Dirk Peter-Freelance Cyber Defense Lead & KRITIS/NIS2 Consultant | AI Security Architect

Situation: Increasing demand for privacy-compliant AI solutions for clients in the KRITIS and mid-market sector that need to analyze sensitive media content (audio, video, documents) without sending data to public cloud LLMs.

Task: Design, deployment, and secure operation of a fully self-hosted AI infrastructure including a custom-built digital management platform for automated media analysis.

Action: Architected and implemented a multi-tier platform on hardened Proxmox infrastructure with frontend (Nuxt 3, Vue 3, TypeScript, Tailwind 4), backend (Laravel 13, PHP 8.4, Sanctum), data storage (PostgreSQL 16, MongoDB 7), caching/queuing (Redis 7, Laravel Queue), AI workers (Python 3.11, Whisper, DeepFace, Librosa), scheduling (Laravel Scheduler/Cron), and local LLMs (Gemma, DeepSeek, Qwen, Mistral, LLaMA, Phi) via OpenWebUI with segmented network access, API hardening, and audit logging following BSI recommendations.

Result: Fully GDPR-compliant, on-premises AI platform with zero data leakage to third parties.

Task: Overall responsibility as an external Head of Cyber Security / CISO-as-a-Service for the design, implementation, and continuous improvement of ISMS according to ISO 27001, BSI IT-Grundschutz, and NIS2.

Action: Built and managed Cyber Defense Centers (CDC) with SOC operations, integrated SIEM solutions (Splunk, Graylog), established risk-based vulnerability management (Qualys, Nessus, OpenVAS), and conducted regular infrastructure, application, and physical penetration tests.

Result: Audit-ready ISMS for multiple clients and a 60% reduction in critical vulnerabilities within 90 days.

Task: Design and execution of NIS2 assessments and operational roll-out plans for KRITIS operators.

Action: Developed an online assessment tool for automated identification of individual weakness profiles, implemented ISMS optimizations, penetration testing, awareness programs, GRC suite deployment, and delivered C-level presentations.

Result: Accelerated the consulting process by 50% and successfully prepared multiple clients for NIS2 compliance.

Task: Incident commander for crisis response, forensics, and business recovery in ransomware attacks and APT campaigns.

Action: Coordinated with state and federal police (LKA, BKA), performed forensic analysis (OSForensics, Wireshark, Kali Linux), executed disaster recovery and BCM strategies, and developed BTC extortion response strategies.

Result: 100% recovery rate within defined RTO windows and sustainable post-incident security architectures.

Action: Planned, built, and operated a hardened multi-VM infrastructure (Proxmox, 15+ VMs) with web and mail servers, Graylog, OPNsense firewalls, CRM/ERP and LLM instances, network segmentation, DDoS mitigation, automated patch management, and backup strategies.

Result: >99.5% uptime over 20+ years and zero compromises.

Action: Designed coordinated phishing campaigns with five levels of difficulty, developed e-trainings and webinars in a PDCA cycle, and led red and blue teams.

Result: Phishing click rate reduced from 35% to under 5% within three campaign cycles.