About Me

I am an enthusiastic cybersecurity expert with a rich experience of over 6 years in supporting and managing clients through their individual cybersecurity journeys.

Cybersecurity expert with more than 6-years record of project management and leadership experience in areas such as cybersecurity audits and improvement strategies. Experienced both in IT and manufacturing security to adapt and lead cyber security activities in challenging environments. Focused on satisfying customer needs through robust, innovative and forward-thinking solutions.

1

Experiences

Cybersecurity Assessments​

Performed several information security / cybersecurity assessments using frameworks as ISO 2700x, NIST CSF, COBIT and BSI IT-Grundschutz resulting in an evaluated cybersecurity maturity scoring, recommendations and remediation actions such as ISMS implementation and improvement actions. Within the assessment areas such as Asset Management, GRC (Governance, Risk & Compliance), Supply Chain Risk Management, Identity Management, Authentication and Access Control, Date Security and Privacy, information protection Processes and Procedures, Anomalies & Events, BCM (Business Continuity Management), Incident and Response Management, Crisis Management were getting assessed. Projects varied from high-level assessments to detailed on-site assessments with technical evaluations.

Internal & External Cybersecurity Audits

I managed and was responsible for internal and external cybersecurity audits. Aside of audit planning, coordination and reporting I was also involved in control set definitions and control set mappings to meet customers’ requirements of the service provider. I acted as an external auditor and responsible manager for the Cybersecurity audit within the financial audit for several clients of various branches and industries, including German DAX 30 and M-DAX entities.

Technical Project Management

I supported several global pharma, finance and consumer-product clients with project management activities for cybersecurity and automation streams (familiar with planning methodologies, SDLC, tools

(like Jira, Confluence, MS Project) and by building the bridge between SMEs and business. Project management activities included tasks such as management reporting, identification and reporting of risks, stakeholder and resource management as well as milestone & time tracking. Additionally, planning and defining future projects considering budget, resources as well as communication and collaboration between projects and stakeholder were part of my previous projects. 

Cybersecurity Strategies & Organizational Setups

I acted as a responsible manager for the design and implementation of cybersecurity strategies and the setup of cybersecurity organizations for global clients of various branches and industries. Within the design phase of cybersecurity strategies we not only considered the current cyber security setup, but  also cyber security trends such as Zero Trust, SecDevOps or Cloud Security and upcoming security laws and regulations. Based on the defined strategy, we also restructured  cybersecurity organizations and underlying services and portfolios for global clients of various branches and industries. 

Operational Technology (OT) Assessment & Remediation Programs

I conducted several operational technologies assessment and therefore supported the client in evaluating the actual scale of potential business and production line impact with the existing environments. Developing OT security service structure of basic, intermediate and advanced security levels and recommending actions according to digitalization trends and business criticality. 

SOC Support

I supported several SOC departments in improving and extending their services and capabilities. We increased the resilience of different IT service groups by extending monitoring, SIEM and logging service offering and by identifying to be monitored systems and evaluating the GAP between to be monitored systems and the current degree of connections. We further conducted a SOC tool evaluation by identifying the degree of utilization of implemented solutions and their features resulting in an overview, which solutions could be used better and more intense, which tools are unnecessary and which features or modules need to be purchased in order to use the tools best possible. 

2

Skills

Cybersecurity Audits & Assessments

OT Security Assessments

Cybersecurity Strategies & Organizational Setup

Information Security Strategies & Implementations

Technical PMO & Project Coordination

Cybersecurity Risk Management

3

Certifications

Certified Associate in Project Management (CAPM)
Certified Associate in Project Management (CAPM)
Certified Project Management Professional (PMP)
Certified Project Management Professional (PMP)
Certified ISO 27001 Lead Auditor and Lead Implementer
Certified ISO 27001 Lead Auditor and Lead Implementer
ITIL foundation certified
ITIL foundation certified

4

Education

Bachelor of Science, Business Management

University of Applied Science Cologne, Major in Controlling & Taxation

Semester Abroad,
Business Economics

University of California, Santa Barbara Business Economics

Master of Science, FACT (Finance, Audit, Controlling & Tax)

University of Wuppertal, Ranked in Top 10% of class (ECS Grade: A)

5

Languages

German
Native Speaker 100%
English
Fluent 100%
Spanish
Beginner 30%

6

Resume