Principal responsibility for securing the digital environment of a unique Virtual Power Plant (VPP) and Smart Energy Management System (EMS) concept. Designing security-driven Cloud and SmartGrid Architecture and Cyber Security Controls built on cloud-native environments and aggregating Distributed Energy Resources (DER). Securing critical areas such as Manufacturing, DevOps, Frontends, Backends, TSO-connectivity, SmartGrid/IoT Hardware, Customer Data, Office and Remote workplace domains.

Leading a team of IT and OT experts carrying out Security Architecture and Control Designs, Critical Digital Asset Identification and Protection, Risk Assessment, Network Monitoring and Threat Analysis. Ensuring Regulatory Compliance for a nuclear power plant with four APR1400 reactors. Leading a technical design and implementation of consolidated 24/7 Cyber SOC for Plant Safety, Security and Emergency Preparedness functions. Conducting Quality Assurance for various plant automation, cyber security and IT suppliers related to Critical Digital Systems at the plant. Principal designer and accountable for Sensitive Compartmented Information Facilities (SCIF) and IT-infrastructure protecting Classified information up to Top Secret level.

Consulting in high-value and complex projects for UAE Armed Forces, with a focus on cyber security and communications. Trusted advisor and key member of an in-house consulting unit for military commanders, officers and SME’s on an operational and strategic level on how to integrate modern cyber security capabilities into defensive warfare tactics. Most notable projects were in areas inclusive of SOC, Threat Intelligence, Cross-Domain Solutions, Satellite Communications, Service Consolidation, Enterprise Architecture, Security Standardization, and overseeing Quality Assurance as a client representative towards various security and network service providers.

Consulting, training and auditing in various Cyber Security and Telecommunication domains and high-value projects. Core areas of expertise included security and infrastructure/network architecture designs, as well as solution advisory, while often acting as the bridge between the business leaders and deep technical experts. Key areas: Compliance Standards, Cyber Situational Awareness, SIEM, CSIRT, SOC, ICS/SCADA, DDoS Attacks, Pentests, RFI/RFP processes and security compliance audits. Instructor in e.g. hands-on hacking, IP-networking and CISSP -courses.

Initially employed as a Network Engineer maintaining and troubleshooting large data center IP-networks and security services (e.g. FW, VPN, Routing & Switching), but quickly promoted to a Network Architect to act as a technical lead and designer for managed IaaS network and security services, and as a technical service owner towards the customers. Since September 2010, promoted again to the role of Leading Security Architect, which encompassed establishing Nordic level Security as a Service (MSSP) portfolio services such as SIEM, IDS/IPS, Vulnerability Management, Strong Authentication, and CSIRT/SOC functions and providing hands-on security analyst training to run 24/7 SOC-operations.

Tier-1 and 2 infrastructure support and troubleshooting for a leading global telecommunication provider. Solving technical issues e.g. in user access, end points, shared resources and security services in a global environment of 70 000 users.

GRID

GIAC

2018 - 2021

CRISC

ISACA

2016

SABSA

SCF

2014

CISM

ISACA

2013

CISA

ISACA

2012

CISSP

ISC2

2011

CISSO

Mile2

2011

CPTS (Certified Penetration Testing Specialist)

Mile2

2008

CCSA

Checkpoint

2007 - 2009

CCDP

Cisco

2009 - 2020