André Beran - External Attack Surface Assessment &...

Q: Where is André based?

André is based in Berlin, Germany .

Q: What languages does André speak?

André speaks the following languages: German (Native), English (Advanced) .

Q: How many years of experience does André have?

André has at least 10 years of experience. During this time, André has worked in at least 9 different roles and for 8 different companies . The average length of individual experience is 1 year and 2 months . Note that André may not have shared all experience and actually has more experience.

Q: What is André's latest experience?

André's most recent position is External Attack Surface Assessment & Cybersecurity Readiness Checks at Graydaxe Cybersecurity GmbH .

Q: What companies has André worked for in recent years?

In recent years, André has worked for Graydaxe Cybersecurity GmbH , Energy Provider , Evotec SE , and German Edge Cloud .

Q: Which industries is André most experienced in?

André is most experienced in industries like Information Technology , Professional Services , and Biotechnology . André also has some experience in Energy and Banking and Finance .

Q: Which business areas is André most experienced in?

André is most experienced in business areas like Information Technology , Audit , and Project Management . André also has some experience in Product Development , Research and Development , and Strategy .

Q: Which industries has André worked in recently?

André has recently worked in industries like Information Technology , Biotechnology , and Energy .

Q: Which business areas has André worked in recently?

André has recently worked in business areas like Information Technology , Audit , and Project Management .

Recommended expert

Berlin, Germany

Experience

Aug 2025 - Feb 2026

7 months

External Attack Surface Assessment & Cybersecurity Readiness Checks

Graydaxe Cybersecurity GmbH

Conducting cybersecurity readiness checks based on an in-house assessment methodology
Analyzing the external attack surface using the Graydaxe EASM platform
Assessing maturity levels and deriving prioritized recommendations for action

Jul 2025 - Feb 2026

8 months

Berlin, Germany

Cybersecurity Architect

Energy Provider

Designing passwordless authentication
Planning and implementing an IT/OT zone model based on the Microsoft Enterprise Access Model and zero trust principles
Creating dependency analyses for critical Tier-0 services within business continuity management (BCM) and disaster recovery (DR)
Hardening Active Directory environments
Setting up and optimizing network security monitoring
Introducing and enhancing application controls
Implementing passwordless authentication
Auditing and redesigning a next-generation SIEM architecture
Designing network access control (NAC)

Aug 2024 - Present

1 year 8 months

Dallgow-Döberitz, Germany

Co-Founder

Graydaxe Cybersecurity GmbH

Co-founded and strategically developed an AI-driven SaaS cybersecurity platform for external attack surface discovery and Internet intelligence
Designed and implemented solutions focused on internet intelligence, security architecture, AI-based cybersecurity analytics, and satellite-based security assessments
Conducted regular security assessments for various clients using the Graydaxe platform and additional consulting and analysis services, particularly for evaluating external attack surfaces and security-related risks

Sep 2023 - Jun 2025

1 year 10 months

Toulouse, France

Enterprise Cybersecurity Architect

Evotec SE

Designing and implementing a holistic security architecture based on established frameworks and standards (e.g., NIST CSF, NIST SP 800-53/207, BSI IT-Grundschutz, OWASP Top 10, MITRE ATT&CK)
Architecture responsibility for core IT domains including application security, endpoint security, network and perimeter architecture, identity & access management, PKI, DNS security, virtualization, and high-performance computing
Implementing vulnerability management, external attack surface management, and threat intelligence, including integrating central security tools
Leading and executing OT and IT security measures after a ransomware incident, including secure migration of GxP-regulated lab systems, OT hardening, segmentation, and risk-based access concepts in close collaboration with IT, OT and QA
Supporting secure software development by defining security requirements, conducting architecture reviews, integrating DevSecOps principles, and threat modeling (STRIDE)
Establishing and operating core security processes and platforms (e.g., vulnerability management, XDR, SIEM, firewall change management, attack surface management, branding intelligence)
Designing and building a hybrid SOC (cloud & on-premise), including use case definitions, alert workflows, and selection of external SOC providers
Defining and implementing OS hardening according to CIS benchmarks for on-premise and cloud environments

Aug 2020 - Aug 2023

3 years 1 month

Berlin, Germany

CISO & SOC Team Lead

German Edge Cloud

Technical responsibility as CISO for a cloud provider with about 170 employees
Organizational and technical leadership of the Security Operations Center (agile team with internal and external specialists, blue & red teams)
Designing, building, and operating a SOC including XDR, vulnerability management, SIEM, threat intelligence, and threat hunting
Developing and executing incident detection & response, as well as defining and establishing related processes
Security operations focusing on endpoint detection, malware analysis (phishing), OSINT, and threat hunting
Conducting threat modeling, risk analyses, and building corresponding processes (STRIDE, MITRE ATT&CK)
Running proofs of concept for endpoint and XDR solutions
Managing external security assessments (pentests, DDoS tests)
Supporting management and information security officers in implementing and advancing the ISMS according to ISO/IEC 27001
Assisting with internal and external audits (clients, ISO 27001, BSI C5)

Oct 2019 - Aug 2020

11 months

Eschborn, Germany

CISO

Innovo Cloud

Co-founder and strategic development of an AI-powered SaaS cybersecurity platform
Designing and building a platform focused on threat intelligence and external attack surface management
Developing the security logic, use cases, and assessment methods
Technical architecture, tool integration, and automation of analysis workflows
Combining data-driven analysis with security architecture consulting

Jun 2019 - Sep 2019

4 months

Frankfurt am Main, Germany

Cybersecurity Architect/Consultant

Helaba

Contributed to the design, development, and audit of a group-wide security framework for the banking sector
Reviewed existing security architectures and guidelines
Aligned security requirements and concepts with relevant stakeholders

Aug 2018 - May 2019

10 months

Walldorf, Germany

Cloud Security Architect

SAP

Validating and improving security automation templates according to the SAP Security Framework for private and public cloud environments
Integrating security templates into central SAP security automation processes for platforms like Ariba, Concur, Fieldglass, and Cloud Foundry, as well as AWS and Azure
Focusing on operating system hardening for Linux and Windows servers according to internal security guidelines
Analyzing and validating scan results
Technical project management for the rollout of security automation templates, including coordination between the security and automation teams

Nov 2015 - Jun 2018

2 years 8 months

Berlin, Germany

Senior IT Auditor and IT Security Consultant

Mazars

Conducting IT audits and risk assessments of applications, business processes, and IT infrastructures as part of annual financial audits (IDW PS 261, 330)
Reviewing and advising in regulated environments, including MaRisk, BaFin, BAIT, ISO/IEC 27001, as well as SOC I and II
Performing and supporting certifications under ISAE 3402 and IDW PS 951
Conducting compliance and security reviews during migrations and system implementations (IDW PS 850) and software certifications (IDW PS 880)
Providing SAP security consulting and IT audits in SAP environments, especially authorization management
Performing multidimensional data analyses in ERP systems to support internal control and fraud audits

Industry Experience

See where this freelancer has spent most of their professional time.

Experienced in Information Technology, Professional Services, Biotechnology, Energy, and Banking and Finance.

Information Technology

Professional Services

Biotechnology

Energy

Banking and Finance

Business Area Experience

See which departments and functions this freelancer has contributed to most.

Experienced in Information Technology, Audit, Project Management, Product Development, Research and Development, and Strategy.

Information Technology

Audit

Project Management

Product Development

Research and Development

Strategy

Summary

Experienced cybersecurity expert with a software- and technology-agnostic approach and deep expertise in securing complex IT and OT environments. Many years of work in various roles, including Cybersecurity Architect, Security Consultant, Vulnerability and Attack Surface Manager, Technical CISO, SOC Team Lead, and auditor for technical and regulatory security requirements. Solid experience in designing, evaluating, and implementing modern security architectures, both at technical and organizational levels. Cross-industry project experience in critical infrastructure environments (energy, pharma, financial services), with IT and cloud service providers, and in regulated corporate settings. Collaboration with mid-sized companies and international corporations.

Skills

Core Qualifications

Cybersecurity Architectures For It And Ot Environments
On-prem And Cloud-native Security Architectures, Hybrid And Multi-cloud
Security Workflows And Processes
Identity And Access Management
External Attack Surface Management
Vulnerability Management & Exposure Reduction
Security For Ai-powered Systems, Machine Learning, And Data-driven Applications
Security For Satellite Systems And Related Ground Infrastructure
Incident Detection & Response (Processes, Playbooks, Architecture)
Siem Design, Optimization, Audit, Multi-siem
Cybersecurity For Satellites
Network Security Monitoring
Application Controls
Security Assessments & Audit-related Reviews
Technical Security Consulting & Project Management
Pragmatic Isms Implementation & Development (Technical & Organizational)

Industry Experience

Critical Infrastructure Environments Like Energy, Pharma, Financial Services
Cloud And It Service Providers
Industry
Smes And Enterprise Organizations
Regulated Sectors With High Compliance Requirements

Technologies

Cloud: Azure, Aws
Cloud-native & Devsecops: Openstack, Kubernetes, Container Security, Gitlab Ci/cd, Infrastructure As Code
Identity & Access: Entra Id, Active Directory, Pam/pim, Passwordless (X.509, Whfb, Fido2, Passkeys)
Siem & Detection: Microsoft Sentinel, Elastic Siem, Splunk Enterprise Security, Alienvault Ossim
Endpoint & Xdr: Microsoft Defender Xdr, Palo Alto Cortex Xdr, Palo Alto Cortex Xsiam, Bitdefender, Thor (Apt Scanner)
Vulnerability & Exposure Management: Rapid7 Insightvm, Tenable.io, Tenable.sc, Qualys, Nuclei, Greenbone/openvas
Attack Surface & Internet Intelligence: Shodan, Censys, Greynoise, Graydaxe
Security Automation & Scripting: Python, Powershell, Bash
Network: Network Security Monitoring, Dns Security (Ddi), Cisco Sna, Suricata, Zeek, Palo Alto, Firewall Change Management
Ai: Openai Gpt-4, Claude, Gemini, Mistral For Code Generation And Code Reviews For Security Automation, Api Integration, Anomaly Detection, Experimental Llm Use For Recon, Risk Rating, Classification By Risk Types (Software Vulnerabilities, Insecure Protocols, Remote Access Etc.)

Frameworks And Standards

Iso/iec 27001
Nist Cybersecurity Framework
Nist Sp 800-53
Nist Sp 800-207
Nist Sp 800-82
Bsi It-grundschutz
Bsi C5
Nis2
Essential Eight
Mitre Att&ck, Stride (Threat Modeling)

Other

Development And Operation Of A Proprietary Platform For External Attack Surface Management And Internet Intelligence

Languages

German

Native

English

Advanced

Education

Sep 2008 - Aug 2012

Nuremberg Institute of Technology Georg Simon Ohm

Bachelor of Business Informatics & Controlling · Business Informatics & Controlling · Nuremberg, Germany

Sep 1996 - Aug 2002

Belarusian National Technical University, Minsk

Diploma in Electrical Engineering · Electrical Engineering · Minsk, Belarus

Certifications & licenses

Security Operations & Defensive Analysis (Soc-200)

Offensive Security

Aws Certified Solutions Architect – Associate

A Cloud Guru

Certificate Of Cloud Security Knowledge (CcsK / Csa V4)

Cloud Security Alliance

SAP Security – Testing and Audit Practice

Ibs Schreiber, Hamburg

Critical Infrastructure Training according to §8a (3) BSI Act

Isaca

Certified Information Systems Auditor (Cisa)

Isaca

Micromaster Cybersecurity

Rochester Institute Of Technology

Statistics

Experience

Total positions 9

Experience in Information Technology 6 y

Avg length 1 y 4 m

Longest experience 3 y

Global Experience

Countries worked in 2 (Germany, France)

Primary country Germany

Expertise

Recent roles External Attack Surface Assessment & Cybersecurity Readiness Checks, Cybersecurity Architect, Co-Founder

Main industries Information Technology, Professional Services, Biotechnology

Main business areas Information Technology, Audit, Project Management

Qualifications

Highest degree Bachelor

Certifications earned 7

Profile

Created

February 2026

Last Update

March 2026

Need a freelancer? Find your match in seconds.

Try FRATCH GPT

Frequently asked questions

Do you have questions? Here you can find further information.

Where is André based?

André is based in Berlin, Germany.

What languages does André speak?

André speaks the following languages: German (Native), English (Advanced).

How many years of experience does André have?

André has at least 10 years of experience. During this time, André has worked in at least 9 different roles and for 8 different companies. The average length of individual experience is 1 year and 2 months. Note that André may not have shared all experience and actually has more experience.

What roles would André be best suited for?

Based on recent experience, André would be well-suited for roles such as: External Attack Surface Assessment & Cybersecurity Readiness Checks, Cybersecurity Architect, Co-Founder.

What is André's latest experience?

André's most recent position is External Attack Surface Assessment & Cybersecurity Readiness Checks at Graydaxe Cybersecurity GmbH.

What companies has André worked for in recent years?

In recent years, André has worked for Graydaxe Cybersecurity GmbH, Energy Provider, Evotec SE, and German Edge Cloud.

Which industries is André most experienced in?

André is most experienced in industries like Information Technology, Professional Services, and Biotechnology. André also has some experience in Energy and Banking and Finance.

Which business areas is André most experienced in?

André is most experienced in business areas like Information Technology, Audit, and Project Management. André also has some experience in Product Development, Research and Development, and Strategy.

Which industries has André worked in recently?

André has recently worked in industries like Information Technology, Biotechnology, and Energy.

Which business areas has André worked in recently?

André has recently worked in business areas like Information Technology, Audit, and Project Management.

What is André's education?

André holds a Bachelor in Business Informatics & Controlling from Nuremberg Institute of Technology Georg Simon Ohm and a Bachelor in Electrical Engineering from Belarusian National Technical University, Minsk.

Does André have any certificates?

André has 7 certificates. Among them, these include: Security Operations & Defensive Analysis (Soc-200), Aws Certified Solutions Architect – Associate, and Certificate Of Cloud Security Knowledge (CcsK / Csa V4).

What is the availability of André?

André is immediately available full-time for suitable projects.

What is the rate of André?

André's rate depends on the specific project requirements. Please use the Meet button on the profile to schedule a meeting and discuss the details.