Competences and skills

Subject areas

Standards, laws and compliance

Security standards: ISO27001, BSI Grundschutz, OWASP-ASVS, PCI-DSS
Risk management: ISO27005, ISO31000, OSSTMM, OWASP-Risk Rating
Assessments according to VDA ISA Catalogue 5.0 and TISAX^® (Trusted Information Security Assessment Exchange)
Business Continuity Management according to ISO22301
Quality management and PDCA according to ISO9001
Data protection laws: GDPR, Federal Data Protection Act
Internal control systems (ICS): IDW-PS951, KPI systems and frameworks

Security tests and security audits

Vulnerability scans: TCP-IP scans, protocol analysis
Information gathering, social engineering, OSINT-Check (Open Source Intelligence)
Web security: application scans, injections, database security, scripting
Intrusion Detection, SIEM and Monitoring: Wazuh, Ossec, Icinga, OpenSearch, Kibana
Infrastructure and device security, smart devices and Internet of Things (IoT)
Documentation and professional reporting

Training, education and coaching

Information security and data protection for decision-makers
Security and data protection awareness for employees
Risk management and management systems for officers
Programming, scripting: Python, SQL databases, PowerShell, C# and .NET
Office applications in the environment of management systems and controlling
Use of security tools for admins and developers

Other

Language skills

German / English

Dutch (mother tongue)

French

Spanish / Portuguese

 

Programming languages

HTML / CSS

SQL (common language variants)

.NET Framework (with Visual Basic or C#)

Scripting (PHP / JavaScript / Python / PowerShell)

 

Operating systems

Windows (all current versions, incl. Active Directory)

Linux (Debian derivatives)