Profilbild von Anonymes Profil, IT-Sicherheit, Risiko-Management, Auditing, Compliance, Datenschutz
verfügbar

Letztes Update: 11.02.2023

IT-Sicherheit, Risiko-Management, Auditing, Compliance, Datenschutz

Abschluss: Master of Information Technology, ISC2 SSCP, CompTIA Network+ (until Feb 2021)
Stunden-/Tagessatz: anzeigen
Sprachkenntnisse: deutsch (gut) | englisch (Muttersprache)

Skills

2020: Successfully completed ISO/IEC 27001 compliance within 7 months and moved organisational processes and procedures from CMM 0-1 to CMM 2-3.

2022: Completed an ISO 27001:2013 implementation for an international client.

Currently ISMS ISO 27001 implementor lead, Head of Security for a startup and Senior Cyber Risk Consultant. 

---

Information Security
ISO27001, TISAX Certification process
ISMS Management
Security awareneness training
Policies, Procedures, Guidelines
GRC (Governance, Risk, Compliance)
Networking (VLAN, Firewalls, VPNs, etc)
Access Control and Access Management
Cloud / Google, AWS - EC2, Cloudwatch
SIEM (Elastic, Logstash, Kibana, etc) and logging
Splunk and logging
Penetration Test and Vulnerability Management
Secure Systems Engineering principles
ISO 27001 Lead Implementor
Knowledge in ISO 27001
Knowledge of GDPR

---

Networking:
CompTIA Network+ Certification (until February 2021)
Secure file transfer protocols (SFTP, FTPS, FTP, WebDAV for Sharepoint)

---

Auditing/Compliance - Log Collection and SIEM (Security Information and Events Management):
Secure log collection and log management concepts in relation to information security.
Secure file transfer concepts for auditing and compliance
Integrations with Rapid 7 InsightIDR, Splunk, ELK (Elastic Search, Logstash, Kibana, Beats), ArcSight, QRadar
GPG13, FIPS 140-2, HIPAA, ISO series, file integrity monitoring.

---

Technical Writing and Documentation:
Working with developers to create usable documentation aimed at a technical audience
Development of articles, whitepapers, blog posts, video scripts, and other content 
Documentation tools - RST, Sphinx, adoc 
Writing of a SIEM and log collection eBook
SOPs

---

Windows and Linux administration:
Windows Server administration
Windows log collection including IIS, Event Log, ETW, Windows DNS Server, Registry Monitoring, Active Directory
Windows log collection and hardening
Linux log collection and hardening

---

Project Management Tools:
Version Control – Git, Gitlab, Github
Tools – Mattermost, Slack, IRC, Trello, Kanban
Concepts – Scrum, Agile
Ability to work remotely with teams and in an international environment 

---

QA/Technical Support tools such as:
OS - Windows, Linux, MacOS, ChromeOS  
Remote monitoring and troubleshooting tools – ScreenConnect, TeamViewer
Software testing and QA (manual)

Projekthistorie

03/2022 - bis jetzt
Senior Cyber Security Risk Consultant
(Telekommunikation, >10.000 Mitarbeiter)


01/2022 - bis jetzt
Head of Information Security
(Marketing, PR und Design, 10-50 Mitarbeiter)


05/2021 - 02/2024
Information Security Officer
(50-250 Mitarbeiter)

* Protected systems by defining access privileges, control structures and resources in line with GDPR/DSVGO requirements.
* Developed mitigation strategies and controls to reduce overall risk.
* Coordinated and performed information security inspections, tests and reviews.
* Define and refine the cyber incident response plan, BCP and DRP.
* Led the internal and external Information Security compliance audits and assessments
* Participate in deployment of security technologies and program enhancements across endpoints and networks.
* Develop, maintain information security management framework (ISMS) according to ISO27001 standards.
* Define, refine and maintain information security policies and procedures.
* Perform technical assessments and triage security testing results.
* Develop the physical security policy,  and procedures.
* Develop and manage information security and privacy awareness program.
* Conduct hardware and software implementations and updates for information systems.
* Ensure information security risk controls are implemented and appropriately monitored throughout systems lifecycle.
* Implement and manage endpoint security.
* Monitored reports, systems, logs and alerted for suspicious activity.

06/2020 - 02/2021
Consultant, Technical Writing and Documentation (domain and DNS)
DomainTools LLC (Internet und Informationstechnologie, 50-250 Mitarbeiter)

Remote, contract role. Reported to the VP of Product. 

  • As the first dedicated technical writer, I expanded the documentation beyond product marketing. This required technical in-depth knowledge of DNS, Whois, networking and information security concepts in order to write for security administrators and developer audiences.
  • Produced a large body of work including API documentation (REST/JSON), User Guides integrating with the Splunk SIEM suite and User Guide for the flagship platform, Iris.
  • Worked with the developers (front-end lead, engineering manager) to finalize the technical aspects of the guide.
  • Researched the development of a new API infrastructure (OpenAPI/Postman) and to move the documentation infrastructure to an automated system (such as Asciidoc).
  • Published a 5-part series of posts on DNS and domain log collection, which led to 14,000+ views, 500+ click through to the links. 

API Documentation:

There were 23 API endpoints with existing API documentation which has been expanded in order to surface:

  • More information about the API parameters including the defaults spec, type of data used, the limitations of the valie which can be used.
  • Find potential defects and report the issue to the Front-End Lead.
  • Add missing API parameters that have not been documented.
  • Generate updated snippets of the different use cases of the API endpoints
  • Expanded and resurfaced the meaning of the JSON-formatted responses.
  • Expanded the list of use cases for the high traffic API endpoints

I worked with the Software Engineering Manager to determine which APIs to focus on initially, the SME (which can be the Lead Developer or the Engineering Manager) for the technical details. The documentation goes through review with the sales engineers and the Product lead.


09/2018 - 05/2020
Technical Evangelist
NXLog Ltd (Internet und Informationstechnologie, 10-50 Mitarbeiter)

NXLog is a multi-platform log management tool that helps to easily identify security risks, policy breaches or analyze operational problems in server logs, operation system logs and application logs.

Collaborating with a remote-only team to produce technical materials, and enhance existing material including documentation with concepts involving log collection (deployment, enrichment, parsing), auditing and compliance, Linux and Windows telemetry (including Windows DNS Server, Windows Event Log, ETW, IIS) and more.

Work on integration guides with other software including SIEM suites, and tools including Splunk, IBM QRadar, McAfee ePO and InsightIDR. The work including setting up InsightIDR on an EC2 instance and use of Windows and Linux (Ubuntu) servers to set up log collection integrations.

Communicate with the technical community on social media regarding log collection and related concepts on Reddit, StackExchange, Twitter and other Forums, including security research social media.

Lead the development of two campaigns - SIEM and DNS campaigns - leading to whitepapers, a SIEM log collection eBook, landing page, multiple articles and liaising with technical writer teams.

Links:

User Guide (various sections, mainly Integrations)

https://nxlog.co/documentation

Whitepapers

https://nxlog.co/whitepapers/reduce-data-size-cut-siem-costs

https://nxlog.co/whitepapers/windows-event-tracing

https://nxlog.co/whitepapers/dns-logging

https://nxlog.co/whitepapers/structured-logging

Technical Blog posts

DNS Log Collection:

https://nxlog.co/dns-log-collection-and-parsing

https://nxlog.co/dns-log-collection-on-windows

https://nxlog.co/dns-log-collection-on-linux

Other:

https://nxlog.co/how-centralized-log-collection-help-siem

https://nxlog.co/send-etw-logs-to-splunk

https://nxlog.co/owasp-top10

https://nxlog.co/why-you-need-file-integrity-monitoring

https://nxlog.co/agent-based-versus-agent-less

https://nxlog.co/windows-event-forwarding

https://nxlog.co/owasp-top10-2017

Landing Pages

https://nxlog.co/eventlog-to-syslog

Guest post on opensource.com:

https://opensource.com/article/19/2/reducing-security-risks-centralized-logging


08/2019 - 01/2020
Consultant
Vindler GmbH (Internet und Informationstechnologie, 10-50 Mitarbeiter)

Implementing/planning security measures on Windows , Linux, cloud, virtualization

10/2016 - 08/2018
Secure File Transfer Administrator / Technical Consultant
Pro:Atria (Internet und Informationstechnologie)

  • Worked with a remote team of developers to deliver secure file transfer solutions. 
  • Improved the technical documentation aimed at system and network administrators. 
  • Wrote articles and guides aimed at administrators on topics around security, infrastructure, client/server-side software use, and auditing and compliance (GPG13, FIPS 140-2, HIPAA, ISO series). 
  • Reviewed secure file transfer software (client and server) through manual testing with the QA team. 
  • Provided technical sales and support to customers – mainly network and system administrators, architects and other support technicians. Provided support for secure file transfer queries regarding audit trails, compliance, secure file transfer architecture and solutions. 
  • Worked on troubleshooting issues on Microsoft Windows Server Editions, UNIX (IBM AIX, HP-UX, Solaris) Linux (SuSe (SLES), RedHat (RHEL), Ubuntu, Debian, Gentoo), MacOS, virtual environments (VMWare, VirtualBox, Docker) and clustered environments. 
  • Worked on troubleshooting issues utilizing knowledge of protocols FTP/S, SFTP, SCP, HTTP/S, WebDAV. 

Links

User Guide

Online https://www.sftpplus.com/documentation/sftpplus/latest/

Repo https://github.com/proatria/sftpplus-docs

Note: The git history of the repo indicates that a major import event occurred, meaning history before 2019 is not shown.

API Documentation

https://www.sftpplus.com/documentation/sftpplus/latest/developer/index.html (only for the HTTP API sections)

Technical Blog Posts

https://www.sftpplus.com/articles/2018/sftpplus-ipv6-readiness-article.html

https://www.sftpplus.com/articles/2018/sftpplus-securing-file-transfers-with-third-parties.html

https://www.sftpplus.com/articles/2018/sftpplus-best-protocols.html

https://www.sftpplus.com/articles/2018/sftpplus-ha-resiliency-intro.html

https://www.sftpplus.com/articles/2018/sftpplus-hardeningconfig-sweet32.html

https://www.sftpplus.com/articles/2018/sftpplus-exchange-sftp-server-client.html

https://www.sftpplus.com/articles/2018/sftpplus-oiac-asd-ism.html

https://www.sftpplus.com/articles/2018/sftpplus-data-loss-prevention.html

https://www.sftpplus.com/articles/2018/sftpplus-3330-security.html

https://www.sftpplus.com/articles/2018/sftpplus-mft-security-scan-post.html

https://www.sftpplus.com/articles/2018/sftpplus-business-continuity-article.html

http://web.archive.org/web/20180613000942/http://sftpplus.com/ (for authorship byline)


Reisebereitschaft

Verfügbar in den Ländern Deutschland

Sonstige Angaben

DE
  • Deutsch B1+
EN
  • Learning German B1+
Profilbild von Anonymes Profil, IT-Sicherheit, Risiko-Management, Auditing, Compliance, Datenschutz IT-Sicherheit, Risiko-Management, Auditing, Compliance, Datenschutz
Registrieren