As a Principal Security Consultant at SEC Consult, I led advanced security initiatives and contributed to the development and delivery of solutions across various domains of cybersecurity.• Orchestrated the development of the Infrastructure Security Product as Deputy Lead• Led the SEC Consult Red Team’s first TIBER Project as Red Team Manager• Provided technical expertise to the sales team for client proposals and service presentations• Established SEC Samurai in-house infrastructure security learning path for continuous professional development of new team members• Conducted complex infrastructure security penetration tests for customers, identifying vulnerabilities and recommending remediation measures• Created an internal tool for generating Active Directory security reports using Cypher queries• Developed Active Directory Post Compromise Assessment service within SEC Defense product, focusing on Incident Response projects and ransomware breaches

My key task at Pentest Factory was the development of the pentesting service and the execution of security assessments. During my time at Pentest Factory I supported our customers within the following areas:• Planned and designed a concept for the establishment of the penetration testing service• Designed and implemented business processes related to the pentesting service• Conducted Active Directory security assessments for customers with multiple domains and forests (Black-Box and Grey-Box)• Supported customers to develop and deploy technical controls within their Active Directory infrastructure in order to improve the overall security posture• Worked together with an international SIEM provider in order to develop new detection patterns to detect modern Active Directory attacks• Worked closely with the IT team members of customers to provide solutions based on business security requirements• Executed multiple Azure security audits to complete the transition-phase from Active Directory to Azure• Supported customers in security incident response and remediation activities• Developed a three day Active Directory security training for Administrators• Executed application penetration tests (Web, API, Mobile, SAP)

My core task at Deloitte was the organization and execution of penetration tests. Further that I developed a static source code analysis training for developers. During my time at Deloitte I worked in the following areas:• Coordinated and managed international penetration tests for DAX-30 companies• Planned and conducted penetration tests and vulnerability assessments of applica-tion and infrastructure components• Performed vulnerability assessments of large public and internal network environ-ments• Conducted source code analysis of advanced web technologies regarding security issues• Designed and conducted 2-day trainings on static code analysis for developers• Inspection and hardening of IT-Security systems• Client security audits in hardened network infrastructures• Prepared Awareness Trainings• Executed security assessments of Wireless LAN environments

As part of the bachelor program at the Technical University of Mittelhessen I did my mandatory internship at Deloitte and was subsequently hired as a working student. The focus was on the following tasks:• Supported consultants in penetration tests• Performed of a market analysis for static and dynamic application security testing software• Developed a tool to manage the penetration testing process• Planned and prepared awareness training seminars• Designed and implemented a virtualized private cloud environment• Maintained network infrastructure and administered the virtualized server land-scape

During my time at university I worked as a database and network administrator at the Children's Heart Center in Gießen. My core tasks were the development and maintenance of existing databases.• Developed and designed databases for research projects• Used a business intelligence toolset for data analysis• Maintenance of the website• User helpdesk

During my time at the university of Wisconsin I supported my professor in a research project on the topic "Using Twitter for Situational Awareness in Public Health”."Monitoring outbreaks of contagious diseases is an important task for public health officials and they must receive outbreak information quickly to respond to this threat. Social network sites such as Twitter can be leveraged to track self-reporting of diseases in real time. This work presents a prototype system, HealthShark, which monitors Twitter for mentions of contagious diseases. The authors outline the features of HealthShark, perform a user study to assess its usefulness as a tool for monitoring disease outbreaks, and discuss potential privacy concerns’ impact on the design of such a system."• Developed a web application to evaluate the collected data of my research project- http://www.tandfonline.com/doi/abs/10.1080/15536548.2015.1010984

In 2009 I started an unforgettable trip to Australia. Self-organized I got to know the country and the people for 2 years. I was able to improve my language skills, meet people from all over the world and learn about the Australian "Way of Life". Heron Island Resort • Full-time as HousemanKings Canyon Resort • Full-time as houseman• Multi hire as kitchenhand• Multi hire as waiter• Multi hire as bar attendant• Multi hire in maintenance• Multi hire as pizza chef• Multi hire as IT-Specialist for user helpdeskSeafarm Cardwell• Prawn Production (full-time)

I did my community service at the Children's Heart Center in Gießen. Afterwards I worked as a freelance research assistant. My core tasks were the development and maintenance of existing databases.• Developed and designed databases for research projects• Used a business intelligence toolset for data analysis• Maintenance of the website• User helpdesk

I completed my training as an IT specialist for system integration at the IT service provider KoCoNet GmbH in Lich.• Deployed and maintened Windows 2003/2008 Server (DNS, DHCP, DC, AD etc)• Deployed and maintened Exchange 2003/2007 for customers• Designed and implemented of VM Ware ESXi in customer environments• Deployed of anti-virus software in enterprise networks• Installed backup software applications (Symantec Backup Exec) in enterprise environments• Drafted and reviewed network infrastructure architecture plans• Performed hardware roll outs at customers• Installed and configured Firewalls (Watchguard, Cisco) in customer environments• Performance of user helpdesk activitiesDegree: IT specialist for system integration (IHK)