What I'm focused on
IT Security Administrator at DocuWare in Munich, keeping nearly 1,000 endpoints across Windows, macOS, and Linux in a patched, monitored, and policy-compliant state. Day-to-day that means Tanium for patch orchestration, PowerShell and Python for every automation task in between, and aligning systems with ISO 27001 controls. When a new CVE drops, I'm triaging it before it becomes someone else's incident.
Currently learning
Working toward Tanium Threat Response Analyst — the cert exam is scheduled for May 2026. The coursework goes deep on live endpoint investigation, threat hunting workflows, and response automation inside the Tanium platform, which is a natural extension of the patch and compliance work I already do.
Also running through Kubernetes security in more depth: admission controllers, pod security standards, OPA/Gatekeeper policy authoring, and supply-chain hardening with Sigstore and SLSA. Most of my container exposure so far has been Docker in production; the orchestration security layer is the gap I'm closing.
On the reading list: MITRE ATT&CK Cloud matrix (mapping detections to the cloud controls I write about), AWS IAM condition key reference, and selected sections of The Web Application Hacker's Handbook for the API testing side.
Location
Munich, Germany. Open to remote-first roles anywhere.