Valon J. - Cybersecurity and Data Scientist Engineer

Cologne, Germany

Experience

Feb 2025 - Present

9 months

Cyber Security (IT, OT, Ethical Hacking & Pen Testing)
Data Science (Machine Learning, Deep Learning, Data Engineer and Data Analytics)

Feb 2023 - Dec 2024

1 year 11 months

Cologne, Germany

Risk analysis, CVE vulnerabilities, defining possible attack paths and damage scenarios
NIST framework, using standards (ISO/SAE 21434, IEC 62443, R155 & R156, ISO 27001, etc.)
Creating cybersecurity plan and concept, TARA (ISO/SAE 21434)
Analyzing, managing and evaluating vulnerabilities, CVE scanning
Implementing and developing CVE search tools to find CVEs for VW and Cariad
Secure Boot implementation for VW
Wi-Fi & BT penetration tests for VW and Porsche
OWASP Top 10 penetration tests for VW
Creating and running Python script templates for pen tests

Nov 2019 - Jan 2023

3 years 3 months

Implementing and deploying the cybersecurity management system (CSMS) according to ISO/SAE 21434 and IEC 62443
Applying standards ISO 27001, ISO 26262, IEC 62443, UNECE R155 & R156, ISO 21448 in the automotive sector (ASPICE)
Defining the compliance matrix for cyber regulations, planning system architecture and applying the NIST framework
Data Science (Deep Learning, Machine Learning and AI)
Creating templates for ISO/SAE 21434 artifacts (CS plan, concept, joint reviews and TARA)
Developing documents for threat analysis and risk assessment (TARA) and the cybersecurity concept
Drafting and implementing plans for cybersecurity review and validation, including reports for development, production and post-production phases
Conducting internal and external audits and implementing cybersecurity policies in Germany and Poland
Projects for clients: Stadlerrail AG (Switzerland), Skoda and Volvo (Poland), VW and Mercedes (penetration tests, CVE risk analysis)
Working with ADAS systems and e-mobility, especially with Mercedes and BMW
Synopsis code reviews (static and automated) and Black Duck vulnerability management

Jan 2018 - Mar 2019

1 year 3 months

Vienna, Austria

Maintaining the company's IT network, servers and security systems
Managing network servers and technology tools
Penetration testing (Linux, Kali Linux, Autosar) and development management of cloud resources on Azure as well as AWS and GCP
Office 365 maintenance with PowerShell scripts
Risk analysis: analyzing CVE vulnerabilities, defining possible attack paths, damage scenarios and security controls
Applying standards ISO 27001, IEC 62443, ISO 26262, SAE J3061 and the NIST framework

May 2017 - Aug 2017

4 months

Vienna, Austria

Penetration testing, vulnerability management and incident response
Applying cyber attack techniques, source code analysis and reverse engineering
Developing cybersecurity concept, specifications and assurance case for the project
Automated testing with Sniper

Oct 2015 - Sep 2016

1 year

Pristina

Analyze security alerts and incidents, manage IT security and cloud systems
Manage firewalls, VPNs, and cloud security features
Administer CCNA routers and firewalls
Review network threats using Linux and Kali Linux, create a threat and vulnerability list in Excel

Mar 2015 - Jul 2015

5 months

Pristina