Profilbild von Daniel Juentgen IT Security Expert / Analyst| Information Security Officer | Business Analyst |Prozessberater aus MuelheimanderRuhr

Daniel Jüntgen


Letztes Update: 27.03.2022

IT Security Expert / Analyst| Information Security Officer | Business Analyst |Prozessberater

Firma: Jüntgen Consulting
Abschluss: nicht angegeben
Stunden-/Tagessatz: anzeigen
Sprachkenntnisse: deutsch (Muttersprache) | englisch (verhandlungssicher)


Oracle JIRA Meldewesen Qualitätsmanager Testmanager Testplanung Abnahmetests Beratung CRM Softwaretester IT Governance IT Security ISMS IT Security Management Systems (ISMS) IT Security Sicherheitskonzept IT Security Consulting IT Security Audit IT Security ISMS IT Security Architekt VAIT DSGVO EU-DSGVO Datensicherheit Schwachstellenanalyse Vulnerability Nessus Tenable security controls CIS Security Center schwachstellenscan Schwachstellenmanagement Compliance IT Compliance Aufbau Compliance Management System Kibana Prozessberatung IT-Prozessmanagement IT-Prozessmodellierung Anforderungsmanagement Business Analyse Informationssicherheit ISO 2700x-Familie ISO27001 ISO 27001/27002 ISMS Spezialist ISO 27001 ISO 27001 Zertifizierung Docker Swarm Docker Scrum + DevOps: Docker DEV OPS aws Amazon AWS Amazon S3 Amazon Web Services (AWS) Ansible Bash Bash-Programmierung Bash Scripting Bash Shell Google Cloud Services Openshift RedHat OpenShift Cloud Kubernetes Kubernetes-Clustern Scrum Master scrum product owner Certified Scrum Master Certified Scrum Product Owner scrum coaching cloud architekt Cloud Architektur AWS Cloud Expert AWS Cloud Architektur kms Azure Microsoft Azure Logstash CICD jenkins Github MavenJenkins Jenkins Service Orientierte Architekturen (SOA) Jenkins (CI) CI CD Kafka Apache Kafka Streams Kafka Streams ElasticSearch Elastic Log Management Elastic Stack ELK-Stack ELK Phyton BSI Gundschutz BSI BSI Grundschutz 100-4 Datenschutz und Datensicherheit (BSI Grundschutz) BSI Grundschutz bsi grundschutz auditor Sichere Rechenzentren nach BSI Grundschutz ISO27001 nach IT-Grundschutz IT-Grundschutz ISO 2700x-Familie BSI IT-Grundschutz ISO27001 BSI IT-Grundschutz BSI 200-2 Testing Agile testing SW Testing tosca Tosca Testsuite Toscar suite




ISTQB Certified Testing, Testmanagement. TMAP Certified Testing HPQC, HP Quality Center ALM, Jira, Blackbox Test, Schnittstellentest, Testfallspezifikation, Testdokumentation, Bugtracking, Reporting, Testausführung, Testkoordination, Testmanagement, Testkonzeption, Testplanung, QS Planung, IBM Rational QualityManager, IBM Clearquest, Remedy, Review, Test Beratung, Kommunikation, Sepa, Wizard, Oracle Siebel CRM, ISO2700x, ISO27001, CSC CIS, Schwachstellen, VAIT; DSGVO, EU-DSGVO, Schwachstellenscan, Schwachstellenanalyse, Schwachstellenmanagement, IT Governance, IT Compliance, Kibana,Docker, Kubernetes,Microsoft Azure,Amazon Web Services, aws, Google Cloud Platform,Sequime (Cloud-Printing), XML, Ansible, bash, openshift, Linux, Scrum master, Scrum Product Owner, Sec ops, SECOPS, DEVOPS, dev ops, jenkins, git hub, maven, CI CD, continuous integration, continuous delivery, logstash, kafka, elastic search, phyton, BSI Grundschutz, Grundschutz BSI Grundschutz neu,tosca, tosca testsuite,test,testing,sw test,software testing


01/2021 - bis jetzt
Project Manager
Centralization of decentral hosted fileservers in each of the regional companies used for providing user home
shares, collaboration data and application data within the stand-alone-companies to cloud based central service
in Microsoft environment. The new TOM for user home drive is OneDrive to which the personal data will be
migrated to, for the collaboration data the data will be migrated to SharePoint Online with a new Role Based Access Control Model based on the obtained data in cooperation with the (national) IT and HR departments. For the application
data the azure file server is planned to use in a lift and shift approach with probably post project transformations
▪ More than 70 locations in 8 countries with approx. 90 TB of Data
▪ Migration to MS OneDrive and SharePoint Online
▪ Gathering as is information from country- & subsidiaries and local responsibles
▪ Working on and creating organizational structures and orgcharts for new RBAC Implementation
▪ Tracking of the timely processing of the project
▪ Working on project tenders for contractors
▪ Evaluation of contractors based on tenders
▪ Status reporting and presentation
▪ Coordination of migration “rollouts”
▪ Coordination and Governance for external contractors
▪ Coordination of tasks and decisions with the country subsidiaries.
▪ Planning of workshops & moderation
▪ Documentation of as is situation and working out a migration path

01/2022 - 10/2022
Project Manager
▪ Technical and procedural documentation of the changes and handover to operation
▪ Planning and evaluating of a suitable solution and implementation afterwards.
▪ Steering of and contact person for the external supplier in case of questions
▪ Planning of workshops & moderation
▪ Reporting to C-Level

10/2021 - 10/2022
Project Manager
▪ Contact person for suppliers and specialist groups in case of questions
▪ Collaboration in the planning of milestones and timeframes for the implementation of lifecycle topics
▪ Supporting the creation of highlevel and implementation procedures
▪ Verification of requirements and assumptions on the part of Customer
▪ Support of the pilot & tests for the implementation of the HW BLC replacement
▪ QA acceptance documentation
▪ Planning of migration waves (application groups) for migration of applications
▪ Planning of migration waves for migration of Windows2012 Servers to latest OS Gen.
▪ Control and follow-up of the implementations by PV / project team members
▪ QS reporting of progress
▪ Maintenance of necessary change data in CMDB, etc.
▪ Technical and procedural documentation of the changes and handover to Operation

03/2020 - 10/2022
Project Manager
▪ Creation of a business case to illustrate the possible options in terms of implementation time and the
associated costs and risks.
▪ Realization of the business case with the goal to dismantle all Windows 2008 legacy systems to the expiry
date of the ESU licenses in 01/23.
▪ Coordination of inhouse operation staff and sourcing provider.

01/2020 - 12/2021
Vulnerability-, Patch- & Compliance Manager on the staff of the Board (C-Level)
▪ Developing and providing support all I&O departments on security breaches, vulnerability remediation,
security patch management and security compliance
▪ Define product vision by translating the technology and business strategy into a consistent set of product
objectives and targets with specific focus on security and risk reduction in order to protect I&O
infrastructure, products and ser-vices from internal/external cyber-at-tacks
▪ Manage the product evangelization, presales and post-sales, defining product direction based on the
changing security threat landscape /technology/ market adoption/evolution in collaboration with customers
and tech. leadership
▪ Own and participate in the creation of the technology vision for I&O from a Security PoV.
▪ Identify journeys’ / product key capabilities and features required to evolve towards the technology vision
and deliver expected strategy outcomes, facilitate Product Line teams.
▪ E2E ownership of the “Infrastructure Vulnerability Management” measures to be taken by I&O based on
(Group IT Security) vulnerability reports and findings (analyze findings, define and align measures with
operations line of business and Security
▪ C-level Consulting

10/2020 - 09/2021
Vulnerability- & Patch Manager and Strategy & Process Consultant
▪ Enhancing manual and legacy processes. Driving processes to be automated and increasing effectiveness by
decreasing manual effort.
▪ Support building up new Vulnerability Management Group in I&O to work on vulnerabilities found by Security & Vulnerability Scan department.
▪ Support Teams to decrease found vulnerabilities by driving escalations and doing overarching coordination
work within i&o and security if needed.
▪ Consultancy of leadership with personal & vulnerability strategic decisions.
▪ Reporting of measurements and vulnerabilities

09/2020 - 01/2021
Consultant / Project Manager
▪ Design and definition of new processes in context of the MS Exchange implementation such as request of
permissions for (shared) mailboxes and general mailboxes for users or distribution lists and further.
▪ Operationalizing of defined processes and implementation in ITSM environment
▪ Creation of RBAC concept and documentation
▪ Hands on doing in project (creation of rules within owa, etc)
▪ Coordination of tasks and decisions with the country subsidiaries.

06/2020 - 08/2020
Process & Strategy Consultant, Patch Manager
▪ Analysis of old processes in patch management topics and the target of patch management is to be applied
in the future.
▪ Design and definition of new processes to enhance patch management workflows. Enabling old processes
which are not in place and enhancement of those.
▪ Alignment of new processes with Global IT Security - Vulnerability Management Team to ensure
sustainability of the processes defined.

08/2019 - 01/2020
Project Manager
Increase vulnerability scanning effectiveness by rolling out scan agents in the Windows and Linux server
infrastructure (~5,000 servers) across all zones and stages of the enterprise, while reducing network load and
usage of highly privileged users for the remote scanner infrastructure.
▪ Requirements engineering
▪ Coordination of the implementation (stagebased deployment / rollout) and the team
▪ Coordination of the VM procurement
▪ Development and implementation of necessary processes
Tools used, languages: MS Office, tenable Nessus Manager, Tenable

07/2019 - 12/2019
Vulnerability & Patch Manager, Process & Strategy Consultant
▪ Determining solutions for processing and closing of audit findings
▪ Determining solutions for closing vulnerabilities (Findings vulnerabilities scanner)
▪ Establishment of sustainable processes
▪ Patch management/-optimization
Process tasks
▪ Requirements assessment of processes in the area of vulnerability and incident management
▪ Process design and redesign in the area of vulnerability and incident management
▪ Introduction and establishment of more effective ways of working in different groups
e.g. transparency about and reduction of work-in-progress for IT operations
Coordinative tasks
▪ Mediation between IT security and IT operations
▪ Review of vulnerability reports
▪ Identification of asset managers
▪ Assignment of the vulnerabilities to the identified asset managers
▪ Tracking of the timely processing of vulnerabilities
▪ Coordination of mitigation rollouts / configuration adjustments
▪ Creation of status reports
▪ Incident & Problem Management
▪ Planning of workshops & moderation
▪ Evaluation of a vulnerability management solution
Operational and technical tasks (in cooperation with other external service providers)
▪ Examination and evaluation of vulnerabilities for false positives
▪ Examination of the applicability of recommended remedial actions
▪ If necessary, consideration of alternative remedial measures
▪ Test/documentation of the respective remedial measures
▪ Implementation of remedial measures or application for risk acceptance

02/2019 - 06/2019
IT Security Consultant
▪ Evaluation of a suitable visualization framework (RStudio)
▪ Definition & coordination of key figures with the ISO organization
▪ Definition & coordination of threshold values and measures with the ISO organization
▪ Professional and technical conception on the basis of the requirements
▪ Topics for ComplianceGate: Vulnerabilities Scan, DLP, IAM, PAM, Asset Inventory, etc.
▪ Security concept incl. threat modelling
▪ Documentation/compilation of operating manual
▪ Implementation of data aggregations (Kibana)

11/2017 - 06/2019
IT Security Consultant, Vulnerability / Schwachstellen Management
▪ Maintenance, operation and further development of the vulnerability scanner
▪ Vulnerability management
▪ Vulnerability scans
▪ Vulnerability analysis
▪ Security Incident Management
▪ Reporting
▪ Documentation (creation/maintenance of the installation and operating manual)
▪ Process consulting and optimization
▪ Connection to central log management

09/2018 - 02/2019
IT Security Consultant
▪ Development of a network infrastructure for the provision of services: Vulnerabilities Scan and penetration
testing to reduce network load and increase efficiency (coverage of previously known and tested network
segments increased by direct access to all VLANs)
▪ Process consulting and design
▪ Project and network documentation
▪ Documentation/ Preparation of operating and installation manual
▪ Security Concept incl. Threat Modelling

02/2018 - 10/2018
Consultant IT Security & SIEM
▪ Definition & coordination of key figures with business unit and business owner (VulScan, DLP, IAM, PAM,..)
▪ Definition & coordination of measured values for the presentation of compliance (VulScan, DLP, IAM, PAM,..)
▪ requirements analysis
▪ Professional and technical conception on the basis of the requirements (VulScan, DLP, IAM, PAM,..)
▪ Technical implementation
▪ Formulation of Compliance & Security Use Cases (VulScan, DLP, IAM, PAM,.. )
▪ Implementation of data aggregations with ElasticSearch
▪ Visualization of data aggregations with Kibana
▪ Evaluation & connection of data suppliers to the log platform
▪ Enhancement of Python Scripts
▪ Development of Bash / Shell scripts
▪ Log data analysis
▪ Development of threshold logics and evaluations using Elastic Watcher & Painless Script

02/2015 - 12/2017
Consultant / Test Analyst
▪ Test case identification and test specification/design according to ISQTB
▪ Test documentation
▪ Execution and analysis of the software tests
▪ Bug tracking
▪ Mobile testing (iOS)
▪ Test status reporting

12/2016 - 11/2017
Business Analyst / Consultant / Subproject Manager
▪ Requirements analysis
▪ Creation of technical and functional concepts
▪ Test management
▪ Test analysis & conception
▪ Mobile testing (iOS)
▪ Document testing
▪ End2End testing
▪ Reporting test state
▪ Test process improvement
▪ Consulting in agile work according to SCRUM

07/2015 - 11/2016
Consultant / Test Analyst / Business Analyst
▪ Requirements analysis
▪ Preparation of technical / solution concepts for requirements
▪ Creation of Release Notes and User Manuals
▪ Test case identification and test specification/design according to ISQTB
▪ Determination of regression tests
▪ Execution, documentation and analysis of the software tests
▪ Bug tracking
▪ Test Status Reporting
▪ Acceptance test support
▪ Consulting test approach, test procedure, test process (improvement)

04/2015 - 07/2015
Consultant / Test Manager
▪ Test management / test coordination
▪ Control of nearshore test teams (Romania)
▪ Control test team & test orders
▪ Creation of documentation and user manuals
▪ Bug tracking
▪ Test status reporting
▪ Acceptance test support
▪ Test environment coordination

12/2014 - 03/2015
Consultant / Test Manager
▪ Release Test Management
▪ Test Status Reporting
▪ Control Test Manager & Offshore Test Team
▪ Control (offshore) Test projects (India)
▪ Test environment management / coordination / planning
▪ Bug tracking
▪ QS/test planning
▪ Load test coordination


IT Information Security Practitioner (IT ISP)
Nessus Certificate of Proficiency
Professional Scrum Master
Professional Scrum Product Owner
ISO 27001 - Foundation Level
TÜV Sued
ISO 27001 - Information Security Officer
TÜV Sued
ISTQB - Certified Tester Advanced Level - Test Manager
TMap NEXT® Test Engineer
ISTQB - Certified Tester Foundation Level


Verfügbar in den Ländern Deutschland
DACH - national bevorzugt Raum Düsseldorf
Profilbild von Daniel Juentgen IT Security Expert / Analyst| Information Security Officer | Business Analyst |Prozessberater aus MuelheimanderRuhr IT Security Expert / Analyst| Information Security Officer | Business Analyst |Prozessberater