About Me
I’ve always been driven by a simple question: How can we make this better? My journey started in the world of physics and software architecture, where I learned to appreciate the elegance of complex systems. Over the years, that curiosity evolved into a passion for defending those systems.
I don’t just look at security through a lens of compliance or checklists. To me, true security is a living process—one that requires continuous improvement and a proactive mindset. I thrive on the challenge of outsmarting potential threats by thinking like an attacker. Whether I’m designing a global security strategy or performing a deep-dive penetration test, my goal is the same: to build a digital environment where businesses can innovate without fear.
Key Areas of Expertise
Offensive Security & Penetration Testing
-
Certified Professional Penetration Tester: Expert in identifying and exploiting vulnerabilities in web applications and network infrastructures.
-
Vulnerability Management: Proactive detection and mitigation of security risks through internal testing practices.
-
Security Hardening: Translating pentest results into actionable hardening strategies for Cloud and Endpoint environments.
Strategic Governance, ISO 27001, NIS2, CIS
-
ISMS Leadership: Full-cycle implementation from initial risk analysis to successful certification.
-
Risk Management: Designing frameworks that align security controls with actual business risk profiles.
-
Compliance & Audits: Bridging the gap between technical reality and regulatory requirements.
Infrastructure & Cloud Security
- Cloud Environments: Securing Azure and Microsoft 365 environments with a focus on Identity and Access Management (IAM).
- DevSecOps Integration: Embedding security into the development lifecycle through automated vulnerability checks and secure coding standards.
Efficiency & Automation
- Process Optimization: Reducing manual overhead by over 30% through strategic automation.
- Technical Strategy: Aligning IT operations with business goals to ensure high availability and resilience.
Professional Highlights
- 100% SLA Compliance: Maintained a perfect record for incident response throughout 2025.
- Infrastructure Modernization: Led migrations that cut maintenance costs by 15% and overhead by 25% through automation.
- Agile Leadership: Managed cross-functional teams to deliver secure, high-performance technical solutions.
Check your Compliance
Evaluate Your Regulatory Standing
Stay ahead of evolving legal requirements. My rapid assessment tools offer a first glance at whether your business falls under current mandates.
Important: These checkers are designed for initial guidance and should not be used as a substitute for professional legal advice. Use the results to prioritize your next steps and engage with a specialist like me ;) for a deep-dive audit.