Jan 2025 – May 2025 · 4 mos · Germany · Remote

• My key task at Cybereason was the investigation and mitigation of advanced cyber threats as part of the Detection Engineering organization. During my time at Cybereason, I supported our clients and team in the following areas:
• Led and executed high-profile investigations into advanced threats (APT), often under tight deadlines and significant pressure
• Conducted in-depth analysis of complex security incidents, identifying root causes and recommending mitigation strategies
• Researched and tracked emerging cyber threats, contributing actionable intelligence to enhance detection capabilities
• Developed and refined detection rules and processes to improve threat identification and response
• Collaborated closely with client security teams to provide clear communication and tailored solutions
• Supported incident response activities, including containment, remediation, and post-incident reviews

Jan 2023 – Dec 2024 · 1 yr 11 mos · Germany · Remote

• As a Principal Security Consultant at SEC Consult, I led advanced security initiatives and contributed to the development and delivery of solutions across various domains of cybersecurity.
• Orchestrated the development of the Infrastructure Security Product as Deputy Lead
• Led the SEC Consult Red Team’s first TIBER Project as Red Team Manager
• Provided technical expertise to the sales team for client proposals and service presentations
• Established SEC Samurai in-house infrastructure security learning path for continuous professional development of new team members
• Conducted complex infrastructure security penetration tests for customers, identifying vulnerabilities and recommending remediation measures
• Created an internal tool for generating Active Directory security reports using Cypher queries
• Developed Active Directory Post Compromise Assessment service within SEC Defense product, focusing on Incident Response projects and ransomware breaches

Nov 2017 – Dec 2022 · 5 yrs 1 mo · Frankfurt Am Main Area, Germany

• My key task at Pentest Factory was the development of the pentesting service and the execution of security assessments. During my time at Pentest Factory I supported our customers within the following areas:
• Planned and designed a concept for the establishment of the penetration testing service
• Designed and implemented business processes related to the pentesting service
• Conducted Active Directory security assessments for customers with multiple domains and forests (Black-Box and Grey-Box)
• Supported customers to develop and deploy technical controls within their Active Directory infrastructure in order to improve the overall security posture
• Worked together with an international SIEM provider in order to develop new detection patterns to detect modern Active Directory attacks
• Worked closely with the IT team members of customers to provide solutions based on business security requirements
• Executed multiple Azure security audits to complete the transition-phase from Active Directory to Azure
• Supported customers in security incident response and remediation activities
• Developed a three day Active Directory security training for Administrators
• Executed application penetration tests (Web, API, Mobile, SAP)

Feb 2016 – Oct 2017 · 1 yr 8 mos

• My core task at Deloitte was the organization and execution of penetration tests. Further that I developed a static source code analysis training for developers. During my time at Deloitte I worked in the following areas:
• Coordinated and managed international penetration tests for DAX-30 companies
• Planned and conducted penetration tests and vulnerability assessments of application and infrastructure components
• Performed vulnerability assessments of large public and internal network environ-ments
• Conducted source code analysis of advanced web technologies regarding security issues
• Designed and conducted 2-day trainings on static code analysis for developers
• Inspection and hardening of IT-Security systems
• Client security audits in hardened network infrastructures
• Prepared Awareness Trainings
• Executed security assessments of Wireless LAN environments

Sep 2014 – Jan 2016 · 1 yr 4 mos

• As part of the bachelor program at the Technical University of Mittelhessen I did my mandatory internship at Deloitte and was subsequently hired as a working student. The focus was on the following tasks:
• Supported consultants in penetration tests
• Performed a market analysis for static and dynamic application security testing software
• Developed a tool to manage the penetration testing process
• Planned and prepared awareness training seminars
• Designed and implemented a virtualized private cloud environment
• Maintained network infrastructure and administered the virtualized server land-scape

Oct 2013 – Jun 2014 · 8 mos · Whitewater, Wisconsin

• During my time at the university of Wisconsin I supported my professor in a research project on the topic "Using Twitter for Situational Awareness in Public Health”.
• "Monitoring outbreaks of contagious diseases is an important task for public health officials and they must receive outbreak information quickly to respond to this threat. Social network sites such as Twitter can be leveraged to track self-reporting of diseases in real time. This work presents a prototype system, HealthShark, which monitors Twitter for mentions of contagious diseases. The authors outline the features of HealthShark, perform a user study to assess its usefulness as a tool for monitoring disease outbreaks, and discuss potential privacy concerns’ impact on the design of such a system."
• Developed a web application to evaluate the collected data of my research project
• http://www.tandfonline.com/doi/abs/10.1080/15536548.2015.1010984

Jun 2011 – Aug 2015 · 4 yrs 2 mos · Giessen, Germany

• During my time at university I worked as a database and network administrator at the Children's Heart Center in Gießen. My core tasks were the development and maintenance of existing databases.
• Developed and designed databases for research projects
• Used a business intelligence toolset for data analysis
• Maintenance of the website
• User helpdesk

Oct 2009 – May 2011 · 1 yr 7 mos · Australia

• In 2009 I started an unforgettable trip to Australia. Self-organized I got to know the country and the people for 2 years. I was able to improve my language skills, meet people from all over the world and learn about the Australian "Way of Life".
• Heron Island Resort
• Full-time as Houseman
• Kings Canyon Resort
• Full-time as houseman
• Multi hire as kitchenhand
• Multi hire as waiter
• Multi hire as bar attendant
• Multi hire in maintenance
• Multi hire as pizza chef
• Multi hire as IT-Specialist for user helpdesk
• Seafarm Cardwell
• Prawn Production (full-time)

Jul 2008 – Sep 2009 · 1 yr 2 mos · Giessen, Germany

• I did my community service at the Children's Heart Center in Gießen. Afterwards I worked as a freelance research assistant. My core tasks were the development and maintenance of existing databases.
• Developed and designed databases for research projects
• Used a business intelligence toolset for data analysis
• Maintenance of the website
• User helpdesk

Oct 2005 – Jun 2008 · 2 yrs 8 mos · Lich, Germany

• I completed my training as an IT specialist for system integration at the IT service provider KoCoNet GmbH in Lich.
• Deployed and maintened Windows 2003/2008 Server (DNS, DHCP, DC, AD etc)
• Deployed and maintened Exchange 2003/2007 for customers
• Designed and implemented of VM Ware ESXi in customer environments
• Deployed of anti-virus software in enterprise networks
• Installed backup software applications (Symantec Backup Exec) in enterprise environments
• Drafted and reviewed network infrastructure architecture plans
• Performed hardware roll outs at customers
• Installed and configured Firewalls (Watchguard, Cisco) in customer environments
• Performance of user helpdesk activities
• Degree: IT specialist for system integration (IHK)