Career Path
Deputy Head Security Technology
1. January 2021
DCSO Deutsche Cyber-Sicherheitsorganisation GmbH π
Team & Service “Security Technology (ST)” π
- Deputy leadership of the unified analyst team after restructuring
- Increased focus on operational client projects in the field of cyber security (including for DAX30 corporations and federal authorities)
- Scouting and evaluation of innovative cyber security solutions for use in enterprise environments
- Development of test catalogs and execution of Proof-of-Concepts (PoCs) in lab environments
- Preparation of reports and decision papers in product tests as well as research and client projects
- Organization and delivery of customer workshops and webcasts on current security technologies
- Build-up, operation, and continuous enhancement of the internal test and lab infrastructure
AI Assistance for SOCs Attack Surface Management Breach & Attack Simulation Cloud Native Application Protection Platform Container Security Extended Detection & Response Forensics Mobile Threat Defense Next-Generation Endpoint Security Sandbox Secure USB Handling Security Orchestration, Automation & Response Security Information & Event Management Unified Asset Management User & Entity Behavior Analytics
π Murcia, Spain (Home Office)
π Berlin, Germany
ποΈ 4.5 years and counting
Director Technology Analysts
1. October 2019
DCSO Deutsche Cyber-Sicherheitsorganisation GmbH π
Team & Service “Technology Scouting & Evaluation (TSE)”
- Leadership and continuous development of the team behind the βTechnology Scouting & Evaluationβ service (disciplinary and professional responsibility)
- Workforce and resource planning including budget responsibility for the βSecurity Analystsβ cost center
- Fostering individual growth through regular feedback, coaching, and motivation sessions
- Organization and delivery of technical client projects in the field of cyber security (including for DAX30 clients)
- Ongoing selective operational involvement in evaluation projects (previously as Cyber Security Analyst within the TSE service)
Data Loss Prevention Secure Software Development / DevSecOps Security Information & Event Management Threat Intelligence Platforms
π Berlin, Germany
ποΈ 1.5 years
M.Sc. Digital Forensics
12. March 2019
Albstadt-Sigmaringen University π
Final grade: Excellent (1.2)
Thesis: Automated Detection and Extraction of Artifacts Through Dynamic Introspection of Process Memory
π Albstadt-Sigmaringen, Erlangen & Munich, Germany
Cyber Security Analyst
1. January 2017
DCSO Deutsche Cyber-Sicherheitsorganisation GmbH π
Team & Service “Technology Scouting & Evaluation (TSE)”
- Scouting of innovative cyber security solutions for enterprise environments (particularly DAX30 corporations)
- Development of test catalogs with functional and non-functional requirements
- Planning and execution of Proof-of-Concepts (PoCs) in lab environments
- Preparation of reports and decision papers on scouting results and product evaluations
- Delivery of customer workshops and webcasts
- Consulting for external clients on strategic and technical cyber security matters
- Build-up, operation, and continuous enhancement of the internal test and lab infrastructure
Breach & Attack Simulation Cloud Security Access Broker Deception Technology Identity Management & Multi-factor Authentication Mobile Threat Defense Next-Generation Endpoint Security OT Network Monitoring Security Orchestration, Automation & Response Threat Intelligence User & Entity Behavior Analytics
π Berlin, Germany
ποΈ 2.5 years
System Manager & IT Security Engineer
1. March 2016
ivv GmbH π
Team “Internet & Client Security”
- Functional lead of the “Internet & Client Security” team
- Strategic and operational management of the (DMZ) security infrastructure incl. DNS, email, firewalls, IDS/IPS, and VPN services
- Responsibility for vulnerability and patch management in security-critical environments
- Internal consulting on IT security topics and support for related departments
- 2nd level support for infrastructure and security-related issues
Technical Support PKI Vulnerability Management Network Infrastructure Firewalls CMS Webserver Routing DMZ RHEL VPN DNS Mailserver
π Hannover, Germany
ποΈ 10 months
IT Systems Engineer
1. October 2012
ivv GmbH π
Team “Internet & Client-Sicherheit”
- Operational management of the (DMZ) security infrastructure incl. DNS, email, firewalls, IDS/IPS, and VPN services
- Responsibility for vulnerability and patch management in security-critical environments
- Internal consulting on IT security topics and support for related departments
- Planning and execution of data center relocations incl. migration concepts
- 2nd level support for infrastructure and security-related issues
Technical Support PKI Vulnerability Management Network Infrastructure Firewalls CMS Webserver Routing DMZ RHEL VPN DNS Mailserver
π Hannover, Germany
ποΈ 3.5 years
B. Sc. Business Information Systems
30. September 2012
University of Applied Sciences and Arts Hannover (FHDW Hannover) π
Final grade: Good (1.6), Grade A
π Hannover, Germany
Professional Qualification as IT Specialist
12. January 2012
Chamber of Industry and Commerce π
Specialization: System Integration
Final grade: Good (86/100), equivalent to a B / Above Average
Completion in parallel to the dual study program βB.Sc. Business Information Systemsβ
π Hannover, Germany
Working Student (Dual Studies)
1. August 2009
- Work in the network and infrastructure department from ISO/OSI Layer 1 to 7
- Operational support of the (DMZ) security infrastructure, incl. DNS, email, firewall, IDS/IPS, and VPN services
- Migration of websites to a secure CMS environment
- 2nd level support
- Programming in Java
π Hannover, Germany
ποΈ 3 years (3 months of study and 3 months of practical work in alternation)
High School Diploma
18. June 2009
Goetheschule High School
Final grade: Very Good (A)
π Hannover, Germany
Civil Protection & Disaster Control
1. January 2009
Hannover Fire Department – Local Fire Department in StΓΆcken π
π Hannover, Germany
ποΈ 8 years
Student Internship
1. February 2007
City of Hannover π
Department of Geoinformation – Surveying Technology
π Hannover, Germany
ποΈ 2 weeks
Birth
16. February 1990
π Finsterwalde, Germany
Cyber Security Solutions
Practical experience with requirements, architectures, and security solutions in areas such as:
Β Identity
- Identity & Access Management (IAM) & Multi-Factor Authentication (MFA)
- User & Entity Behavior Analytics (UEBA)
Β Endpoint & Device
- Mobile Threat Defense (MTD)
- Next-Generation Endpoint Security (NGES), Endpoint Protection Platforms (EPP), Endpoint Detection & Response (EDR)
Β Network & OT
- Deception Technology
- (OT) Network Monitoring
Β Cloud & Application
- Cloud Access Security Broker (CASB)
- Cloud Native Application Protection Platform (CNAPP)
- Secure Software Development / DevSecOps
SOC / Detection & Response
- Breach & Attack Simulation (BAS)
- Extended Detection & Response (XDR)
- Forensics
- Security Information & Event Management (SIEM)
- Security Orchestration, Automation & Response (SOAR)
Β Exposure & Asset Management
- Attack Surface Management (ASM)
- Unified Asset Management
Β Threat Intelligence
- Threat Intelligence (TI)
- Threat Intelligence Platforms (TIP)
Β Data Security
- Data Loss Prevention (DLP)
Frameworks, Standards & Formats
Deep understanding and practical application of common frameworks, standards, and formats such as:
Β Frameworks
- MITRE ATT&CK (Tactics & Techniques)
- MITRE D3FEND (Defensive Countermeasures)
- Cyber Kill Chain (Lockheed Martin)
- NIST Cybersecurity Framework (CSF)
- ISO/IEC 27001 & 27002 (ISMS & Controls)
- OWASP Top 10 / OWASP ASVS (Application Security)
Β SOC & CERT Maturity Models
- SOC-CMM (SOC Capability Maturity Model)
- SIM3 (Security Incident Management Maturity Model)
Β Best Practices & Compliance
- CIS Benchmarks
- STIG (Hardening Measures)
Β Detection Rules & Signatures
- Sigma (SIEM-agnostic Detection Rules)
- YARA (Malware Pattern Matching)
- Snort / Suricata Rules (IDS/IPS)
- OpenIOC
Β Threat Intelligence & Exchange Formats
- STIX / TAXII / CybOX
- MISP Galaxy / Taxonomies
- CAPEC (Attack Patterns)
- CWE / CVE (Weaknesses & Vulnerabilities)
- CVSS (Vulnerability Scoring)
Publications & Talks
- Brochure “‘State of the art’ in IT security” (TeleTrust, 2025) π
Involvement in updating content in the corresponding working group - “CNAPP – das unbekannte Wesen?!” (<kes>, October 2022) π
Participation in German expert survey - “Are You Incident Response Ready?” (Hannover Messe 2022)
English talk, Industry 4.0 Conference Stage (streamed) - CVE-2017-7408 / PAN-SA-2017-0007 π
“Temporary DoS for Traps Agent” vulnerability identification
Certificates & Training
- Offensive Security Certified Professional (OSCP) π
(07/2024, Offensive Security) - Autopsy Basics and Hands On
(05/2020, Basis Technology)
Show more
- SELinux Policy Administration
(02/2016, BOS-it) - Dark Side Ops: Custom Penetration Testing
(11/2015, Silent Break Security) - ITIL Foundation
(08/2015, Integrata AG) - PKI β Basics, Advanced Techniques, Implementation
(06/2014, Secorvo Security Consulting GmbH) - Forensic Extreme
(02/2014, cirosec GmbH) - IPv6 BootCamp
(11/2013, ExperTeach GmbH) - Hacking Extreme Countermeasures
(01/2013, cirosec GmbH) - SpamAssassin and AMaViS
(10/2012, Heinlein Support GmbH) - Secure Mailserver with Postfix
(10/2012, Heinlein Support GmbH) - Barracuda Next Generation Firewall Security Engineer
(10/2011, Barracuda Networks Inc.)
#Keywords
Penetration Testing & Red Teaming Enterprise Networks & Firewalling Active Directory / Entra ID Windows Event Logs & Monitoring VMware vSphere & Proxmox Threat HuntingSecurity Automation (SOAR, Scripting) DFIR (Digital Forensics & Incident Response)
Languages
π©πͺΒ German β native
π¬π§Β English β C1, fluent
Daily private, professional, and academic use (reports, master’s thesis, international projects)
πͺπΈΒ Spanish β B2, good command
7 years of expat experience in Spain, regular private use in everyday life