 years

SIEM Onboarding Manager – OT Monitoring & Tenant Integration

Railway Infrastructure

Design a group-wide onboarding strategy for monitoring and integrating OT components into the central SIEM (Splunk)
Develop and establish the organizational onboarding process for internal rail tenants (CDC integration)
Conduct technical workshops with tenants, including identifying relevant OT assets, assessing integration feasibility, and clarifying log formats
Define and prioritize use cases to cover security-relevant OT events in critical environments
Create technical integration concepts (e.g. via Syslog, API, agents) in coordination with SIEM and SOC leads
Work closely with Security Operations & CDC to translate tenant requirements into use cases and alert processes

Jan 2023 - Dec 2024

2 years

Security Analyst – Operationalization of Vulnerability Management & Incident Response

Healthcare (KRITIS)

Select, implement, and configure a vulnerability management tool (Tenable), including defining roles, responsibilities, and reporting cycles
Support the introduction and optimization of endpoint protection (Palo Alto Cortex XDR, CrowdStrike) and integrate into existing analysis processes
Handle first-line incidents and optimize detection processes, including analysis, escalation logic, and handover to L2/L3
Coach and enable the SOC team, including operational training, process clarification, and ticket system optimization
Contribute to the operationalization of use case processes and alert workflows, tailored to KRITIS-relevant requirements
Document and embed new processes into the ISMS, including supporting guidelines for incident handling and vulnerability assessment

Jan 2023 - Dec 2024

2 years

Cyber Defense Consultant – Setup of IT Security Process Architecture & Tool Integration

Süddeutsche Landeshauptstadt

Designed and built the complete process landscape for security incidents, use case management, vulnerability management, playbooks, and SIEM operations including full BPMN 2.0 modeling with Adonis and integration into the ISMS
Selected, integrated, and operationalized Tenable, SIEM & SOAR, including defining use cases and interfaces to IT operations and risk management
Established central control processes in ServiceNow, including workflow design and automation of the security process chain
Coordinated all involved departments and units to harmonize security-relevant processes
Maintained and expanded a central change management database to manage security measures and release cycles
Conducted maturity analysis and process publication according to regulatory requirements (BSI, NIS2, KRITIS)

Jan 2022 - Dec 2023

2 years

IT Security Officer – Implementation of Enterprise Security Use Cases

Deutsche Förderbank FFM

Developed and implemented standard use cases in the Splunk Enterprise Security system
Tested the developed use cases to ensure functionality and quality
Documented the use cases and processes in the relevant tools
Created playbooks to support the SOC operations

Jan 2021 - Dec 2022

2 years

IT Security Consultant for Security Operation Processes

Deutsche Privatbank

Developed processes for the technical integration of infrastructure and application components into a Splunk SIEM system in the AWS Cloud
Aligned the processes with internal stakeholders and relevant parties
Created detailed process documentation and ensured the development of overarching guidelines
Supported process implementation including workshops
Integrated infrastructure components and developed use cases, as well as set up monitoring and alerting processes for the SIEM system

Jan 2021 - Dec 2022

2 years

IT Security Measures Assessment & Recommendations

Genossenschaftsbank

Collected and assessed project status for identified IT security vulnerabilities
Analyzed and evaluated the measures defined by the departments to fix vulnerabilities
Documented progress and created an overview of further necessary steps
Coordinated audit preparation and consolidated relevant information and actions into a detailed project plan
Developed recommendations for vulnerability remediation and security measure optimization

Jan 2020 - Dec 2021

2 years

IT Security Consultant – Process Analysis, Monitoring Concepts, Service Provider Management

Analyzed the process structures of two global IT security service providers
Identified and developed approaches to standardize service provider management
Defined standardized reason codes for consistent classification of IT security incidents
Developed basic structures for consistent KPI reporting across various IT security areas
Derived and implemented measures to improve service provider management and monitoring

Jan 2019 - Dec 2020

2 years

IT Security Process Map Analysis & SOC Support

Cataloging security operation processes and identifying existing gaps
Defining processes needed to close security gaps
Focusing on attack scenarios in the webshop and securing them
Log analysis and co-creating use cases with internal stakeholders
Prioritizing and implementing use cases and integrating them into the SIEM system
Creating necessary playbooks to support SOC operations

Jan 2018 - Dec 2019

2 years

Product Owner Process Analysis and CIS Checks

Semiconductor Group

Taking on the Product Owner role for an internal Scrum team in an agile project environment
Analyzing, documenting, and clustering existing IT security processes
Identifying process and system gaps and defining measures to close them (focus on AWS-based environment and security optimization)
Implementing an alert system for CIS checks in AWS to notify security experts in cloud projects

Industries Experience

See where this freelancer has spent most of their professional time. Longer bars indicate deeper hands-on experience, while shorter ones reflect targeted or project-based work.

Experienced in Information Technology (5 years), Banking and Finance (4 years), Government and Administration (2 years), Healthcare (2 years), Manufacturing (2 years), and Aerospace and Defense (1 year).

Information Technology

Banking and Finance

Government and Administration

Healthcare

Manufacturing

Aerospace and Defense

Business Areas Experience

The graph below provides a cumulative view of the freelancer's experience across multiple business areas, calculated from completed and active engagements. It highlights the areas where the freelancer has most frequently contributed to planning, execution, and delivery of business outcomes.

Experienced in Information Technology (8 years), Operations (5 years), Project Management (4 years), Procurement (3 years), Strategy (2 years), and Quality Assurance (2 years).

Information Technology

Operations

Project Management

Procurement

Strategy

Quality Assurance

Skills

Splunk
Ms Sentinel
Qradar
Splunk Es
Aws Security
Confluence
Cortex
Logpoint
Atlassian Jira
Powershell
Ms Azure
Azure Ad
Sentinel
Office365
Active Directory
Saas
Web Security
Microsoft Power Bi
Crowdstrike
Rapid7
Firewall (Fortinet)
Security Use Case Development
Playbook Integration
Itil
Siem
Sir
Vulnerability Management
Isms
Cyber Defense Center (Cdc)
Soc
Regulations
Standards
Infrastructure
Project Management

Languages

German

Native

English

Advanced

Education

Master of Science · Industrial Engineering

Certifications & licenses

AWS Practitioner

IT Baseline Protection Practitioner (BSI)

Information Security Officer ISO 27001

PMP

PRINCE2

Product Owner

Professional Scrum Master PSM II

Professional Scrum Product Owner PSPO I

Scrum Master

Six Sigma

Six Sigma Green Belt

Splunk Administrator

Splunk Power User

Profile

Created

October 2025

Last Update

December 2025

Need a freelancer? Find your match in seconds.

Try FRATCH GPT

Frequently asked questions

Do you have questions? Here you can find further information.

Where is Sven based?

Sven is based in Weimar, Germany and can operate in on-site, hybrid, and remote work models.

What languages does Sven speak?

Sven speaks the following languages: German (Native), English (Advanced).

How many years of experience does Sven have?

Sven has at least 8 years of experience. During this time, Sven has worked in at least 12 different roles and for 8 different companies. The average length of individual experience is 1 year and 8 months. Note that Sven may not have shared all experience and actually has more experience.

What roles would Sven be best suited for?

Based on recent experience, Sven would be well-suited for roles such as: IT Security Consultant – Creation & Management of the IT Security Roadmap, IT Security Consultant – SIEM Readiness & PCI/BAIT/KRITIS Compliance, IT Security Consultant – Coordination of Measures and Implementation of BAIT & DORA Requirements.

What is Sven's latest experience?

Sven's most recent position is IT Security Consultant – Creation & Management of the IT Security Roadmap at Diehl Aviation.

What companies has Sven worked for in recent years?

In recent years, Sven has worked for Diehl Aviation, Railway Infrastructure, Healthcare (KRITIS), Süddeutsche Landeshauptstadt, and Deutsche Förderbank FFM.

Which industries is Sven most experienced in?

Sven is most experienced in industries like Information Technology (IT), Banking and Finance, and Government and Public Administration. Sven also has some experience in Healthcare, Manufacturing, and Aerospace and Defense.

Which business areas is Sven most experienced in?

Sven is most experienced in business areas like Information Technology (IT), Operations, and Project Management. Sven also has some experience in Procurement and Purchasing, Strategy and Planning, and Quality Assurance (QA).

Which industries has Sven worked in recently?

Sven has recently worked in industries like Banking and Finance, Information Technology (IT), and Government and Public Administration.

Which business areas has Sven worked in recently?

Sven has recently worked in business areas like Information Technology (IT), Operations, and Project Management.

What is Sven's education?

Sven holds a Master in Industrial Engineering.

Does Sven have any certificates?

Sven has 13 certificates. Among them, these include: AWS Practitioner, IT Baseline Protection Practitioner (BSI), and Information Security Officer ISO 27001.

What is the availability of Sven?

Sven is immediately available full-time for suitable projects.

What is the rate of Sven?

Sven's rate depends on the specific project requirements. Please use the Meet button on the profile to schedule a meeting and discuss the details.