freiberufler IOT | LLM/AI, Cybersecurity Architecture, Penetration Testing, Mentoring auf freelance.de

IOT | LLM/AI, Cybersecurity Architecture, Penetration Testing, Mentoring

zuletzt online vor wenigen Tagen
  • auf Anfrage
  • 1058AM Amsterdam
  • Weltweit
  • ru  |  kk  |  en
  • 24.05.2024

Kurzvorstellung

Security architect, consultant and security assessments specialist with particular experience in IOT, EV/EVCS, robotics, LLM/AI, Cybersecurity Act (CSA), RED and NIS2 directives.

Qualifikationen

  • Compliance management6 J.
  • Corporate Security
  • Cyber Security20 J.
  • Internet of Things (IoT)
  • Kryptographie6 J.
  • Penetrationstest
  • Security Architektur
  • Solution Architektur
  • System Architektur20 J.
  • Systems Engineering6 J.

Projekt‐ & Berufserfahrung

System and security architect
secure microchip manufacturing, Utrecht
1/2023 – 11/2023 (11 Monate)
Maschinen-, Geräte- und Komponentenbau
Tätigkeitszeitraum

1/2023 – 11/2023

Tätigkeitsbeschreibung

Design, architecture and implementation of the microchips secure manufacturing line system.

Eingesetzte Qualifikationen

Cyber Security, System Architektur, Systems Engineering

Security Architect / System Architect / Consultancy
EV / EVCS industries, Amsterdam
1/2019 – offen (6 Jahre)
Automobilindustrie
Tätigkeitszeitraum

1/2019 – offen

Tätigkeitsbeschreibung

Various system and security architecture related projects at EV/EVCS industries. Including system redesign, cryptography implementation, compliance and secure posture assessments, penetration testing

Eingesetzte Qualifikationen

Kryptographie, Compliance management, Cyber Security, System Architektur, Systems Engineering

Cybersecurity risk assessments/red team leading/pentesting/architecture (Festanstellung)
Consultancies/Financial/Manufacturing/Industrial, Amsterdam
1/2005 – 1/2019 (14 Jahre, 1 Monat)
High-Tech- und Elektroindustrie
Tätigkeitszeitraum

1/2005 – 1/2019

Tätigkeitsbeschreibung

● Risk Assessment & Threat Modelling: Masterful in identifying design and technical vulnerabilities, and in fortifying systems against cyber threats.
● Process Improvement: Skilled in streamlining IT/IoT/manufacturing and security processes for cost reduction and enhanced efficiency.
● System Architecture: Experienced in designing scalable, efficient, maintainable and secure systems based on standards and best engineering and security practises.
● Team Development & Leadership: Experienced in building and leading teams of security experts.
● Security Analysis, Preparedness, Penetration tests and Ethical Hacking: Proficient in evaluating security postures and preparing for evolving challenges.
● Secure SDLC & Software Design and Development: Experienced software and system architect with extensive hands-on expertise in Python, JavaScript, and TypeScript.
● Risk and Damage Assessment: Evaluating risks and current business processes and assets to assess potential damage.
● Targeted Security Assessments: Conducting thorough assessments to identify and address security vulnerabilities.
● Threat Minimization: Identifying and reducing financial and reputational damage from security threats.
● Information Leak Prevention: Minimising the risks of valuable information leakage.
● Team Mentoring: Fostering cohesive teams and robust cybersecurity practices.
● Cost Reduction: Streamlining IT and security processes to reduce costs.
● Development Security Preparedness: Training developers to maintain robust information
systems security.
● Security Posture Improvement: Enhancing the ability to respond to cybersecurity threats.
● Framework Creation: Establishing frameworks for secure process and project
implementation.
● System Architecture Development: Expertly design and redesign systems within IT/OT and
IoT domains, extensively utilising microservices, containerization, and virtualization to enhance critical system factors.

Eingesetzte Qualifikationen

Cyber Security, System Architektur

Über mich

Services Offered

1. System Architecture Assessment

Description: A detailed analysis of existing or planned systems to identify security vulnerabilities, resilience issues, operational risks, bottlenecks, and areas of cost inefficiency.
Requirements: System overview, system-related technical documentation, plus either a live session or QA form with written responses.
Deliverables: A comprehensive report including an overall conclusion, possible business impact, and actionable steps or alternative solutions to remedy discovered flaws.

2. Technical Architecture Consulting

Description: Expert advice to system and security requirements, associated risks, and recommend technology stacks, platforms, solutions, and protocols tailored to specific business needs. This service is helpful when the business solution needs to be found or developed or an existing one is not satisfying.
Requirements: A written concept of the required solution and technical and business constraints.
Deliverables: A technical-level architectural design, solution alternatives, business justification of the solution, identified security risks, and a list of recurring maintenance costs (excluding cost comparisons) where applicable.

3. Security Review of Source Code, Firmware or system configuration

Description: This review service is designed to assess impactful security issues and business logic flaws in the code, IOT firmware or a system configuration.
Amsterdam, Netherlands

Requirements: Access to the source code, firmware, and relevant system configurations, detailed specification of the application or system.
Deliverables: A comprehensive report outlining discovered security vulnerabilities, business logic flaws, and recommendations for robust mitigation strategies.

4. Security Risk Assessment, Ethical Hacking, and Penetration Testing

Description: Testing the robustness of IoT/Robotics systems and devices, including LLM (AI) systems, against attacks and malfunctions.
Requirements: Access to the system or device, relevant technical documentation, and use case scenarios.
Deliverables: A detailed vulnerability report, including impact description based on threat trees, and remediation strategies.

5. Standards Consultation for IoT Systems

Description: This service provides a pre-compliance checkup to identify potential areas of non-compliance and establish a strategic plan to meet regulatory requirements for IOT systems and devices according to European standards and regulations such as ETSI EN 303 645, IEC 62443 series, RED, CRA and NIS2.
Requirements: Details of the IoT system, target standards for compliance, plus either a live session or QA form with written responses.
Deliverables: A compliance roadmap, pre-compliance checkup report, gap analysis, and detailed action steps for achieving and maintaining compliance with standards.

Weitere Kenntnisse

- Security architecture assessments of the architecture and associated risks of systems, products (both hardware and software) and business processes, both existing and in the design and implementation phase;
- Penetration testing and security assessments of IT / OT / IoT systems;
- Penetration testing and security assessments of individual system components and IOT devices against attacks;
- Advice on product design with respect to EV/EVSE standards such as ISO 15118, OCPP, ISO/SAE 21434:2021;
- Consulting on IoT and related IT system architecture, applied cryptography, PKI, business process security and business structure;
- Review and analysis of gaps against industry and product standards, directives such as IEC 62443, EN 303 645, PCI-DSS, GDPR, NIST 800-171;
- Hands-on expert solutions development based on C#, C/C++, Rust, Python, TypeScript/JS.

Persönliche Daten

Sprache
  • Russisch (Muttersprache)
  • Kasachisch (Muttersprache)
  • Englisch (Fließend)
  • Deutsch (Grundkenntnisse)
  • Niederländisch (Grundkenntnisse)
Reisebereitschaft
Weltweit
Arbeitserlaubnis
  • Europäische Union
  • Schweiz
  • Vereinigte Staaten von Amerika
Home-Office
bevorzugt
Profilaufrufe
450
Alter
37
Berufserfahrung
16 Jahre und 3 Monate (seit 09/2008)
Projektleitung
16 Jahre

Kontaktdaten

Nur registrierte PREMIUM-Mitglieder von freelance.de können Kontaktdaten einsehen.

Jetzt Mitglied werden