Profilbild von Daniel Juentgen IT Security Expert / Analyst | Information Security | Projektmgr | Business Analyst | Prozessberater aus MuelheimanderRuhr

Daniel Jüntgen

verfügbar

Letztes Update: 28.05.2024

IT Security Expert / Analyst | Information Security | Projektmgr | Business Analyst | Prozessberater

Firma: Jüntgen Consulting
Abschluss: nicht angegeben
Stunden-/Tagessatz: anzeigen
Sprachkenntnisse: Deutsch (Muttersprache) | Englisch (verhandlungssicher)

Dateianlagen

JCon-Beraterprofil-Daniel-Juntgen-de_270324.pdf
JCon-Beraterprofil-Daniel-Juntgen-en_270324.pdf

Skills

ISTQB Certified Testing, Testmanagement. TMAP Certified Testing HPQC, HP Quality Center ALM, Jira, Blackbox Test, Schnittstellentest, Testfallspezifikation, Testdokumentation, Bugtracking, Reporting, Testausführung, Testkoordination, Testmanagement, Testkonzeption, Testplanung, QS Planung, IBM Rational QualityManager, IBM Clearquest, Remedy, Review, Test Beratung, Kommunikation, Sepa, Wizard, Oracle Siebel CRM, ISO2700x, ISO27001, CSC CIS, Schwachstellen, VAIT; DSGVO, EU-DSGVO, Schwachstellenscan, Schwachstellenanalyse, Schwachstellenmanagement, IT Governance, IT Compliance, Kibana,XML, bash, logstash, kafka, elastic search, phyton, BSI Grundschutz, Grundschutz BSI Grundschutz neu,test,testing,sw test,software testing

Projekthistorie

04/2024 - bis jetzt
Security Consultant
TSO / Übertragungsnetzbetreiber (Energie, Wasser und Umwelt)

ISO27001, ISO27019, IEC62443, IEC62351, BDEW Whitepaper

11/2023 - 03/2024
Security Consultant
Bauwirtschaft (Industrie und Maschinenbau)

In a first, immediate step after the asset inventory and the network infrastructure was determined, an effective
separation of IT & OT is to be accomplished. Furthermore, this project is the first phase of a significant
transformation of the IT and network landscape.
▪ Review and collaboration on the RfP proposal and corresponding presentation slides
▪ Preparing and conducting on-site workshops to determine the current situation
▪ Collaboration in the protection requirements analysis
▪ Vulnerability scans and analysis for servers, services and applications in operation
Used tools/Frameworks: MS Office, SharePoint, ISO2700x, BSI 200-2

11/2023 - 12/2023
Project Manager
Lebensmitteleinzelhandel (Konsumgüter und Handel)

Preparing the migration of two types of Linux server providing data hub and archiving functionalities for a
company group in all 70 locations over 8 countries planned to be done in 2024.
▪ Communication to internal stakeholder of the project
▪ Status reporting and presentation
▪ Coordination of and Governance for external contractors
▪ Escalation management within the program to corresponding responsible (and/or accountable) roles.
▪ Preparation of timely and budget planning for the project and the rollout plan for the usecases
▪ Defining a target environment for the archiving and datahub purposes
▪ Alignment with and coordination of related internal and external responsible parties
Used tools: MS Office, SharePoint, Jira, ServiceNow

07/2023 - 12/2023
Consultant
Retail (Konsumgüter und Handel)

▪ Working out tenders for different post project activities including future MSP operation activities
▪ Alignment with involved technical departments and teams regarding particular requirements and demands.
▪ Alignment with procurement department for relevant activities and general conditions for tender
▪ Alignment with to be involved stakeholder to project activities.
Used tools: MS Office, SharePoint, Jira, ServiceNow

05/2023 - 11/2023
Security Consultant
Service Provider (Internet und Informationstechnologie)

▪ Definition of policies and directives according to best practices and available standards based on the
evaluated gaps of the company.
▪ Defining policies and directives for SecSDL, Logging and SIEM, Patchmanagement, etc.
▪ Review and reworking of policies and directives
Frameworks used: ISO2700x, NIST, OWSAP, SANS, MITRE ATT&CK, CIS

07/2023 - 10/2023
Stakeholder Management / Project Manager
Lebensmitteleinzelhandel (Konsumgüter und Handel)

▪ Identifying to be involved stakeholder.
▪ Alignment with involved or to be involved stakeholder to project activities.
▪ Aligning and documenting on governance approvals with stakeholder for the program/project
▪ Maintaining project documentation in preparation for corresponding and upcoming migrations
▪ Communication to stakeholders referring to planned migrations.
Used tools: MS Office, SharePoint, Jira, ServiceNow

07/2023 - 10/2023
Project Manager
Lebensmitteleinzelhandel (Konsumgüter und Handel)

Centralization of (decentral) on premises hosted application to Azure (AVS) hosted datacenters for a company
group (70 locations, 8 countries) including all subsidiaries. Considering all applications not descoped by technical
or security reasons to be migrated and handing over operation to defined MSP including the implementation of a
new backup solution (veeam).
▪ Managing of related subprojects to migrate different applications in several countries hosted on premises.
▪ Communication to internal stakeholder of the project / steering committee
▪ Alignment with and coordination of related internal and external responsible parties
▪ Project planning, status reporting and presentation
▪ Alignment and creation of decision templates, changes and demands and execution of those
▪ Coordination of and Governance for external contractors
▪ Escalation management within the program to corresponding responsible (and/or accountable) roles.
▪ Tracking of the timely and budget processing of the project
Used tools: MS Office, SharePoint, Jira, ServiceNow

01/2021 - 06/2023
Project Manager
Lebensmitteleinzelhandel (Konsumgüter und Handel)

Centralization of decentral hosted fileservers in each of the regional companies used for providing user home
shares, collaboration data and application data within the stand-alone-companies to cloud based central service
in Microsoft environment. The new TOM for user home drive is OneDrive to which the personal data will be
migrated to, for the collaboration data the data will be migrated to SharePoint Online with a new Role Based Access Control Model based on the obtained data in cooperation with the (national) IT and HR departments. For the application
data the azure file server is planned to use in a lift and shift approach with probably post project transformations
▪ More than 70 locations in 8 countries with approx. 90 TB of Data
▪ Migration to MS OneDrive and SharePoint Online
▪ Gathering as is information from country- & subsidiaries and local responsibles
▪ Working on and creating organizational structures and orgcharts for new RBAC Implementation
▪ Tracking of the timely processing of the project
▪ Working on project tenders for contractors
▪ Evaluation of contractors based on tenders
▪ Status reporting and presentation
▪ Coordination of migration “rollouts”
▪ Coordination and Governance for external contractors
▪ Coordination of tasks and decisions with the country subsidiaries.
▪ Planning of workshops & moderation
▪ Documentation of as is situation and working out a migration path

01/2022 - 10/2022
Project Manager
(Versicherungen)

▪ Technical and procedural documentation of the changes and handover to operation
▪ Planning and evaluating of a suitable solution and implementation afterwards.
▪ Steering of and contact person for the external supplier in case of questions
▪ Planning of workshops & moderation
▪ Reporting to C-Level

10/2021 - 10/2022
Project Manager
(Versicherungen)

▪ Contact person for suppliers and specialist groups in case of questions
▪ Collaboration in the planning of milestones and timeframes for the implementation of lifecycle topics
▪ Supporting the creation of highlevel and implementation procedures
▪ Verification of requirements and assumptions on the part of Customer
▪ Support of the pilot & tests for the implementation of the HW BLC replacement
▪ QA acceptance documentation
▪ Planning of migration waves (application groups) for migration of applications
▪ Planning of migration waves for migration of Windows2012 Servers to latest OS Gen.
▪ Control and follow-up of the implementations by PV / project team members
▪ QS reporting of progress
▪ Maintenance of necessary change data in CMDB, etc.
▪ Technical and procedural documentation of the changes and handover to Operation

03/2020 - 10/2022
Project Manager
Lebensmitteleinzelhandel (Versicherungen)

▪ Creation of a business case to illustrate the possible options in terms of implementation time and the
associated costs and risks.
▪ Realization of the business case with the goal to dismantle all Windows 2008 legacy systems to the expiry
date of the ESU licenses in 01/23.
▪ Coordination of inhouse operation staff and sourcing provider.

01/2020 - 12/2021
Vulnerability-, Patch- & Compliance Manager on the staff of the Board (C-Level)
(Versicherungen)

▪ Developing and providing support all I&O departments on security breaches, vulnerability remediation,
security patch management and security compliance
▪ Define product vision by translating the technology and business strategy into a consistent set of product
objectives and targets with specific focus on security and risk reduction in order to protect I&O
infrastructure, products and ser-vices from internal/external cyber-at-tacks
▪ Manage the product evangelization, presales and post-sales, defining product direction based on the
changing security threat landscape /technology/ market adoption/evolution in collaboration with customers
and tech. leadership
▪ Own and participate in the creation of the technology vision for I&O from a Security PoV.
▪ Identify journeys’ / product key capabilities and features required to evolve towards the technology vision
and deliver expected strategy outcomes, facilitate Product Line teams.
▪ E2E ownership of the “Infrastructure Vulnerability Management” measures to be taken by I&O based on
(Group IT Security) vulnerability reports and findings (analyze findings, define and align measures with
operations line of business and Security
▪ C-level Consulting

10/2020 - 09/2021
Vulnerability- & Patch Manager and Strategy & Process Consultant
(Versicherungen)

▪ Enhancing manual and legacy processes. Driving processes to be automated and increasing effectiveness by
decreasing manual effort.
▪ Support building up new Vulnerability Management Group in I&O to work on vulnerabilities found by Security & Vulnerability Scan department.
▪ Support Teams to decrease found vulnerabilities by driving escalations and doing overarching coordination
work within i&o and security if needed.
▪ Consultancy of leadership with personal & vulnerability strategic decisions.
▪ Reporting of measurements and vulnerabilities

09/2020 - 01/2021
Consultant / Project Manager
Lebensmitteleinzelhandel (Konsumgüter und Handel)

▪ Design and definition of new processes in context of the MS Exchange implementation such as request of
permissions for (shared) mailboxes and general mailboxes for users or distribution lists and further.
▪ Operationalizing of defined processes and implementation in ITSM environment
▪ Creation of RBAC concept and documentation
▪ Hands on doing in project (creation of rules within owa, etc)
▪ Coordination of tasks and decisions with the country subsidiaries.

06/2020 - 08/2020
Process & Strategy Consultant, Patch Manager
(Versicherungen)

▪ Analysis of old processes in patch management topics and the target of patch management is to be applied
in the future.
▪ Design and definition of new processes to enhance patch management workflows. Enabling old processes
which are not in place and enhancement of those.
▪ Alignment of new processes with Global IT Security - Vulnerability Management Team to ensure
sustainability of the processes defined.

08/2019 - 01/2020
Project Manager
(Versicherungen)

Increase vulnerability scanning effectiveness by rolling out scan agents in the Windows and Linux server
infrastructure (~5,000 servers) across all zones and stages of the enterprise, while reducing network load and
usage of highly privileged users for the remote scanner infrastructure.
▪ Requirements engineering
▪ Coordination of the implementation (stagebased deployment / rollout) and the team
▪ Coordination of the VM procurement
▪ Development and implementation of necessary processes
Tools used, languages: MS Office, tenable Nessus Manager, Tenable

07/2019 - 12/2019
Vulnerability & Patch Manager, Process & Strategy Consultant
(Versicherungen)

▪ Determining solutions for processing and closing of audit findings
▪ Determining solutions for closing vulnerabilities (Findings vulnerabilities scanner)
▪ Establishment of sustainable processes
▪ Patch management/-optimization
Process tasks
▪ Requirements assessment of processes in the area of vulnerability and incident management
▪ Process design and redesign in the area of vulnerability and incident management
▪ Introduction and establishment of more effective ways of working in different groups
e.g. transparency about and reduction of work-in-progress for IT operations
Coordinative tasks
▪ Mediation between IT security and IT operations
▪ Review of vulnerability reports
▪ Identification of asset managers
▪ Assignment of the vulnerabilities to the identified asset managers
▪ Tracking of the timely processing of vulnerabilities
▪ Coordination of mitigation rollouts / configuration adjustments
▪ Creation of status reports
▪ Incident & Problem Management
▪ Planning of workshops & moderation
▪ Evaluation of a vulnerability management solution
Operational and technical tasks (in cooperation with other external service providers)
▪ Examination and evaluation of vulnerabilities for false positives
▪ Examination of the applicability of recommended remedial actions
▪ If necessary, consideration of alternative remedial measures
▪ Test/documentation of the respective remedial measures
▪ Implementation of remedial measures or application for risk acceptance

02/2019 - 06/2019
IT Security Consultant
(Versicherungen)

▪ Evaluation of a suitable visualization framework (RStudio)
▪ Definition & coordination of key figures with the ISO organization
▪ Definition & coordination of threshold values and measures with the ISO organization
▪ Professional and technical conception on the basis of the requirements
▪ Topics for ComplianceGate: Vulnerabilities Scan, DLP, IAM, PAM, Asset Inventory, etc.
▪ Security concept incl. threat modelling
▪ Documentation/compilation of operating manual
▪ Implementation of data aggregations (Kibana)

11/2017 - 06/2019
IT Security Consultant, Vulnerability / Schwachstellen Management
(Versicherungen)

▪ Maintenance, operation and further development of the vulnerability scanner
▪ Vulnerability management
▪ Vulnerability scans
▪ Vulnerability analysis
▪ Security Incident Management
▪ Reporting
▪ Documentation (creation/maintenance of the installation and operating manual)
▪ Process consulting and optimization
▪ Connection to central log management

09/2018 - 02/2019
IT Security Consultant
(Versicherungen)

▪ Development of a network infrastructure for the provision of services: Vulnerabilities Scan and penetration
testing to reduce network load and increase efficiency (coverage of previously known and tested network
segments increased by direct access to all VLANs)
▪ Process consulting and design
▪ Project and network documentation
▪ Documentation/ Preparation of operating and installation manual
▪ Security Concept incl. Threat Modelling

02/2018 - 10/2018
Consultant IT Security & SIEM
(Versicherungen)

▪ Definition & coordination of key figures with business unit and business owner (VulScan, DLP, IAM, PAM,..)
▪ Definition & coordination of measured values for the presentation of compliance (VulScan, DLP, IAM, PAM,..)
▪ requirements analysis
▪ Professional and technical conception on the basis of the requirements (VulScan, DLP, IAM, PAM,..)
▪ Technical implementation
▪ Formulation of Compliance & Security Use Cases (VulScan, DLP, IAM, PAM,.. )
▪ Implementation of data aggregations with ElasticSearch
▪ Visualization of data aggregations with Kibana
▪ Evaluation & connection of data suppliers to the log platform
▪ Enhancement of Python Scripts
▪ Development of Bash / Shell scripts
▪ Log data analysis
▪ Development of threshold logics and evaluations using Elastic Watcher & Painless Script

02/2015 - 12/2017
Consultant / Test Analyst
Video-on-Demand (Medien und Verlage)

▪ Test case identification and test specification/design according to ISQTB
▪ Test documentation
▪ Execution and analysis of the software tests
▪ Bug tracking
▪ Mobile testing (iOS)
▪ Test status reporting

12/2016 - 11/2017
Business Analyst / Consultant / Subproject Manager
(Versicherungen)

▪ Requirements analysis
▪ Creation of technical and functional concepts
▪ Test management
▪ Test analysis & conception
▪ Mobile testing (iOS)
▪ Document testing
▪ End2End testing
▪ Reporting test state
▪ Test process improvement
▪ Consulting in agile work according to SCRUM

07/2015 - 11/2016
Consultant / Test Analyst / Business Analyst
Lebensmitteleinzelhandel (Konsumgüter und Handel)

▪ Requirements analysis
▪ Preparation of technical / solution concepts for requirements
▪ Creation of Release Notes and User Manuals
▪ Test case identification and test specification/design according to ISQTB
▪ Determination of regression tests
▪ Execution, documentation and analysis of the software tests
▪ Bug tracking
▪ Test Status Reporting
▪ Acceptance test support
▪ Consulting test approach, test procedure, test process (improvement)

04/2015 - 07/2015
Consultant / Test Manager
Elektronikeinzelhandel (Konsumgüter und Handel)

▪ Test management / test coordination
▪ Control of nearshore test teams (Romania)
▪ Control test team & test orders
▪ Creation of documentation and user manuals
▪ Bug tracking
▪ Test status reporting
▪ Acceptance test support
▪ Test environment coordination

12/2014 - 03/2015
Consultant / Test Manager
(Telekommunikation)

▪ Release Test Management
▪ Test Status Reporting
▪ Control Test Manager & Offshore Test Team
▪ Control (offshore) Test projects (India)
▪ Test environment management / coordination / planning
▪ Bug tracking
▪ QS/test planning
▪ Load test coordination

Zertifikate

Industrial Cybersecurity Foundation (Level 1) nach IEC 62443
TÜV Süd
2024
IT Information Security Practitioner (IT ISP)
ISACA
2018
Nessus Certificate of Proficiency
Tenable
2018
Professional Scrum Master
Scrum.org
2016
Professional Scrum Product Owner
Scrum.org
2016
ISO 27001 - Foundation Level
TÜV Sued
2016
ISO 27001 - Information Security Officer
TÜV Sued
2016
ISO/IEC 27000 ISMS Auditor (Teilnahmebescheinigung)
mITSM
2016
ISTQB - Certified Tester Advanced Level - Test Manager
iSQI
2013
TMap NEXT® Test Engineer
EXIN
2011
ISTQB - Certified Tester Foundation Level
iSQI
2011

Reisebereitschaft

Verfügbar in den Ländern Deutschland
Gerne International: remote bevorzugt Alternativ DACH - national bevorzugt Raum Düsseldorf

exali IT-Haftpflicht-Siegel (Sondertarif für Freelancermap-Mitglieder)

Das original exali IT-Haftpflicht-Siegel bestätigt dem Auftraggeber, dass die betreffende Person oder Firma eine aktuell gültige branchenspezifische Berufs- bzw. Betriebshaftpflichtversicherung abgeschlossen hat. Diese Versicherung wurde zum Sondertarif für Freelancermap-Mitglieder abgeschlossen.

Versicherungsbeginn:
01.01.2018

Versicherungsende:
01.01.2026

Profilbild von Daniel Juentgen IT Security Expert / Analyst | Information Security | Projektmgr | Business Analyst | Prozessberater aus MuelheimanderRuhr IT Security Expert / Analyst | Information Security | Projektmgr | Business Analyst | Prozessberater
Registrieren