09.10.2025 aktualisiert
100 % verfügbar
Cyber Security Expert • ISMS Auditor • BSI IT-GS Praktiker • ITIL Expert • IT-Trainer • IT-Gutachter
Frankfurt am Main, Deutschland Computer Science / Cyber Security Expert
Über mich
Exceptionally driven and skilled cybersecurity and IT service management professional with a prooven industry track record and various top-level certifications in the field of information security, risk management, data privacy, IT service management as well as project and process management.
Skills
Cyber securityISO 27001 AuditorISO 20000 AuditorIT Service ManagementGovernanceCOBIT 5ITILITSMISO 27001BAITIT AuditIT SachverständigerDLPData Loss PreventionIT GutachterISMSITIL ExpertBAITDORANIS2IT-SIGRegulatory CybersecurityNIST Information Risk Management
Highly skilled and experienced Cybersecurity and IT Service Management professional with extensive expertise in the design, implementation, and audit of secure IT architectures, Information Security Management Systems (ISMS), and regulatory compliance frameworks. Proven track record in complex and highly regulated enterprise environments, particularly within the banking and financial services sector.
Over the course of my career, I have led and supported critical cybersecurity initiatives and projects in collaboration with key functions such as Regulatory Compliance, IT Governance, Internal Audit, Data Protection, Security Engineering, Identity & Access Management (IAM), and Security Operations.
In addition to my project work, I bring long-standing experience as a driven cybersecurity lecturer and trainer at leading academic and professional institutions, where I deliver advanced, hands-on instruction in information security to diverse audiences.
- Key Qualifications & Certifications:
- BSI IT-Grundschutz-Practitioner
- State-certified Computer Science Expert
- BISG certified IT Assessor/Expert for Cybersecurity
- CISSP – Certified Information Systems Security Professional
- M_o_R Risk Management Practitioner
- TÜV certified Data Privacy Officer (GDPR/DSGVO)
- ISO/IEC 27001 – Information Security Officer & ISMS Auditor
- ISO/IEC 20000 – Consultant/Management & ITSM Auditor
- COBIT 5 Implementer (Enterprise IT Governance)
- ITIL v3 Expert in IT Service Management
- Relevant Industry Experience:
- Telecommunication
- Information Technology
- Customer Goods & Retail
- Transportation & Logistics
- Banking / Financial Services
- Academic and education sector
Sprachen
DeutschMutterspracheEnglischverhandlungssicherGriechischgut
Projekthistorie
Synopsis
External cybersecurity expert assessor for competence and conformity assessments of notified bodies within the framework of the RED Radio Equipment Directive (Radio Equipment Directive) FuAG/RL2014/53/EU.
External cybersecurity expert assessor for competence and conformity assessments of notified bodies within the framework of the RED Radio Equipment Directive (Radio Equipment Directive) FuAG/RL2014/53/EU.
Synopsis
Training of IT specialists in the fields of system integration, digital networking and application development in IT security and data protection, as well as penetration tests. The training is aimed at IT specialists who are
Technology
Kali Linux, Armitage, Metasploit Framework, NMAP, Hashcat etc.
Teaching activities
▪ Fundamentals, drivers, benefits and roles in information security
▪ Fundamentals of information security management systems (ISMS)
▪ Fundamentals of data protection (new BDSG, GDPR) Rights of data subjects,
sensitive personal data, data protection exercises)
▪ National and international cybersecurity frameworks and standards
(ISO/IEC: 27001:2022, BSI IT-Grundschutz Compendium and Building Blocks)
▪ Cybersecurity legislation (IT Security Act, IT-SiG 2.0, BSI-KritisV)
▪ Cybersecurity regulations (BaFin banking supervisory requirements for IT)
▪ Cybersecurity governance and information security risk management
▪ Cybersecurity personal certifications ISACA, ISC², TÜV, DEKRA, EC-Council
▪ Practical exercises in the virtual lab with Kali Linux, Metasploit Framework
and Armitage, network port scans (Nmap), hash cracking (Hashcat)
▪ Expansion of the Metasploit Framework through implementation
of additional payloads using Python modules (exploit libraries)
▪ Leading group work to develop and present
relevant cyber attacks to strengthen ‘cyber awareness’
Training of IT specialists in the fields of system integration, digital networking and application development in IT security and data protection, as well as penetration tests. The training is aimed at IT specialists who are
Technology
Kali Linux, Armitage, Metasploit Framework, NMAP, Hashcat etc.
Teaching activities
▪ Fundamentals, drivers, benefits and roles in information security
▪ Fundamentals of information security management systems (ISMS)
▪ Fundamentals of data protection (new BDSG, GDPR) Rights of data subjects,
sensitive personal data, data protection exercises)
▪ National and international cybersecurity frameworks and standards
(ISO/IEC: 27001:2022, BSI IT-Grundschutz Compendium and Building Blocks)
▪ Cybersecurity legislation (IT Security Act, IT-SiG 2.0, BSI-KritisV)
▪ Cybersecurity regulations (BaFin banking supervisory requirements for IT)
▪ Cybersecurity governance and information security risk management
▪ Cybersecurity personal certifications ISACA, ISC², TÜV, DEKRA, EC-Council
▪ Practical exercises in the virtual lab with Kali Linux, Metasploit Framework
and Armitage, network port scans (Nmap), hash cracking (Hashcat)
▪ Expansion of the Metasploit Framework through implementation
of additional payloads using Python modules (exploit libraries)
▪ Leading group work to develop and present
relevant cyber attacks to strengthen ‘cyber awareness’
Synopsis
Planning, design, project management, commissioning, operationalisation and an audit-compliant DLP solution for ‘Data-InMotion’ and ‘Data-At-Rest’ monitoring
Interfaces
Close cooperation with local and global infrastructure, network and cybersecurity teams as well as the departments
of compliance, data protection and audit.
Technology
Broadcom/Symantec, Oracle 19c, RHEL 8, Windows Server 2019, MS MIP, SharePoint, JIRA, Nessus, Confluence, IAM-Tools
Planning, design, project management, commissioning, operationalisation and an audit-compliant DLP solution for ‘Data-InMotion’ and ‘Data-At-Rest’ monitoring
Interfaces
Close cooperation with local and global infrastructure, network and cybersecurity teams as well as the departments
of compliance, data protection and audit.
Technology
Broadcom/Symantec, Oracle 19c, RHEL 8, Windows Server 2019, MS MIP, SharePoint, JIRA, Nessus, Confluence, IAM-Tools
Zertifikate
Certified Information Systems Security Professional (CISSP)
International Information System Security Certification Consortium (ISC²)2018