Competences and skills

Subject areas

Standards, laws and compliance

Security standards: ISO27001, BSI Grundschutz, OWASP-ASVS, PCI-DSS
Risk management: ISO27005, ISO31000, OSSTMM, OWASP-Risk Rating
Assessments according to VDA ISA Catalogue 5.0 and TISAX® (Trusted Information Security Assessment Exchange)
Business Continuity Management according to ISO22301
Quality management and PDCA according to ISO9001
Data protection laws: GDPR, Federal Data Protection Act
Internal control systems (ICS): IDW-PS951, KPI systems and frameworks

Security tests and security audits

Vulnerability scans: TCP-IP scans, protocol analyses
Information gathering, social engineering and password security
Web security: application scans, injections, database security, scripting
Infrastructure and device security, smart devices and Internet of Things (IoT)
Documentation and professional reporting

Training, education and coaching

Information security and data protection for decision-makers
Security and data protection awareness for employees
Risk management and management systems for officers
Programming, scripting: Python, SQL databases, PowerShell, C# and .NET
Office applications in the environment of management systems and controlling
Use of security tools for admins and developers

Other

Language skills

German / English

Dutch (mother tongue)

French

Spanish / Portuguese

 

Programming languages

HTML / CSS

SQL (common language variants)

.NET Framework (with Visual Basic or C#)

Scripting (PHP / JavaScript / Python / PowerShell)

 

Operating systems

Windows (all current versions, incl. Active Directory)

Linux (Debian derivatives)