• Beratung, Konzeption und Umsetzung von komplexen Security-Lösungen für Netzwerke und IT-Systeme.• Durchführung von technischen Sicherheitsüberprüfungen für Computer- und Telekommunikationsnetzwerke sowie für Informations-, Daten-und Personensicherheit.• Bewertung und Evaluierung neuer Sicherheitslösungen und Produkte hinsichtlich ihrer technischen Reife für das Produkt- und Lösungsportfolio.• Erstellung maßgeschneiderter Konzepte für Firewall-, IDS- und Applikations-Gateways sowie Integration von Monitoring- und Alarmierungsmodulen.• Unterstützung bei der technischen Definition,Umsetzung und Weiterentwicklung von Managed Service Lösungen.• Erstellung von Pflichten- und Lastenheften basierend auf den Anforderungen der Kunden und deren Umsetzung.• Betreuung von Kundensystemen,schnelle Störungsbeseitigung und Erstellung der zugehörigen Dokumentation.• Enge Zusammenarbeit mit dem Vertrieb zur Betreuung von Bestandskunden und Unterstützung bei der Akquise neuer Projekte.• Unterstützung bei der Betreuung interner IT-Lösungen und IT-Security im Team.• Mitwirkung bei der Konzeption,dem Aufbau und der kontinuierlichen Aktualisierung der IT-Landschaft.• Sicherstellung, dass das technische Netz das kaufmännische Netz nicht beeinträchtigt.• Unterstützung der Kollegen in den Bereichen Operation, Vertrieb und Geschäftsleitung.• Erstellung und Überwachung eines Konzepts für die interne Datensicherung in Zusammenarbeit mit technischen Kollegen.

• Collaborated with cross-functional teams to manage third-party risk assessments, ensuring compliance with industry regulations such as ISO 27001, HIPAA, PCI-DSS, SOC. • Conducted comprehensive vendor assessments to identify and mitigate security risks, including security controls, policies, and procedures. • Developed and maintain vendor risk management frameworks (RMF) to identify, assess, and mitigate potential risks. • Conducted risk analysis and developed risk mitigation strategies to minimize exposure to security threats. • Ensured compliance with regulatory requirements and provided guidance to business units on security best practices. • Collaborated with internal audit teams to review and validate third-party compliance with policies and procedures. • Communicated effectively with stakeholders to provide updates on vendor risk assessment status, risk mitigation strategies, andcompliance with regulatory requirements. • Completed the plan of action and milestone (POA&M) and refer vulnerabilities to system admins and engineers and track it to completion. • Reviewed continuously software infrastructure, network security, systems security and identify possible security threats and weaknesses while formulating and driving improvements necessary to improve security vulnerabilities. • Designated systems and categorized its C.I.A using FIPS 199 and NIST SP 800-60. • Created standard templates for required security assessment and authorization documents, including risk assessments, security plans, security assessment plans and reports, contingency plans, and security authorization packages • Experienced using continuous monitoring tools like Nessus, Wireshark, Nmap and familiar with others

• Developed and maintained incident response protocols to mitigate damage and liability during security breaches. • Facilitated the Information Risk Management process including the reporting/oversight of treatment efforts to remediate negative findings • Developed and published Security Policies and Standards; provided consulting to technical resources on security mitigation of identified security gaps/risks and compliance to Global Security Policies • Defined the Vulnerability Management process including the identification of vulnerabilities, provided consulting to business/technical resources to remediate vulnerabilities, and aligned vulnerability remediation processes with existing Infrastructure programs • Reviewed policies, procedures, standards and guidelines per applicable regulations including ISO 27001, PCI-DSS, HIPAA, HITRUST • Ensured compliance of information Technology Security Policies and utilized vulnerability tools • Developed and enhanced an information security framework based on NIST Cybersecurity Framework (CSF) and International Organization for Standardization (ISO 27001)

Working Student – IT SupportKarlsruhe Institut für Technologie • Configured firewalls • Analyzed, troubleshooted and evaluated technology issues. • Reestablished internet connections, troubleshooted household IT products like Wi-Fi routers, Printers. • Tasked with giving instructions to Students on how to use IT programs • Worked with other technicians to resolve problems.

Actively worked with the agile product development team, consisting of experienced developers from a wide range of disciplines in ensuring maximum quality of Automobile