Description

vCISO and Security Operations Leader with experience designing and optimizing SOCs, onboarding and managing MSSPs across global environments. I help organizations establish scalable, risk-based security operations and governance structures that align with ISO 27001, NIST, CROE, DORA, and other regulatory frameworks. Skilled in automation, multi-cloud security, and translating complex technical challenges into measurable business outcomes.

Industry field of expertise

Languages

English
Native or bilingual

Workplace preferences

Can work on-site

Frankfurt am Main (up to 50km)

Digital Science
Senior Cyber Security Engineer
TECH
August 2023 - Today (2 years and 10 months)
Lead SOC transformation and MSSP integration, extending coverage across workstations and multi-cloud environments (AWS, GCP, Azure, Hetzner) with enhanced telemetry and AI-driven analytics. Develop SOPs, map requirements and capabilities and establish governance maturity. Defined security operating processes and risk-based controls, improving incident response efficiency and reporting transparency. Developed the Security Risk Dashboard (WRT metrics) to measure threat trends and control maturity.
ISMS Security Engineering SOC Cloud Security Vulnerability & Exposure Management
EBA Clearing
Cyber Risk Officer
BANKING AND INSURANCE
July 2021 - August 2023 (2 years and 1 month)
Managed red-team exercises, pen testing, vulnerability management, and first-line oversight of SOC operations (through MSSP) in critical financial infrastructure. Managed the Cyber Resilience Framework (build on ISO27001 , ECB CROE, SWIFT CSCF) and developed KPI dashboards aligned with ISO 27004. Integrated MISP-based threat intelligence feeds and automated incident correlation across environments. Manage client requests, implemented customer questionnaires automation tool, reviewed and responded to questionnaires.
MSSP Governance DORA CROE SWIFT CSCF
Deutsche Bank
Global DLP Lead
BANKING AND INSURANCE
January 2018 - June 2021 (3 years and 5 months)
Led a global team of internal and externals, overseeing DLP operations securing over 100,000 endpoints. Shifted from technical control execution to a risk-based governance model and harmonized processes across EMEA, APAC, and AMER. Owned the DLP control framework covering policy definition, agent configuration, rule governance, and reporting across more than 100,000 endpoints. Collaborated with business leaders and data owners to capture DLP requirements, translate them into enforceable controls, and monitor effectiveness through key metrics and dashboards. Delivered audit remediation aligned with ECB, HKMA, RBI and internal audit.
DLP