03/03/2026 updated

JK
100 % available

Senior Cyber Security Engineer | Vulnerability Management, SecOps, SIEM

Batumi, Georgia
Worldwide
IT Specialist – System Integration
Batumi, Georgia
Worldwide
IT Specialist – System Integration

About me

Senior cyber security engineer with 10+ years in regulated industries (finance/aviation). Hands-on across vulnerability management, SecOps/SIEM, cloud & infrastructure security, plus GRC (ISO 27001, PCI DSS, NIST). Built VM platforms from scratch and drove remediation/security programs end-to-end.

Network EngineeringIEEE 802.1XActive DirectoryAmazon Web ServicesPenetration TestingJIRAMicrosoft AzureBash ShellBusiness Continuity and Disaster RecoveryChange ManagementCloud Computing SecurityConfiguration ManagementRegulatory ComplianceCommon Vulnerability Scoring System (CVSS)Debian LinuxLinuxDomainkeys Identified MailDomain-Based Message Authentication Reporting and Conformance (DMARC)Incident ResponseGovernance Risk Management and ComplianceHAProxyIncident ManagementIT Risk ManagementSecurity EngineeringIntrusion Detection SystemsVirtual Private Networks (VPN)ISO/IEC 27001Python (Programming Language)Kernel-Based Virtual MachineLightweight Directory Access Protocols (LDAP)Linux AdministrationNagiosRoutingNetwork SegmentationNginxOpen Source IntelligencePCI Data Security StandardsWindows PowerShellRed Hat Enterprise LinuxAnsiblePhishingRisk AnalysisWeb Application SecuritySecurity AnalysisSecurity TestingSecurity Information and Event ManagementSquid (Proxy Server)SyslogVMware VirtualizationVulnerability AssessmentVulnerability ManagementSnort (Software)Information Governance and ManagementInformation Security Management SystemIdentity Services EngineNetwork Access ControlLoad BalancingData ClassificationOffice365National Institute of Standards and Technology (NIST)Firewalls (Computer Science)Infrastructure as Code (IaC)MariskGitCloudformationSender Policy Framework (SPF)KubernetesAtlassian ToolsCheck Point FirewallsFortinetGDPRCIS BenchmarksSplunkCisco SwitchesRisk ManagementDevsecopsEmail SecurityDockerVulnerability Analysis
Vulnerability Management
Built and operated vulnerability management platforms from scratch in multiple environments (OpenVAS/Greenbone; two independent deployments). Experience with Rapid7 scan result analysis, finding validation, false positive reduction, CVSS-based prioritization, and Jira-based remediation lifecycle management.

Security Engineering & Security Operations
Hands-on experience with SIEM/logging (Graylog, Splunk, Syslog), IDS/IPS (Snort), NGFWs (Check Point, Cisco ASA, FortiGate), security baselines/hardening, incident response support, and phishing detection/response. Implemented and operated email security incl. SPF, DKIM, DMARC, anti-phishing, and email gateway policy enforcement.

Infrastructure & Cloud Security
AWS, Azure, Microsoft 365 Security, Linux hardening (Debian/Red Hat), Windows Server, IaC (Ansible, Salt, CloudFormation), container security (Kubernetes, Docker), virtualization (VMware, KVM/Ganeti), and secure web/proxy infrastructure (Apache/Nginx, HAProxy, Squid, Sophos WSA).

Governance, Risk & Compliance
Practical experience aligning technical controls and audit-ready evidence with ISO/IEC 27001/27002, PCI DSS, NIST CSF, CIS Controls, SOC 2, BSI IT-Grundschutz/C5, GDPR, and regulated-industry requirements (BAIT, MaRisk, KRITIS). Includes ISMS support and continuous improvement, drafting/reviewing policies, standards, procedures and guidelines, and maintaining control documentation.

Network & Platform Security
NAC / IEEE 802.1X (Cisco ISE, Cisco Prime), network segmentation, firewall management, secure remote operations, Linux administration, AD/LDAP, monitoring (Nagios), and core infrastructure operations.

Tools & Platforms
OpenVAS/Greenbone, Rapid7, Graylog, Splunk, Snort, Jira (Atlassian), Ansible, Salt, AWS CloudFormation, Check Point, Cisco ASA, FortiGate, Cisco ISE, Cisco Prime, Azure, Microsoft 365, VMware, KVM/Ganeti, Apache/Nginx, HAProxy, Squid, Sophos WSA, Python, Bash, PowerShell, Git.

Languages

GermanNative speakerEnglishFluent

Project history

Independent Cyber Security Engineer (Freelance)

Protaera (IE Jan Kuschel)

Internet & IT

Independent cyber security engineer providing hands-on security engineering and operations support
  1. Providing hands-on security engineering and operations support across vulnerability management, SIEM/logging, email security, and cloud/infrastructure security.
  2. Setting up remediation workflows incl. Jira tracking/reporting, prioritization, escalation and closure.
  3. Implementing and operating email security (SPF, DKIM, DMARC, anti-phishing) and related policy enforcement.
  4. Providing cloud/infrastructure security across AWS, Azure and Microsoft 365 (incl. IAM and segmentation/firewall improvements).
  5. Supporting ISMS-aligned controls and audit-readiness evidence preparation where required.
  6. Operating fully remote (UTC+4) with reliable overlap with European business hours.

Senior Professional Information Security

European Commodity Clearing AG (ECC), part of EEX Group / Deutsche Boerse

Banking & Financial Services

2nd-line vulnerability management SME and independent security oversight in a highly regulated financial environment.
  1. Served as the 2nd-line subject matter expert for vulnerability management, reviewing VM-related documents, controls and policies and conducting assurance activities to ensure control effectiveness.
  2. Reviewed vulnerability scan results from Rapid7 and other sources, validated findings, and coordinated remediation timelines with ECC SecOps and the Deutsche Boerse SOC using Jira-based workflows, ensuring timely closure aligned with regulatory expectations.
  3. Assessed and evaluated results from the Symantec Control Compliance Suite (CCS), verifying configuration baselines against CIS benchmarks and tracking deviations to ensure infrastructure hardening aligned with regulatory requirements.
  4. Performed independent 2nd-line security oversight across infrastructure/cloud controls, additional focus on SIEM and incident response procedures/playbooks (BAIT, MaRisk, KRITIS).
  5. Reviewed and guided technical security domains: vulnerability management, network segmentation, SIEM, cloud security, security baselines, and IAM.
  6. Supported the CISO with executive and board-level security reporting, including KPI/KRI-oriented inputs and contributions to supplier security assessments.
  7. Developed and matured group-wide ISMS and control practices aligned with ISO/IEC 27001/27002, NIST CSF, CSA CCM and CIS Controls, and automated recurring assurance activities with scripts and BI tooling.

Information Security Officer

AeroLogic GmbH (DHL and Lufthansa Cargo JV)

Transport & Logistics

Built and operated VM + core security controls in an aviation environment; owned email security controls and enforcement.
  1. Deployed and operated OpenVAS-based vulnerability scanning infrastructure (built from scratch); coordinated recurring vulnerability assessments and penetration tests, tracked remediation with stakeholders, and ensured operational closure of findings.
  2. Handled security incidents, led phishing awareness simulations, and performed phishing triage and response.
  3. Deployed and operated core security controls: SIEM, NGFW, MFA, VPN, IAM, and email/web security.
  4. Implemented SPF, DKIM, and DMARC; owned email security and gateway policy enforcement.
  5. Designed and hardened hybrid and cloud environments (Azure, Microsoft 365).
  6. Implemented and operated proxy and web security controls as part of secure IT operations.
  7. Collaborated with developers and IT operations to integrate security requirements into change and delivery workflows.
  8. Initially planned an ISMS aligned with ISO 27001 and BSI IT-Grundschutz; implemented GDPR-related technical and organizational measures (TOMs) and maintained policies and processes.

Expert IT

AeroLogic GmbH (DHL and Lufthansa Cargo JV)

Transport & Logistics

Core infrastructure operations with focus on stability, security, and automation; implemented NAC/IEEE 802.1X network architecture.
  1. Managed Linux and Windows server lifecycle and core infrastructure operations with focus on stability, security, and automation.
  2. Operated critical infrastructure components including firewalls, switches, and WLAN services to ensure stable and secure operations.
  3. Implemented new network architecture, including NAC/IEEE 802.1X, improving network segmentation and access control.
  4. Operated central monitoring and logging (Nagios, Graylog) and network solutions (Cisco ISE, Cisco Prime).
  5. Administered virtualization, SAN, backup, and Oracle database environments across data centers.
  6. Implemented Ansible-based configuration management as hardening guardrails, reducing configuration drift and manual effort.

Senior IT System Administrator

Unister GmbH
Designed, built and operated OpenVAS/Greenbone VM platform in a PCI DSS payment environment; automated AWS provisioning with CloudFormation.
  1. Designed and deployed an OpenVAS/Greenbone-based vulnerability management platform used company-wide; operated recurring scans and supported penetration testing activities in a PCI DSS payment environment.
  2. Implemented and operated security controls aligned with PCI DSS requirements, including a Snort-based network intrusion detection system.
  3. Built and maintained AWS production infrastructure with strong automation focus using CloudFormation.
  4. Administered more than 1,000 Linux systems across multiple data centers and supported secure operations at scale.
  5. Planned and executed AWS cloud migrations and maintained network/security infrastructure including firewalls, routers, and switches.
  6. Served as DevOps engineer in Unister Payment, automating build, operations, and deployment processes.

Linux System Administrator

Unister GmbH
VPN and firewall infrastructure ownership across production systems; Linux infrastructure at scale.
  1. Primarily responsible for the company’s VPN and firewall infrastructure, designing and managing iptables-based firewall rulesets and OpenVPN/IPSec VPN services across production systems.
  2. Operated Linux infrastructure at scale using KVM/Ganeti and VMware vCloud Director.
  3. Managed connectivity between distributed sites and data centers.

Certificates

Information Security Lead Auditor

TÜV SÜD

2019

Information Security Officer

TÜV SÜD

2018

Information Security Foundation

TÜV SÜD

2018

ITIL Foundation

EXIN

2016

LPIC-2

Linux Professional Institute

2014

LPIC-1

Linux Professional Institute

2011

Contact form

Log in to get in touch

You need to be logged in to use the contact form.

Sign upLog in