Upgrade Projekt einstellen
Profilbild von Florian Maass IT Security Berater aus Schwalbach

Florian Maaß

Schwalbach
verfügbar

Letztes Update: 04.12.2023

IT Security Berater

Firma: threategic GmbH
Abschluss: Fachabitur "Kaufmännische IT", Ausbildung zum IT Kaufmann
Stunden-/Tagessatz: anzeigen
Sprachkenntnisse: deutsch (Muttersprache) | englisch (verhandlungssicher)

Schlagwörter

Informationssicherheit Certified Information Security Manager Information Governance It-Risikomanagement Informationssicherheitsmanagement Iso 2700X Informationssicherheits-Managementsystem SSCP Risikomanagement

Skills

I am a highly organised, motivated, and self-sufficient Information Security Consultant with experience in a broad selection of areas within Information Security. I am expanding my knowledge to as many different areas as possible to be able to look at Information Security as a whole, not as a tiny picture in a frame. This, and great skills in teamwork, amazingly fast learning and able to adapt to any situation, makes me a great extension to any team or project.

Skills
  • Risk Management & Assessments
  • Information Security Governance
  • Project Coordination
  • Information Security Officer
Certifications
  • CISM
  • SSCP
  • ISO27k1 foundation
  • ITIL foundation
  • Azure Fundamentals (AZ900)

Projekthistorie

04/2022 - bis jetzt
IT Risk Management & Assessment Coordination
Financial Service Provider (Banken und Finanzdienstleistungen, 500-1000 Mitarbeiter)

As part of a BaFin Finding the project is directed to complete risk assessments for all critical applications and infrastructure. Due to the time criticality the customer required additional manpower and know-how to achieve the objectives accordingly. I was integrated into the existing team to review completed assessments before submitting them but also to support assessors to fulfill their task of creating the required documentation and to support the team to develop processes and how-to’s to enhance the overall project quality.

Key Qualifications & Responsibilities

  • Review risk assessments and discuss the results with asset owners.
  • Support asset owner on their task to create documentation and answer the control requirement catalogue.
  • Develop and enhance procedures and processes in the coordinating team to improve performance and communication for the project.
06/2022 - 08/2022
Cloud Solution Architect
Holding Company (Sonstiges, < 10 Mitarbeiter)

Planning, Evaluation, Conception, Testing and Implementation of two separate cloud-based solutions. One solution is targeting an archive storage solution with maximal focus on anonymity and security. The second solution is an active productive environment including mail exchange, storage and IAM for the employees of the costumer.

Key Qualifications & Responsibilities

  • Conducting sufficient market analysis to select suitable vendor and provider
  • Planning and Conception of the final environment based on the costumer preferences.
  • Implementation of the infrastructure including all required software and hardware installation.
  • Documentation and Hand-Over to finalize the project.
  • Self-Sufficient Project Management
01/2021 - 03/2022
Information Security Governance & Risk Reviewer
Financial Service Provider (Banken und Finanzdienstleistungen, 1000-5000 Mitarbeiter)

The customer increased its maturity of cyber security a lot over the last years, rolling out new standards and policies for all entities within its scope. As it is now time to ensure the compliance with those standards all entities are required to self-assess the compliance status and our job is to review these assessments and manage the risk register accordingly.

Key Qualifications & Responsibilities

  • Working remotely and self-sufficient on reviewing self-risk-assessments.
  • Workload management is done by each ISGR review separately. I must balance criticality of assessments, workload and number of assessments with the time available.
  • Working with tight schedules and deadlines under high-pressure.
02/2021 - 03/2021
IT Infrastructure Architect
IT Service Provider (Internet und Informationstechnologie, < 10 Mitarbeiter)

The goal of this project was to provide a fully functional Infrastructure based on Office 365. Due to the size of the costumer MS Azure was not the go to solution. I used the available functionality of Office 365 to provide:

  • A simple Sharepoint Page as Information Gateway to employees and contractors.
  • A cloud storage with role-base access mode.
  • Mailboxes and Certificates
11/2019 - 11/2020
Technology Service Analyst / Project Coordination
Global Financial Service Provider (Banken und Finanzdienstleistungen, >10.000 Mitarbeiter)

I was part of a team responsible for a new developed Application Connectivity Request System. I was coordinating multiple subprojects, teams, and corresponding stakeholders. As this tool is a huge security gate there was a lot of pressure timewise and content wise. I was responsible for a team working on a subproject which consolidated all common services into one configuration.

Key Qualifications & Responsibilities

  • Communication between project teams, clients, and CIO.
  • Coordination of different teams with different topics, documentation of meetings, capturing and follow-up of progress and communication of solutions to stakeholders.
  • Development of logical solutions to different problems, co-ordination of realization of those solutions.
04/2018 - 11/2019
Information Security Officer
Automotive Supply Industry (Automobil und Fahrzeugbau, >10.000 Mitarbeiter)

Our team replaced the Security Information Team in the headquarters of this global concern with more than 80 sub businesses. We took over the implementation of an ISMS to parts of that concern and developed a Information Security Strategy and Program in alignment with the Business Strategy.
I was also responsible for the global implementation of self-assessment tool to capture the information security situation for the whole concern.

Key Qualifications & Responsibilities

  • Development of an Information Security Strategy and Program in alignment with the business goals.
  • Advising the headquarters on all Information Security relevant topics.
  • Supervising the development of a self-assessment tool in Kansas City USA and the global roll-out.
  • Coordination of a global Information Security Self-Assessment in alignment with ISO/IEC 27001.

Zertifikate

ISMS Security Officer (ongoing)
ICO
2023
Certified Information Security Manager
ISACA
2019
ISO 27001 Foundation
TÜV Süd Akademie
2019
System Security Certified Practitioner
ISC²
2018

Reisebereitschaft

Weltweit verfügbar
Primarely remote
Frankfurt Area full-time on-premise possible
Germany partially on-premise possible.
Profilbild von Florian Maass IT Security Berater aus Schwalbach IT Security Berater
Registrieren