Dynamic and results-driven CISSP-certified Security Engineer with 5+ years of experience in platform engineering, architecting, and implementing secure cloud environments. Proven track record of establishing robust security programs and driving DevSecOps practices. Authored a Master's thesis on Incident Response in Cloud Environments, emphasizing innovative strategies for breach detection, mitigation, and forensic investigation in dynamic cloud infrastructures.
• Designed and maintained scalable, reusable Infrastructure as Code (IaC) modules using Terraform to standardize AWS resource provisioning across teams.
• Developed robust CI/CD pipelines with GitHub Actions, enabling automated testing and deployment of infrastructure and applications.
• Created production-ready boilerplates in .NET, Go, and Python to accelerate service delivery and ensure consistent cloud architecture standards.
• Architected and managed secure, highly available AWS environments using VPC, Route 53, Transit Gateway, and load balancers (ALB/NLB).
• Implemented least-privilege IAM policies, automated compliance checks, and integrated cloud security controls aligned with SOC 2 and ISO 27001.
• Deployed observability solutions with Datadog, including APM, metrics, and alerting, to monitor application health and optimize system performance.
• Led cloud cost optimization initiatives, leveraging autoscaling, rightsizing, and usage analysis to reduce infrastructure spend.
• Championed a DevSecOps culture by mentoring engineers, enabling self-service automation, and aligning platform strategies with business objectives.
• Developed the Cloud Security Program at AUDI which resulted in a 95% decrease of critical cloud security issues within 4 months.
• Led the DevSecOps team (7 members) which provided security assessments, architecture reviews, threat modeling, and security best practices to project teams at AUDI.
• Enabled more than 50 project teams at AUDI to use AWS services in a secure and compliant manner by designing and implementing security guardrails.
• Established a Cloud Security Community, engaging over 1,500 developers to foster architectural best practices and secure automation in CI/CD pipelines.
• Performed and coordinated incident response activities for AUDI's critical workloads across over 500 AWS accounts.
• Communicating complex technical matters during and after incidents to internal stakeholders and business leadership in a clear and concise manner.
• Established Incident Response Playbooks for common cloud security incidents and developed automation to improve reaction time of incident response activities by over 50%.
• Architecture and development of central platform services such as Central Web Application Firewall, IAM, Central Logging Solution, and Networking.
• Architecture and development of a cloud-native IoT web application for monitoring cold chain logistics in the pharmaceutical and food industry.
• Actively implemented shift-left security through automation and integration of security tools in CI/CD pipelines such as SAST, DAST, secret management tools, container image scanners, and software composition analysis (SCA).
• Performed threat modeling, security and architecture reviews for customers in the automotive and manufacturing industry.
• Mentored and trained a team of 10 junior members in comprehensive cloud security concepts, fostering their proficiency in safeguarding digital assets and ensuring adherence to industry best practices.
• Architecture and implementation of enterprise-wide cloud landing zone (based on AWS ControlTower) which provided a secure and compliant foundation for product teams.
• Project lead for designing and implementing preventive and detective security guardrails in cloud platforms leveraging infrastructure-as-code.
• Designed security concepts for cloud-native and hybrid IT systems and applications of customers in the automotive industry.
• Active contributor to the internal AWS community, publishing high-quality weekly content through blog posts and talks on reference architectures and automation tools.
• Collaborated closely with MHP's IoT business unit to author a comprehensive Master's thesis, showcasing a profound commitment to in-depth research and a dynamic engagement with industry experts.
• Identification and analysis of potential Use Cases for APIs in manufacturing and logistics to generate new project opportunities.
• Spearheaded the strategic design and seamless implementation of a highly efficient cross-functional Data Management System, demonstrating keen analytical acumen and innovative problem-solving skills.
• Proficiently prepared and crafted comprehensive status reports and updates for Porsche executives and board members, showcasing a keen ability to distill complex information into concise communication tailored to diverse stakeholders.
• Distinguished for steering the establishment of a Quality Management System that successfully passed ISO 9001 certification within 6 months.
• Collaborated with external resources to continuously assess and improve security measures, staying ahead of potential threats and vulnerabilities in the organization's IT environment.
• Installation, maintenance, testing and troubleshooting of key internal systems (CRM and ERP software).
• Orchestrated the successful conception, development, and seamless rollout of a cutting-edge Knowledge Management Platform.
• Executed a series of impactful projects aimed at elevating process quality and driving remarkable efficiencies within chemical production processes, resulting in a 45% reduction in waste.
• Supporting certified Six-Sigma Blackbelts in the area of continuous process improvement.
• Master's thesis: Integration of Cloud Services in Incident Response Processes
• Core subjects: Security in Cloud Computing, Network Security, Digital Forensics, System Analysis & Hardening, Industrial Security, GRC (Governance, Risk & Compliance), Cryptographic Analysis
• Master's thesis: Use Cases for API Management in Manufacturing
• Core subjects: Supply-Chain-Management, Logistics, Factory Planning, Innovation and Technology Management, Risk Management, Computer Aided Production Systems
• Bachelor's thesis: Introduction of Measures for Process-Oriented Knowledge Management
• Core subjects: Quality Management, Statistical Process Control, Production Planning and Control, Project Management, Computer Science for Engineers, Computer Aided Design
The increasing influence of cloud technologies is fundamentally changing the information security landscape. Cloud services reveal new potential and challenges, particularly in the area of incident response. This Master’s thesis explores how cloud services can be integrated into incident response processes to increase the effectiveness and efficiency of responding to security incidents. The goal is to demonstrate the differences between incident response approaches in on-premise and cloud environments and to develop a deeper understanding of the synergies between cloud technologies and incident response strategies. The integration of cloud services is analyzed using three different incident response scenarios. It was identified that the use of certain cloud services is generally applicable in the preparation phase of incident response, whilst the use of cloud services in the detection, analysis, containment, eradication, and recovery phases after security incidents depends on the specific incident response scenario under consideration.
Author of technical articles covering topics such as AWS architecture, Terraform, CI/CD pipelines, Shift-Left Security, DevSecOps practices, and cloud incident response.
