Governance with technical credibility
I work at the intersection of policy, architecture and operations: turning frameworks, risks and control requirements into decisions, designs and implementation guidance.
❯ cat /etc/profile
Sebastian
Geißel
// Security Architect · Information Security · Security Governance
I design security concepts, reference architectures and operating models that make security practical, scalable and sustainable across enterprise environments.
18+ years in IT security
Cloud & infrastructure security
ISMS & risk-oriented decisions
Security as Code
Düsseldorf · Germany
Experience
18+
Years in IT security
Focus
ISMS
Risk, controls, governance
Leadership
8 FTE
Work-package lead responsibility
Languages
DE / EN
C2 German · B2 English
Domain
Enterprise
Large-scale, cross-functional environments
Tooling
Terraform
Automation, CI/CD, Python
about
Security that works in real operations.
My background combines technical depth in infrastructure, network and cloud security with a strong focus on information security, governance and reliable operating processes. I translate regulatory and organizational requirements into controls, standards and architectures that teams can actually implement.
value
What I bring to security teams and enterprise platforms.
Standardization that scales
From SOPs and runbooks to reference services and lifecycle processes, I build repeatable security patterns that reduce friction and improve delivery quality.
Enablement across teams
I align security, infrastructure, operations and project stakeholders, support risk-oriented decisions, and help teams embed security sustainably into their day-to-day work.
skills --verbose
Core capabilities.
Information Security & Governance
Security concepts, policies & standards95
ISMS context & risk handling90
Stakeholder alignment93
Security governance92
Architecture, Cloud & Operations
Security architecture (on-prem & cloud)94
Process integration & operating models91
Security as Code / Terraform87
Incident & monitoring collaboration85
timeline --career
Selected career path.
Senior IT Engineer — Infrastructure Security Automation / Architecture
- Designed target architectures, security requirements and implementation decisions for on-prem and multi-cloud environments.
- Owned AlgoSec for policy management and firewall orchestration including lifecycle processes and automation.
- Led cross-functional work packages, including NDR, DDoS protection, CSPM and NSPM rollouts.
- Supported ISMS-related risk handling, external penetration testing coordination and follow-up measures.
Infrastructure Security Architect
- Built and evolved architecture and security solutions for on-prem, Azure and container-adjacent platform environments.
- Translated security requirements into reusable platform solutions for development teams.
- Standardized operating concepts for central security components and aligned controls with governance requirements.
Consulting & 3rd-Level Security Roles
- Delivered design, build, documentation and operational support for security components.
- Drove incident, patch, policy, problem and reporting processes in enterprise security environments.
Managed Security Engineering Foundations
- Worked across managed security services, engineering, incident analysis, reporting and operational standardization.
- Automated routine tasks, supported colleagues and contributed to sustainable security operations.
ls ~/projects --selected
Selected work and program highlights.
Examples of large-scale work packages, architecture initiatives and operational security improvements from enterprise environments.
Network Detection & Response
Enterprise work-package leadership across IT, IoT and OT requirements.
- Compared four vendors across technical, functional and operational criteria.
- Prepared architecture concepts, management recommendations and rollout approach for seven countries.
- Aligned security, infrastructure and operations around operating model and integration points.
DDoS Protection in Azure
Reference architecture, rollout design and Security-as-Code implementation.
- Created a group-wide reference service for DDoS protection.
- Implemented scalable security controls with Terraform, CI/CD pipelines and Azure policies.
- Documented operating procedures and supported transition into stable operations.
CSPM / NSPM Rollout
Governance, controls, integration and operating readiness at scale.
- Defined target picture, controls and architecture decisions for group-wide implementation.
- Standardized and automated delivery for governance-friendly scaling.
- Owned operational handover including SOPs, runbooks, process integration and team enablement.
SOC & Monitoring Foundations
Process design and solution evaluation for security visibility and incident handling.
- Contributed to building SOC structures, processes and incident handling approaches.
- Evaluated SIEM and analytics solutions and derived operational requirements.
- Improved the link between monitoring, reporting and security incident workflows.
credentials
Certifications & tooling.
- EC-Council CEH v9
- Check Point CCSA / CCSE
- Juniper JNCIA-FWV / JNCIS-FWV
- Blue Coat Certified ProxySG Professional
- MobileIron Certified Administrator
- Scrum Master (scrum.org)
- ISO 27001 · BSI IT-Grundschutz · SIEM · ITIL · SOPs / Runbooks
- Python · Terraform · GitLab CI/CD · Ansible
soft skills
How I work.
- Convincing communication with technical and non-technical stakeholders
- Structured coordination across cross-functional teams
- Clear presentation of risks, decisions and results for management audiences
- Calm, solution-oriented behavior in complex or high-pressure situations
- Transparent collaboration, trust and continuous improvement
contact.json
Let’s talk about security architecture, governance or enterprise transformation.
Available for senior security architecture and information security roles, especially where governance, standardization and operational reality need to work together.