21.03.2026 aktualisiert

**** ******** ****
Premiumkunde
60 % teilweise verfügbar

60%: NIS2 Security IT & OT | Security Operation Center SOC SIEM | Schwachstellen

Recklinghausen, Deutschland
Recklinghausen, Deutschland

Profilanlagen

Lebenslauf Stefan Eggert.pdf

Skills

JavaMicrosoft WindowsActive DirectoryLispProxy-ServerAntivirus-SoftwareApache HTTP ServerPenetration TestingAuditsMicrosoft AzureTelekommunikationBorder Gateway ProtocolCentOSSaasCloud ComputingKontrollziele für Informations- und Verwandte TechnologienInformationssicherheitDatenbankenData CentersDynamic Host Configuration ProtocolDebian LinuxLinuxDNSMulti-Faktor-AuthentifizierungVmware ESX ServerMig-SchweißenIaasITILImap-ServerIpsecIntrusion Detection SystemVPNMultiprotocol Label SwitchingLokale NetzwerkeNetwork SecurityLDAPSimple MailMcafee VirusscanCitrix XenappMicrosoft ProjectMicrosoft Sql-ServerWindows-ServerMySQLNagiosNfsv3RoutingCitrix SystemsBetriebszentrenOracle FinancialsPaasPublic-Key-InfrastrukturPost Office ProtocolQualitätsmanagementSambaSAP ApplicationsSendmailShell-ScriptSQLSquidVcloudVirtual Local Area NetworkVulnerabilitätVulnerability ManagementWansNetwork RoutersTransport Layer SecurityData Server InterfaceLoad BalancingVerwaltungstätigkeitenIn-plane SwitchingKostenoptimierungVirtuelle UmgebungDatenschutzFirewallsJuniperPostfixMetasploitIptablesNessusPlaner für Kieferorthopädische BehandlungenCiscoQualysBenutzerverwaltungVMware
NIS 2, IEC 62443, Vulnerability management, Cloud, Telecommunication, data protection, Qualys, AZURE, quality assurance, User Management, Firewall, epas DETACK, Nessus, OpenVAS, Metasploit, Active Directory, LDAP, Windows Server, Linux, Oracle, MSSQL, Citrix, MySQL, Microsoft Office, virtual environment, Database, Windows, VMWare, SQL, WAN/LAN, MPLS/VPN connectivity, F5 load balancers, Juniper SSL VPN migration, anti-virus, SaaS, IT Security, Juniper, Cisco, Squid, McAfee, Data privacy, Security/Privacy concepts, network security, cost optimisation, WAN connectivity, MPLS WAN, firewalls, LISP, WAN, Accelerator, Cloud computing, PaaS, IaaS, ITIL, ESX, vCloud, Zimory, Citrix XenApp, BlueCoat Systems, data centre, VLANs, load balancers, routing, firewall environment, IP, F5, MPLS, ATM, SDH, VPN, DMZ, IPSec, BGP, SaaS/PaaS, LAN, PKI, Watchguard firewalls, SSL VPN, IDS, IPS, IPSec VPN, NAT, OTP, two-factor authentication, SAP, router, NAGIOS, Windows Server 2003/2008, Microsoft Project, proxies, JAVA, DNS, DHCP, CoBIT, Office, PowerPoint, Word, Excel, SSL VPN Gateway (SA, MAG, Administration, PenTesting, Vulnerability, Qualysguard, Apache, ISA, Forefront Security, DSI, Director, LAN Access, Debian, Centos, Samba, Cluster, iptables, Postfix, Sendmail, qmail, Scalix, IMAP POP3 SMTP, Shellscript, NFS, Microsoft Windows, Windows Server 2003, 2008, 2012

Sprachen

DeutschMutterspracheEnglischverhandlungssicher

Projekthistorie

Cyber Security Specialist & Interim Team Lead

ZIEHL-ABEGG SE

Industrie und Maschinenbau

5000-10.000 Mitarbeiter

In my role as Cyber Security Specialist and Interim Security Team Lead, I was responsible for strengthening the IT and OT security architecture and for building and continuously developing a resilient security organization that met both current regulatory requirements (e.g., NIS2, ISO/IEC 27001, IEC 62443) and company-specific threat scenarios.

Key responsibilities and achievements included:

  1. Implementation and operation of SIEM and monitoring systems; development of a hybrid SOC strategy including NDR/EDR integration
  2. Design and rollout of security awareness programs and employee training; coordination of penetration tests and vulnerability remediation
  3. Introduction of a comprehensive vulnerability management process with focus on detection and remediation, as well as development of an Incident Response Process
  4. Development of a Cyber Defense Center and establishment of a SOC with Blue Team structures for active cyber defense; leadership of the Security team
  5. Collaboration with external partners to support audits and deliver strategic consulting projects
  6. Leadership in defining and implementing segmentation strategies for production systems in line with IEC 62443
  7. Professional leadership of a global security team with focus on knowledge transfer, coaching, and talent development
  8. Contribution to regulatory compliance (NIS2, ISO/IEC 27001, IEC 62443) through certification processes and continuous monitoring

Security Auditor OT for NIS 2, IEC 62443

POLIFILM

Industrie und Maschinenbau

250-500 Mitarbeiter

  • Defining the objectives of the audit (e.g., compliance review, risk mitigation).
  • Defining the scope of the audit – e.g., systems, facilities, and technologies to be assessed.
  • Determining stakeholders and identifying responsibilities.
  • Identifying and documenting all relevant OT assets.
  • Surveying the OT architecture, topology, and components (e.g., SCADA systems, PLCs, HMIs).
  • Recording the network configuration and connections to IT networks.
  • Identifying potential threats and vulnerabilities in the OT environment.
  • Assessing risks based on their likelihood and potential impact on operations.
  • Analyzing existing threat vectors and potential attacker profiles.
  • Reviewing existing OT security policies, standards, and protocol for NIS2
  • Analyzing network segmentation and access control policies.
  • Evaluating security configurations, such as firewalls, network access, and user privileges.
  • Testing physical security measures for critical OT components. (NIS 2, IEC 62443). 

Snr. SOC Analyst / Optimization of Darktrace NDR OT & IT

DACOSO

Internet und Informationstechnologie

50-250 Mitarbeiter

  • Analysis of security incidents and support in mitigating vulnerabilities
  • Independent management of security events (IT & OT Network) and incidents, including customer communication
  • Monitoring the current security landscape and deriving actionable recommendations
  • Quality assurance and optimization of use cases, rules, and rule books for the respective security services
  • Optimization of Darktrace NDR (TI implementation, models, etc.) in collaboration with Logpoint, Crowdstrike, Defender, Sentinel, Qualys
  • Fine-tuning of rules for improved optimization of SOC operations

Analysis of Vulnerabilities after a Successful Hacking Attack (Ransomware) as Emergency Manager

Industrie (the customer wishes > 5.000 to remain anonymous)

Industrie und Maschinenbau

1000-5000 Mitarbeiter

Deployment as an Incident Manager following a hacking attack. Investigating vulnerabilities, sources of errors, and potential further attack vectors. Developing an enhanced emergency concept and backup strategy plan to mitigate future attacks. Planning and hardening additional system components with the operations team as technical security lead. Planning of PenTests and vulnerability management with Qualys.

Software Used:
  • SQL
  • Linux and Windows Server
  • Cisco, WatchGuard
  • Active Directory, DNS, DHCP, etc.
  • QUALYS
  • Bitdefender AV

Technical Project Manager / Snr. Expert SOC

LBS Bank

Banken und Finanzdienstleistungen

250-500 Mitarbeiter

Technical Project Manager for the Establishment of an External SOC/SIEM in the LBS Bank Group

Responsibilities
 
  • Selection and integration of the external SOC service provider
  • Development of use cases
  • Splunk SIEM Installation and integration / Forwarder Installation
  • Creation of processes in the banking environment in accordance with BAIT requirements
  • Technical development and adaptation of additional use cases
  • Integration of bank-specific applications (OS Plus, bit-MaRisk, SAP, etc.)
  • Integration of technical infrastructure (Active Directory, DNS, telecommunications, Sophos Antivirus, Cisco VPN, Citrix, etc.)

Expansion up from 02/2023: SOC Security Coordinator / Security Analyst and Architect
 
  • Central point of contact for all IT security incidents
  • Incident Manager for IT security incidents
  • Evaluation/analysis of incoming SOC incidents with operations
  • Further development of processes and use cases / technical design
  • Provider management of the SOC service provider
  • Development of incident response plans for emergency planning in emergency management and creation of playbooks for SOC/Operational Teams
  • Improvement of operational security through regular meetings, reports, SLA Tracking etc., on the current SOC threat landscape
  • Intensive collaboration with operational Teams as an interface to the SOC
  • Improvement of processes in the area of penetration testing and vulnerability management
  • Coordination, preparation, and follow-up of pen-test findings, Audit Findings and vulnerabilities
  • Consulting on improving IT security strategy / best practices
  • Evaluation / Consulting from new Security-Tools
  • Member of the Bank emergency Board / Incident Management

OT SIEM SOC Aufbau

Deutsche Post AG (DHL Group)

Transport und Logistik

>10.000 Mitarbeiter

Build SOC/SIEM for OT
 
  • Development of a SIEM solution for the OT (Operational Technology) sector
  • Current state analysis (IST Analysis)
  • Technical planning and coordination
  • Design of a SOC SIEM structure for OT systems
  • Consolidation planning for multiple SIEM systems (international)
  • Part-Project Lead for “OT SOC SIEM”

Senior Security Expert / Schwachstellenexperte im OT Umfeld

Daimler AG

Automobil und Fahrzeugbau

>10.000 Mitarbeiter

Position
Senior Security Expert / Schwachstellenexperte im OT Umfeld

Responsibilities

Expert for Vulnerability Management in the production network (OT Network). Establishing concepts to
scan the sensitive OT Landscape, remediate and vulnerability rating for multiple clients (Daimler
Truck, Central IT. Board Member in the global Vulnerabilty Board, administrator for the Qualys Cloud
Platform with more than one million Assets. Supporting the worldwide Agent Rollout, optimization of
Option Profiles (explicit for OT Scanning).

Senior Security Expert / Incident Management SOC

SEPAGO

Internet und Informationstechnologie

50-250 Mitarbeiter

Process implementation and customer onboarding for "SOC as a Service" (Security Operations Center).   Working as Security Expert / Incident Manager for the SOC, evaluation of existing processes and KPIs.  Support the SOC Team to analyze Security Incidents 

 

Products: AZURE, Microsoft Defender für Endpoint, Microsoft Defender ATP

Senior Security Analyst

AXA Group Operation
Period Client/sector Company size
01.01.2016 - 28.03.2021 AXA Group Operation > 100.000 employees

Position
01.01.2016: Senior Security Analyst & 01.11.2020: Vulnerability Management Expert


Responsibilities

1. Senior Security Analyst 
Remediation and coordinating of Pen Test findings (global/local) and Audit tracking. Reporting
of findings and incidents to AXA Management and solver departments. Coordination and
supporting incoming requests to operational resolver groups and supporting them with security
requirements according to AXA Security Guidelines and deep technical knowledge. Regional Manager (Northern Europe Region) for DETACK epas (Enterprise Password Assessment), appliance administration incl. maintenance and central reporting for password quality reports 2. Vulnerability Management Expert Global project supporting of the Qualys Guard Infrastructure Infrastructure Administration and Maintenance from Qualys Guard Reporting of Vulnerabilities Remediation and Tracking Asset Management and Server-Onboarding Vendor-Management / Coordination and support Tickets  

Primary Tasks and responsibilities:

 

  • Perform activities for vulnerability scanning and policy compliance (Qualys Guard)
  • Maintain and operate password hunting and quality assurance tool
  • Manage and control audit remediation activities
  • Manage and support Pen Test activities
  • Perform security and risk assessments
  • Create security concepts

 

Security support for Sub-Tasks:

 

  • Password Clear Text Scanning
  • Support for CyberArk migration
  • Supporting the privileged User Management and recertification
  • Related requests for ICT Infrastructure and Firewall approvals 
  • Security Consultant for other IT Projects
  • Support the global security Incident Management

Tools:

 

  • Security Tools (epas DETACK, Nessus, OpenVAS, Metasploit, Qualys)
  • Operate password hunting for Active Directory, LDAP, Windows Server, Linux, Oracle, MSSQL, Citrix and MySQL
  • Microsoft Office

Senior Security Analyst / Pen Test coordinator

AXA Konzern AG
Period Client/sector Company size
01.07.2015 - 31.12.2015 AXA Konzern AG > 100.000 employees

Position
Senior Security Analyst / Pen Test coordinator

Responsibilities
Pen Test coordination (internal application) and Group Reporting for the Group Pen Test Campaign
2015. Planning and setup Pen Tests with external providers, provider management and assessment of
risks. Detailed preparation and debriefing with stakeholders and support with deep technical
knowledge in the remediation phase. Perform lessons learned workshops after pen test activities.
Preparation of Management escalations and Risk Letters for findings with high risk or high priority,
communication from findings to SOC, external providers or to AXA Tech.

Qualys Guard vulnerability management:
Act as supporter for Pen testers with Qualys Guard Scans, Web application Scans and setup circular
BlackBox Tests (incl. monitoring) for non critical AXA Web Applications

Senior Security Analyst / Vulnerability Management

AXA-Tech
Period Client/sector Company size
01.10.2013 - 30.06.2015 AXA-Tech > 100.000 employees

Position
Senior Security Analyst / Vulnerability Management

Responsibilities
Global project supporting for Qualys Guard vulnerability management:
Establishment of a new Qualys Guard infrastructure and concept for circular vulnerability scans.
Detailed breakdown from the complete AXA Germany and AXA Belgium Network with the restructuring from
the existing appliance solution to a virtual environment. Rebuild new Qualys Assets and integrate
new processes for deployment and vulnerability scans. Maintenance and central contact for the Qualys
environment after the restructure.

Security support for Sub-Projects:
* Tracking from Audit Findings particular for high critical financial systems
* Architecture and Establishment of Privileged User Management Database for Windows, Linux,
VMWare, SQL and Oracle.
* Organizational measure to capture High Privileged Accounts
* Reporting, tracking and remediation of vulnerabilities, system hardening and patch management

Senior Security Expert

Deutsche Annington Immobilien SE
Period Client/sector Company size
01.01.2013 - 31.08.2013 Deutsche Annington Immobilien SE > 4.000 employees
(Heute: Vonovia)
Position
Senior Security Expert

Responsibilities
Establishment of security concepts and processes for the IPO (stock market launch), risk evaluation
and coordination Pen Testing.

* Active vendor management for the WAN/LAN/Security/Data Centre infrastructure (as support for
the service management)
* Installation, reduction and sizing for the MPLS/VPN connectivity
* IP Management (conception and planning) for all locations
* Change management
* Supporting the operational unit as 3rd level support (firewalling, network, BlueCoat Proxy SG,
reverse proxy (TMG) and F5 load balancers)
* Project lead for cross projects (Juniper SSL VPN migration from device SA4000 to MAG6611,
location moves, migration of the anti-virus solution to an external vendor / SaaS)

Products and standards:
* ITSM
* IT Security (Grundschutz, BSI, various security products)
* Juniper, Cisco
* Blue Coat, Squid
* McAfee
* Alcatel-Lucent VitalQIP

Senior Security Consultant Data privacy

Deutsche Telekom AG (ICM, IKS)
Period Client/sector Company size
16.07.2012 - 31.12.2012 Deutsche Telekom AG (ICM, IKS) > 200.000 employees

Position
Senior Security Consultant Data privacy

Responsibilities
Supporting and revision of various EPR Projects (main task: Security/Privacy concepts and
compliance, auditing the plausibility of concepts). Approver for authority of compliance and above
concepts incl. the SoCs (Statement of Compliance) for Group-wide operational standards. Consulting
for network security and infrastructure (security) solutions.

Period Client/sector Company size
01.06.2012 - 15.07.2012 various clients > 1.000 employees

Position
Cloud Strategy / Evaluation for various clients

Responsibilities
Consulting for various clients, evaluation of several cloud infrastructure solutions and IT
Security. Consulting for Data Centre strategy and cost optimisation, conception of the effort and
feasibility into a full managed service.

Security Infrastructure coordinator

SIEMENS ATOS
Period Client/sector Company size
01.04.2012 - 31.05.2012 SIEMENS ATOS > 200.000 employees

Position
Security Infrastructure coordinator

Responsibilities
Analyse of a large ICT infrastructure environment, reporting of missing ICT functions to the ATOS
Board. Creating reports and processes in the area MDS (Mobile Device Service) and Endpoint Security.

Security Architect, International Data centre consolidation

T-Systems International
Period Client/sector Company size
07/2009 - 30.06.2011 T-Systems International (CZ, UK, NL) > 200,000 employees


Position
Security Architect, International Data centre consolidation

Responsibilities
* Migration of an existing data centre environment in the Czech Republic/UK/NL to a German cloud
environment
* Conceptualisation of the data centre inter-connectivity / expansion of existing data centre
connectivity
* Planning of new VLANs within the overall application structure
* Conceptualisation of firewalls, load balancers, reverse proxy environments
* Conceptualisation of application-specific network environments using AppCom / STS
* Process support for business blueprint / security / migration
* Planning and preparation of changes (firewall, load balancers, monitoring,...)
* Documentation of complex projects
* Decommissioning of legacy data centre connections and firewall systems
* IP connectivity planning (routing, firewall environment, IP address management)

Products and standards

* ITIL
* Baseline security requirements in accordance with Corporate Security Policy
* Cisco, F5, Juniper
* Network (routing, MPLS, ATM, SDH, VPN, DMZ, IPSec, BGP)
* Cloud computing (SaaS/PaaS, ESX, Citrix)

Sub-project management Security

DHL
Period Client/sector Company size
04/2008 - 09/2008 DHL > 200,000 employees


Position
Sub-project management Security
Responsibilities
* Sub-project management for a Client migration project (6,000 Users)
* In charge of the areas proxies, networks, firewalls, applications
* Supporting service management
* Preparation of security concepts and processes for an external service provider (T-Systems)
* Deactivation of legacy server systems and network landscapes
* Developing global server concepts
* Planning and migration of a proxy cluster (approx. 6,000 users)
* Modification of the security processes
* Preparation of changes (change management)
* Developing a JAVA PAC file for approx. 3,500 workplace systems
* Planning and matching of bandwidth requirements for the MPLS structure
* Matching of DNS and DHCP

Products and standards
* ITIL
* Checkpoint firewalls
* Network (network coupling, NAT zones, routing, MPLS, ATM)
* Citrix
* App-V (former SoftGrid)
* Proxy/Internet: Squid, Finjan Secure Web Gateway (content security)
* Directory services: Active Directory, LDAP
* Microsoft Project

Security management auditor for DEUTSCHE POST Management Board

DEUTSCHE POST AG
Period Client/sector Company size
08/2007 - 03/2008 DEUTSCHE POST AG > 200,000 employees

Position
Security management auditor for DEUTSCHE POST Management Board
Responsibilities
* Auditing of IT and security projects (ITIL / CoBIT)
* Security management audits at a data centre of a service provider
* Preparing the audit
* Orientation of the control objectives to the corporate structure
* Kick-off, establishing the audit and the audit sphere
* Interviews with the specialist departments
* Weak-point analysis
* Auditing of authorisation processes
* Assessment of risks
* Recommending improvements
* Reporting to the Board

Products and standards
* ITIL
* CoBIT
* Microsoft Office (PowerPoint, Word, Excel)

Service Manager Network / Security

DHL International / Deutsche Post AG
Position
Service Manager Network / Security

Lead Network and Security Architect ESC

DHL International, ESC
Position
Lead Network and Security Architect ESC

Firewall / Linux Administrator

DHL
Position
Firewall / Linux Administrator

Kontaktanfrage

Einloggen & anfragen.

Das Kontaktformular ist nur für eingeloggte Nutzer verfügbar.

RegistrierenAnmelden