Profilbild von Anonymes Profil, Verfügbar 30%: Senior Security Expert IT & OT | Security Operation Center | Schwachstellen Mngt.
teilweise verfügbar

Letztes Update: 17.05.2023

Verfügbar 30%: Senior Security Expert IT & OT | Security Operation Center | Schwachstellen Mngt.

Abschluss: nicht angegeben
Stunden-/Tagessatz: anzeigen
Sprachkenntnisse: deutsch (Muttersprache) | englisch (verhandlungssicher)


EGGERT Profil 20220527.pdf


Vulnerability management, Cloud, Telecommunication, data protection, Qualys, AZURE, quality assurance, User Management, Firewall, epas DETACK, Nessus, OpenVAS, Metasploit, Active Directory, LDAP, Windows Server, Linux, Oracle, MSSQL, Citrix, MySQL, Microsoft Office, virtual environment, Database, Windows, VMWare, SQL, WAN/LAN, MPLS/VPN connectivity, F5 load balancers, Juniper SSL VPN migration, anti-virus, SaaS, IT Security, Juniper, Cisco, Squid, McAfee, Data privacy, Security/Privacy concepts, network security, cost optimisation, WAN connectivity, MPLS WAN, firewalls, LISP, WAN, Accelerator, Cloud computing, PaaS, IaaS, ITIL, ESX, vCloud, Zimory, Citrix XenApp, BlueCoat Systems, data centre, VLANs, load balancers, routing, firewall environment, IP, F5, MPLS, ATM, SDH, VPN, DMZ, IPSec, BGP, SaaS/PaaS, LAN, PKI, Watchguard firewalls, SSL VPN, IDS, IPS, IPSec VPN, NAT, OTP, two-factor authentication, SAP, router, NAGIOS, Windows Server 2003/2008, Microsoft Project, proxies, JAVA, DNS, DHCP, CoBIT, Office, PowerPoint, Word, Excel, SSL VPN Gateway (SA, MAG, Administration, PenTesting, Vulnerability, Qualysguard, Apache, ISA, Forefront Security, DSI, Director, LAN Access, Debian, Centos, Samba, Cluster, iptables, Postfix, Sendmail, qmail, Scalix, IMAP POP3 SMTP, Shellscript, NFS, Microsoft Windows, Windows Server 2003, 2008, 2012


07/2021 - 06/2022
Senior Security Expert / Schwachstellenexperte im OT Umfeld
Daimler AG (>10.000 Mitarbeiter)
Automobil und Fahrzeugbau
Senior Security Expert / Schwachstellenexperte im OT Umfeld


Expert for Vulnerability Management in the production network (OT Network). Establishing concepts to
scan the sensitive OT Landscape, remediate and vulnerability rating for multiple clients (Daimler
Truck, Central IT. Board Member in the global Vulnerabilty Board, administrator for the Qualys Cloud
Platform with more than one million Assets. Supporting the worldwide Agent Rollout, optimization of
Option Profiles (explicit for OT Scanning).

04/2021 - 07/2021
Senior Security Expert / Incident Management SOC
SEPAGO (50-250 Mitarbeiter)
Internet und Informationstechnologie

Process implementation and customer onboarding for "SOC as a Service" (Security Operations Center).   Working as Security Expert / Incident Manager for the SOC, evaluation of existing processes and KPIs.  Support the SOC Team to analyze Security Incidents 


Products: AZURE, Microsoft Defender für Endpoint, Microsoft Defender ATP

01/2016 - 03/2021
Senior Security Analyst
AXA Group Operation
Period Client/sector Company size
01.01.2016 - 28.03.2021 AXA Group Operation > 100.000 employees

01.01.2016: Senior Security Analyst & 01.11.2020: Vulnerability Management Expert


1. Senior Security Analyst 
Remediation and coordinating of Pen Test findings (global/local) and Audit tracking. Reporting
of findings and incidents to AXA Management and solver departments. Coordination and
supporting incoming requests to operational resolver groups and supporting them with security
requirements according to AXA Security Guidelines and deep technical knowledge. Regional Manager (Northern Europe Region) for DETACK epas (Enterprise Password Assessment), appliance administration incl. maintenance and central reporting for password quality reports 2. Vulnerability Management Expert Global project supporting of the Qualys Guard Infrastructure Infrastructure Administration and Maintenance from Qualys Guard Reporting of Vulnerabilities Remediation and Tracking Asset Management and Server-Onboarding Vendor-Management / Coordination and support Tickets  

Primary Tasks and responsibilities:


  • Perform activities for vulnerability scanning and policy compliance (Qualys Guard)
  • Maintain and operate password hunting and quality assurance tool
  • Manage and control audit remediation activities
  • Manage and support Pen Test activities
  • Perform security and risk assessments
  • Create security concepts


Security support for Sub-Tasks:


  • Password Clear Text Scanning
  • Support for CyberArk migration
  • Supporting the privileged User Management and recertification
  • Related requests for ICT Infrastructure and Firewall approvals 
  • Security Consultant for other IT Projects
  • Support the global security Incident Management



  • Security Tools (epas DETACK, Nessus, OpenVAS, Metasploit, Qualys)
  • Operate password hunting for Active Directory, LDAP, Windows Server, Linux, Oracle, MSSQL, Citrix and MySQL
  • Microsoft Office

07/2015 - 12/2015
Senior Security Analyst / Pen Test coordinator
AXA Konzern AG
Period Client/sector Company size
01.07.2015 - 31.12.2015 AXA Konzern AG > 100.000 employees

Senior Security Analyst / Pen Test coordinator

Pen Test coordination (internal application) and Group Reporting for the Group Pen Test Campaign
2015. Planning and setup Pen Tests with external providers, provider management and assessment of
risks. Detailed preparation and debriefing with stakeholders and support with deep technical
knowledge in the remediation phase. Perform lessons learned workshops after pen test activities.
Preparation of Management escalations and Risk Letters for findings with high risk or high priority,
communication from findings to SOC, external providers or to AXA Tech.

Qualys Guard vulnerability management:
Act as supporter for Pen testers with Qualys Guard Scans, Web application Scans and setup circular
BlackBox Tests (incl. monitoring) for non critical AXA Web Applications

10/2013 - 06/2015
Senior Security Analyst / Vulnerability Management
Period Client/sector Company size
01.10.2013 - 30.06.2015 AXA-Tech > 100.000 employees

Senior Security Analyst / Vulnerability Management

Global project supporting for Qualys Guard vulnerability management:
Establishment of a new Qualys Guard infrastructure and concept for circular vulnerability scans.
Detailed breakdown from the complete AXA Germany and AXA Belgium Network with the restructuring from
the existing appliance solution to a virtual environment. Rebuild new Qualys Assets and integrate
new processes for deployment and vulnerability scans. Maintenance and central contact for the Qualys
environment after the restructure.

Security support for Sub-Projects:
* Tracking from Audit Findings particular for high critical financial systems
* Architecture and Establishment of Privileged User Management Database for Windows, Linux,
VMWare, SQL and Oracle.
* Organizational measure to capture High Privileged Accounts
* Reporting, tracking and remediation of vulnerabilities, system hardening and patch management

01/2013 - 08/2013
Senior Security Expert
Deutsche Annington Immobilien SE
Period Client/sector Company size
01.01.2013 - 31.08.2013 Deutsche Annington Immobilien SE > 4.000 employees
(Heute: Vonovia)
Senior Security Expert

Establishment of security concepts and processes for the IPO (stock market launch), risk evaluation
and coordination Pen Testing.

* Active vendor management for the WAN/LAN/Security/Data Centre infrastructure (as support for
the service management)
* Installation, reduction and sizing for the MPLS/VPN connectivity
* IP Management (conception and planning) for all locations
* Change management
* Supporting the operational unit as 3rd level support (firewalling, network, BlueCoat Proxy SG,
reverse proxy (TMG) and F5 load balancers)
* Project lead for cross projects (Juniper SSL VPN migration from device SA4000 to MAG6611,
location moves, migration of the anti-virus solution to an external vendor / SaaS)

Products and standards:
* IT Security (Grundschutz, BSI, various security products)
* Juniper, Cisco
* Blue Coat, Squid
* McAfee
* Alcatel-Lucent VitalQIP

07/2012 - 12/2012
Senior Security Consultant Data privacy
Deutsche Telekom AG (ICM, IKS)
Period Client/sector Company size
16.07.2012 - 31.12.2012 Deutsche Telekom AG (ICM, IKS) > 200.000 employees

Senior Security Consultant Data privacy

Supporting and revision of various EPR Projects (main task: Security/Privacy concepts and
compliance, auditing the plausibility of concepts). Approver for authority of compliance and above
concepts incl. the SoCs (Statement of Compliance) for Group-wide operational standards. Consulting
for network security and infrastructure (security) solutions.

Period Client/sector Company size
01.06.2012 - 15.07.2012 various clients > 1.000 employees

Cloud Strategy / Evaluation for various clients

Consulting for various clients, evaluation of several cloud infrastructure solutions and IT
Security. Consulting for Data Centre strategy and cost optimisation, conception of the effort and
feasibility into a full managed service.

04/2012 - 05/2012
Security Infrastructure coordinator
Period Client/sector Company size
01.04.2012 - 31.05.2012 SIEMENS ATOS > 200.000 employees

Security Infrastructure coordinator

Analyse of a large ICT infrastructure environment, reporting of missing ICT functions to the ATOS
Board. Creating reports and processes in the area MDS (Mobile Device Service) and Endpoint Security.

07/2009 - 06/2011
Security Architect, International Data centre consolidation
T-Systems International
Period Client/sector Company size
07/2009 - 30.06.2011 T-Systems International (CZ, UK, NL) > 200,000 employees

Security Architect, International Data centre consolidation

* Migration of an existing data centre environment in the Czech Republic/UK/NL to a German cloud
* Conceptualisation of the data centre inter-connectivity / expansion of existing data centre
* Planning of new VLANs within the overall application structure
* Conceptualisation of firewalls, load balancers, reverse proxy environments
* Conceptualisation of application-specific network environments using AppCom / STS
* Process support for business blueprint / security / migration
* Planning and preparation of changes (firewall, load balancers, monitoring,...)
* Documentation of complex projects
* Decommissioning of legacy data centre connections and firewall systems
* IP connectivity planning (routing, firewall environment, IP address management)

Products and standards

* Baseline security requirements in accordance with Corporate Security Policy
* Cisco, F5, Juniper
* Network (routing, MPLS, ATM, SDH, VPN, DMZ, IPSec, BGP)
* Cloud computing (SaaS/PaaS, ESX, Citrix)

04/2008 - 07/2009
Sub-project management Security
Period Client/sector Company size
04/2008 - 09/2008 DHL > 200,000 employees

Sub-project management Security
* Sub-project management for a Client migration project (6,000 Users)
* In charge of the areas proxies, networks, firewalls, applications
* Supporting service management
* Preparation of security concepts and processes for an external service provider (T-Systems)
* Deactivation of legacy server systems and network landscapes
* Developing global server concepts
* Planning and migration of a proxy cluster (approx. 6,000 users)
* Modification of the security processes
* Preparation of changes (change management)
* Developing a JAVA PAC file for approx. 3,500 workplace systems
* Planning and matching of bandwidth requirements for the MPLS structure
* Matching of DNS and DHCP

Products and standards
* Checkpoint firewalls
* Network (network coupling, NAT zones, routing, MPLS, ATM)
* Citrix
* App-V (former SoftGrid)
* Proxy/Internet: Squid, Finjan Secure Web Gateway (content security)
* Directory services: Active Directory, LDAP
* Microsoft Project

08/2007 - 03/2008
Security management auditor for DEUTSCHE POST Management Board
Period Client/sector Company size
08/2007 - 03/2008 DEUTSCHE POST AG > 200,000 employees

Security management auditor for DEUTSCHE POST Management Board
* Auditing of IT and security projects (ITIL / CoBIT)
* Security management audits at a data centre of a service provider
* Preparing the audit
* Orientation of the control objectives to the corporate structure
* Kick-off, establishing the audit and the audit sphere
* Interviews with the specialist departments
* Weak-point analysis
* Auditing of authorisation processes
* Assessment of risks
* Recommending improvements
* Reporting to the Board

Products and standards
* Microsoft Office (PowerPoint, Word, Excel)

07/2006 - 07/2007
Service Manager Network / Security
DHL International / Deutsche Post AG
Service Manager Network / Security

05/2005 - 06/2006
Lead Network and Security Architect ESC
DHL International, ESC
Lead Network and Security Architect ESC

08/2003 - 04/2005
Firewall / Linux Administrator
Firewall / Linux Administrator


Weltweit verfügbar
Profilbild von Anonymes Profil, Verfügbar 30%: Senior Security Expert IT & OT | Security Operation Center | Schwachstellen Mngt. Verfügbar 30%: Senior Security Expert IT & OT | Security Operation Center | Schwachstellen Mngt.