CCVOSSEL GmbH

• Plan, coordinate and implement security solutions • Provide strategic and operational advice to clients on information security, ISMS and regulatory requirements (especially NIS2) • Manage measures for the sustainable implementation of security concepts • Establish, further develop and document ISMS according to ISO 27001 / ISO 2700x • Conduct gap analyses, risk assessments and maturity assessments • Prepare and support ISO 27001 certifications and internal/external audits • Implement and assess NIS2 requirements, including governance, risk management and reporting processes • Prepare and support regulatory assessments and examinations (e.g., NIS2) • Design and deliver training and awareness measures • Develop and improve incident management and contingency/emergency plans • Create business continuity plans and security policies

• You identify real attack paths in complex IT environments and demonstrate to organizations in a practical manner how vulnerabilities can be exploited and sustainably remediated. • You plan and execute advanced penetration tests in infrastructure, web and cloud environments, developing bespoke attack scenarios beyond standard scans. • Develop, adapt and deploy exploit techniques, attack paths and custom attack scenarios. • Produce high-quality technical pentest reports as well as concise management summaries. • Present findings in technical deep-dives and in management wrap-up meetings. • Coordinate closely with clients during test execution, reporting and remediation phases. • Develop scripts and tools to automate tests and increase testing efficiency. • Contribute to innovative topics in AI security, both by using AI-assisted testing methods and by performing security analysis of AI/ML systems and their potential attack scenarios.

• Plan, coordinate and implement security solutions • Provide strategic and operational advice to clients on information security, ISMS and regulatory requirements (in particular NIS2) • Manage measures to ensure the sustainable implementation of security concepts • Establish, develop and document ISMS in accordance with ISO 27001 / ISO 2700x • Conduct gap analyses, risk analyses and maturity assessments • Prepare and support ISO 27001 certifications and internal/external audits • Implement and evaluate NIS2 requirements, including governance, risk management and reporting processes • Prepare and support regulatory assessments and examinations (e.g., NIS2) • Design and deliver training and awareness programs • Build and further develop incident management and contingency plans • Create emergency plans and security policies