OT Security Architect, OT Security Consultant
- Verfügbarkeit einsehen
- 0 Referenzen
- auf Anfrage
- 40472 Düsseldorf
- Weltweit
- de | en | es
- 18.11.2024
Kurzvorstellung
engagierter OT Security Experte, viel Praxiserfahrung Sicherheitskonzepte u. -architekturen für OT/Automatisier, spez. Energie (KRITIS), chem Prod, (StörV),
CISSP, CISM, GICSP, ISA 62443
Qualifikationen
Projekt‐ & Berufserfahrung
1/2024 – 6/2024
Tätigkeitsbeschreibung
- Provide expert OT cybersecurity consultation for energy distribution, power grid, and utilities sector.
Develop comprehensive security concepts and risk assessments aligned with industry standards and regulations, including IEC 61850, IEC 62351, IEC 62443, and ISO 27019.
Employ intrusion detection techniques using StationGuard to safeguard critical infrastructure.
Contributed to cybersecurity standardisation efforts, promoting enhanced security in OT environments.
Developed and delivered a complete suite of training materials and courses on OT security, tailored for power utilities and substations, enhancing Omicron Academy's educational offerings.
Sicherheitskonzept, Cyber Security, IDS (Intrusion Detection System), Netzwerk-Sicherheit
9/2023 – 12/2023
Tätigkeitsbeschreibung
Provided expert consulting services on Siemens PCS7 PLS, advising on best practices for securing OT environments, including process control systems, SCADA systems, and other critical infrastructure.
Developed and implemented OT security strategies, policies, and procedures in alignment with industry standards.
Designed secure OT networks/system architectures, ensuring robust segmentation, access controls, and monitoring capabilities.
Cyber Security, Demilitarized Zone (DMZ), Netzwerk-Sicherheit, Netzwerkarchitektur
11/2022 – 8/2023
Tätigkeitsbeschreibung
- Established OT security governance for global production sites at BYK,
- conducted OT security assessments and risk management.
- Consulted projects and departments in OT security, and designed and architected OT security systems and concepts in line with local regulations, compliances, and OT security standards, such as IEC 62443 and StörV KAS 51.
- Promoted a culture of security awareness/accountability across organisation through regular communication and engagement.
- Monitored and managed third-party risks associated with outsourced OT operations and maintenance activities.
Sicherheitskonzept, Sicherheitsmanagement, Asset-Management, Corporate Governance, Cyber Security, Demilitarized Zone (DMZ), Remote-Service, It-Governance, Netzwerk-Sicherheit
4/2022 – 9/2022
Tätigkeitsbeschreibung
caring for OT security regarding the EMEA production plants of Covestro, a German global fine chemistry producer of a variety of polyurethane and polycarbonate based materials.
- Readiness preparation of several production sites for KAS 51 Cybersecurity Audit as part of German regulation Störfallverordnung (StörV) (Hazardous Incident Ordinance)
Cyber Security, Netzwerkarchitektur, Compliance management, Corporate Governance, Produktionstechnik (allg.)
11/2017 – 3/2022
Tätigkeitsbeschreibung
Interfaced with top-tier global customers in oil/gas, petro/fine chemistry, and plant manufacturers.
Provided a full range of OT security designs and architectures, customer security consultancy, security assessments, and ensured adherence to compliance (KRITIS, BSI Sig 2.0, KAS 51, ENISA NIS).
Handled customer acquisition, presales, tender support, offerings, compliance, presentations/demos.
Specialised in IACS (ISA/IEC 62443), Industrial Security, IIoT Security, and Cloud Security.
Consulted broad IACS network and infra modernisation to become
KRITIS-compliant (BSI Security Act) for an international energy utility at a national power plant in Berlin.
Supported SE businesses on cybersecurity primary for Industrial Automation business, Process Automation (Foxboro DCS), Safety Instrumented Systems (Triconex), ICS/SCADA (Modicon, Hybrid).
Supported SE businesses also on energy solutions, IIoT, and building automation.
Acted as a member of the global Schneider Electric security standardisation expert committee.
Conducted proof of concepts/life tests, optimised scaled design, and launched OT anomaly detection monitoring systems (Nozomi Guardian) at major national refinery (KRITIS), power plant (KRITIS), and fine
chemistry production plant.
Cyber Security Practitioner (CSP), IDS (Intrusion Detection System), Netzwerk-Sicherheit, Compliance management, Remote-Service, AVA (Ausschreibung, Vergabe und Abrechnung), Sicherheitskonzept
Zertifikate
ISACA Association – Deutschland
SANS Institute - Escal Institute of Advanced Technologies – U.S.A.
International Society of Automation (ISA) – U.S.A. /Netherlands
ISACA Association – United States / Germany
(ISC)² CONSORTIUM – United States / Germany
Ausbildung
Universität Hannover
Hannover
Weitere Kenntnisse
-Anwender-KnowHow internationale OT-Sec-Standards (IEC 62443, IEC 62351 (IEC 61850), ISO 27019, NIST CSF, NERC CIP)
- Expertenkenntnisse Regularien (KRITIS, EU NIS2, StörV KAS 51)
- Trainererfahrung in Schulungen für OT Security für Einsteiger & Profis
--- Technical Proficienccis ---
Sound Product Knowledge Security Supplier:
- Firewall technologies: PaloAlto, Fortinet, Cisco, Juniper
- IDS for OT: Omicron StationGuard, Nozomi Guardian, Claroty CTD, Snort/Sourcefire
- SIEM: SolarWinds, Trustwave
- Remote Access: Claroty SRA
Security Technology
- Network security concepts, Perimeter, Firewalls, Secure Remote Access, VPN, OT DMZ, Proxy-Server
- Business Risk Management, Security Assessments, Analysis and Audits
- Security concepts for Industrial Control and Automation Systems, IIoT, and I 4.0.
- expert knowledge in OT Security Standards & Regulations (IEC 62443, IEC 62351, ISO 27019, NIST CSF, German KRITIS BSIG, German StörV KAS 51, EU NIS-2 directive)
- Security for Cloud architectures, Virtualization, CASB, SOA Governance, Web Services
- Security Monitoring: SIEM, IDS, Anomaly Detection for OT
- Identity Management, Single-Sign-On, Unified User Management, Federation Concepts, PKI
Automation-, DCS-, Process Control Systems:
- sound expert knowledge: Schneider-Electric Foxboro, Modicon, Triconex (Safety)
- basic knowledge: Yokogawa Centum, Emerson DeltaV, Siemens PCS7, WinCC, HIMA
Persönliche Daten
- Deutsch (Muttersprache)
- Englisch (Fließend)
- Spanisch (Grundkenntnisse)
- Französisch (Grundkenntnisse)
- Europäische Union
Kontaktdaten
Nur registrierte PREMIUM-Mitglieder von freelance.de können Kontaktdaten einsehen.
Jetzt Mitglied werden