Sven Thiele - IT Security Consultant – Creation & Management of the IT Security Roadmap

Recommended expert

Weimar, Germany

Experience

Jan 2025 - Dec 2025

1 year

IT Security Consultant – Creation & Management of the IT Security Roadmap

Diehl Aviation

Analyze and structure specific IT security requirements
Build a structured requirements backlog as a basis for the sub-group’s IT security initiatives (including separation from group-wide programs)
Conduct a systematic delta comparison with group-wide IT security requirements to identify open needs and dependencies
Develop a multi-level IT security roadmap including implementation and project planning, aligned with internal and external stakeholders
Provide professional project management at the program level, including status analysis, risk management, action tracking, and goal control
Coordinate internal departments and external service providers, including communication planning and managing regular status meetings

Jan 2024 - Dec 2025

2 years

IT Security Consultant – SIEM Readiness & PCI/BAIT/KRITIS Compliance

Enhance the SIEM system (QRadar) including design and implementation of log integration for critical assets (PCI-relevant, BAIT/KRITIS compliant)
Define and implement PCI-relevant use cases to detect security-critical incidents
Plan projects and manage milestones for audit preparation (including creating schedules and assigning responsibilities)
Manage requirements for SOC services, conduct RfI/RfP processes, and evaluate external vendors
Develop audit-proof policies and process documentation (e.g. log onboarding, use case lifecycle, incident detection)
Conduct workshops on log integration with business units and derive technical requirements
Prepare for and support audits (PCI, BAIT, KRITIS) including action tracking based on identified findings

Jan 2024 - Dec 2024

1 year

IT Security Consultant – Coordination of Measures and Implementation of BAIT & DORA Requirements

Derive and detail regulatory measures (BAIT, DORA), integrate into the ISMS
Create and review policies (e.g. use case lifecycle, incident handling)
Manage the tender process for SIEM/SOC (RFI, RfP, evaluation, PoC support)
Evaluate and select external service providers for CDC operations
Strategically advance application monitoring along MITRE ATT&CK
Align with business units, risk management, and IT security

Jan 2023 - Dec 2024

2 years

SIEM Onboarding Manager – OT Monitoring & Tenant Integration

Railway Infrastructure

Design a group-wide onboarding strategy for monitoring and integrating OT components into the central SIEM (Splunk)
Develop and establish the organizational onboarding process for internal rail tenants (CDC integration)
Conduct technical workshops with tenants, including identifying relevant OT assets, assessing integration feasibility, and clarifying log formats
Define and prioritize use cases to cover security-relevant OT events in critical environments
Create technical integration concepts (e.g. via Syslog, API, agents) in coordination with SIEM and SOC leads
Work closely with Security Operations & CDC to translate tenant requirements into use cases and alert processes

Jan 2023 - Dec 2024

2 years

Security Analyst – Operationalization of Vulnerability Management & Incident Response

Healthcare (KRITIS)

Select, implement, and configure a vulnerability management tool (Tenable), including defining roles, responsibilities, and reporting cycles
Support the introduction and optimization of endpoint protection (Palo Alto Cortex XDR, CrowdStrike) and integrate into existing analysis processes
Handle first-line incidents and optimize detection processes, including analysis, escalation logic, and handover to L2/L3
Coach and enable the SOC team, including operational training, process clarification, and ticket system optimization
Contribute to the operationalization of use case processes and alert workflows, tailored to KRITIS-relevant requirements
Document and embed new processes into the ISMS, including supporting guidelines for incident handling and vulnerability assessment

Jan 2023 - Dec 2024

2 years

Cyber Defense Consultant – Setup of IT Security Process Architecture & Tool Integration

Süddeutsche Landeshauptstadt

Designed and built the complete process landscape for security incidents, use case management, vulnerability management, playbooks, and SIEM operations including full BPMN 2.0 modeling with Adonis and integration into the ISMS
Selected, integrated, and operationalized Tenable, SIEM & SOAR, including defining use cases and interfaces to IT operations and risk management
Established central control processes in ServiceNow, including workflow design and automation of the security process chain
Coordinated all involved departments and units to harmonize security-relevant processes
Maintained and expanded a central change management database to manage security measures and release cycles
Conducted maturity analysis and process publication according to regulatory requirements (BSI, NIS2, KRITIS)

Jan 2022 - Dec 2023

2 years

IT Security Officer – Implementation of Enterprise Security Use Cases

Deutsche Förderbank FFM

Developed and implemented standard use cases in the Splunk Enterprise Security system
Tested the developed use cases to ensure functionality and quality
Documented the use cases and processes in the relevant tools
Created playbooks to support the SOC operations

Jan 2021 - Dec 2022

2 years

IT Security Consultant for Security Operation Processes

Deutsche Privatbank

Developed processes for the technical integration of infrastructure and application components into a Splunk SIEM system in the AWS Cloud
Aligned the processes with internal stakeholders and relevant parties
Created detailed process documentation and ensured the development of overarching guidelines
Supported process implementation including workshops
Integrated infrastructure components and developed use cases, as well as set up monitoring and alerting processes for the SIEM system

Jan 2021 - Dec 2022

2 years

IT Security Measures Assessment & Recommendations

Genossenschaftsbank

Collected and assessed project status for identified IT security vulnerabilities
Analyzed and evaluated the measures defined by the departments to fix vulnerabilities
Documented progress and created an overview of further necessary steps
Coordinated audit preparation and consolidated relevant information and actions into a detailed project plan
Developed recommendations for vulnerability remediation and security measure optimization

Jan 2020 - Dec 2021

2 years

IT Security Consultant – Process Analysis, Monitoring Concepts, Service Provider Management

Analyzed the process structures of two global IT security service providers
Identified and developed approaches to standardize service provider management
Defined standardized reason codes for consistent classification of IT security incidents
Developed basic structures for consistent KPI reporting across various IT security areas
Derived and implemented measures to improve service provider management and monitoring

Jan 2019 - Dec 2020

2 years

IT Security Process Map Analysis & SOC Support

Cataloging security operation processes and identifying existing gaps
Defining processes needed to close security gaps
Focusing on attack scenarios in the webshop and securing them
Log analysis and co-creating use cases with internal stakeholders
Prioritizing and implementing use cases and integrating them into the SIEM system
Creating necessary playbooks to support SOC operations

Jan 2018 - Dec 2019

2 years

Product Owner Process Analysis and CIS Checks

Semiconductor Group

Taking on the Product Owner role for an internal Scrum team in an agile project environment
Analyzing, documenting, and clustering existing IT security processes
Identifying process and system gaps and defining measures to close them (focus on AWS-based environment and security optimization)
Implementing an alert system for CIS checks in AWS to notify security experts in cloud projects