IT-Consulting
Timo Pagel | Web Security Training Expert
Biography
Timo Pagel is a security architect, located in Hamburg. He is an IT specialist in system integration and web security. He has been in IT industry for over fifteen years for designs, builds and oversees the implementation of network, infrastructure, cloud and application security for organizations.
After a career as a system administrator and web developer, he now advises clients on DevOps security with the focus on security test automation for software and infrastructure. He is a proven security professional as well as leader of security teams and programs within a cloud service environment. He is also specialized in security education; secure development lifecycle, application security training in Hamburg, program design and architecture, compliance, and docker Security. In his free time, he teaches “Security in Web Applications” at the University of Applied Sciences Wedel.
Timo Pagel is an internationally acclaimed speaker whose lively talks are accompanied by the exclusive DevSecOps Workshop in Hamburg, Germany. He speaks on the different concepts like OWASP Juice Shop, OWASP DevSecOps maturity model, OWASP Security Pins projects, etc. He also builds security infrastructures, providing technical guidance, assessing opportunities & risks, and establishing security policies and procedures.
Interests
- (Agile) Secure Development Lifecycle
- DevSecOps
- Threat Modeling
Education
-
Master of Science, 2016
University of Applied Sciences Kiel
-
Bachelor of Science, 2014
University of Applied Sciences Kiel
-
Qualified IT specialist for system integration, 2009
Ennit AG and IHK, Kiel
DevSecOps
Embrace the full DevSecOps-toolchain and culture to enhance the security of your cloud and applications.
Projects
Assessment of the current DevOps security status, planning of activities and check of the effectivness.
Conduction of a docker security workshop to show the threats by operating Docker.
Quick security check of web applications to identify threats in running applications for common pit falls.
Informationssicherheits-Schulung für Mitarbeiter von kleinen bis großen Organisation.
Assessment of the overall security status, planning of activities and check of the effectivness.
Introduction into modern methods to integrate security into the development lifecycle.
Recent & upcoming Talks
Sep 15, 2018
Kieler Open Source und Linux Tage
DiWiSH-Fachgruppe Open Business: 2. Kieler Open Source Business Konferenz
Experience
August 2018 – Present
Hamburg, Germany
DevSecOps Consultant
Leading finanz- and insurance software development company (NDA)
- Development of concepts to integrate security into the development lifecycle
- Conception and implementation of continuous security tests in the build pipeline
- Security review of complex IT Systems like OAuth, multi factor authentication, webserver and Java applications
- Training of internal security experts
February 2017 – Present
Hamburg, Germany
DevSecOps Consultant
SIGNAL IDUNA Gruppe
- Development of concepts to integrate security into the development lifecycle
- Conception and implementation of continuous security tests in the build pipeline
- Security review of complex IT Systems like OAuth, multi factor authentication, webserver, OpenShift clusters and Java applications
- Training of internal security experts
March 2016 – May 2016
Kiel, Germany
Websecurity Consulant
Web Agency (NDA)
- Automation of static and dynamic security tests in the build pipeline
- Conduction of security trainings
January 2016 – June 2016
Kiel, Germany
DevSecOps Consultant
Startup (NDA)
August 2014 – November 2014
Hamburg, Germany
Webdeveloper with security background
Iteratec GmbH
- Evaluation and implementation of dynamic security tests as a prototype for SecureCodeBox.io
June 2014 – June 2018
Kiel, Germany
Fullstack Developer
Lengalia
- Development and maintenance of a web vocabulary trainer in PHP and JavaScript
August 2012 – June 2013
Kiel, Germany
IT-Referent
AStA of the University of Applied Sciences Kiel
August 2009 – September 2013
Kiel, Germany
Webdevelopment and system administration (work student)
ennit interactive GmbH
- Development of hotel booking engines in PHP and JavaScript
- Administration of webservers like Apache or OpenStreetMap
February 2006 – June 2010
Kiel, Germany
Qualified IT specialist for system integration
TNG AG (now Ennit AG)
Teaching
April 2019 – present
Wedel, Germany
Lecturer for Security in Webapplications
University of Applied Sciences Wedel
- Conception of the module Security in Webapplications for master students
- Conduction of the course
October 2018 – present
Hamburg, Germany
Conduction of Docker Security Workshop
iteratec GmbH
- Conduction of one day docker security trainings
July 2018 – present
Nürnberg, Germany
Conduction of a DevSecOps Workshop
Leading tax software development company (NDA)
- Conduction of a two days DevSecOps and Agile Secure Development Lifecycle training for the head of security
September 2016 – January 2017
Kiel, Germany
Lecturer for IT-Infrastructure
Schleswig-Holstein Business Academy
- Conception of the module IT-Infrastructure for bachelor students
- Conduction of the course
- Conception and implementation of a virtual IT infrastructure with Virtualbox
June 2014 – September 2014
Kiel, Germany
Lecturer for Security in Webapplications
University of Applied Sciences Kiel
- Conception of a teaching concept and the module Security in Webapplications for bachelor students
- Conduction of the course
- Conception and implementation of a virtual IT infrastructure to learn how to conduct IT security audits
Contact
- web@pagel.pro
- 040 / 35774631
- Olewischtwiet 36a, 22177 Hamburg