IT-Consulting
Timo Pagel | Web Security Training Expert
Biography
Timo Pagel is an internationally acclaimed speaker whose lively talks are accompanied by the exclusive DevSecOps Workshop in Hamburg, Germany. He speaks on the different concepts like OWASP Juice Shop, OWASP DevSecOps maturity model, OWASP Security Pins projects, etc. He also builds security infrastructures, providing technical guidance, assessing opportunities & risks, and establishing security policies and procedures.
Interests
- (Agile) Secure Development Lifecycle
- DevSecOps
- Threat Modeling
Education
-
Master of Science, 2016
University of Applied Sciences Kiel
-
Bachelor of Science, 2014
University of Applied Sciences Kiel
-
Qualified IT specialist for system integration, 2009
Ennit AG and IHK, Kiel
DevSecOps
Embrace the full DevSecOps-toolchain and culture to enhance the security of your cloud and applications.

Projects
Training
Workshops

CONTAINER SECURITY WORKSHOP
Conduction of a container security workshop to show the threats by operating containers.

Introduction into modern methods to integrate security into the development lifecycle.

Introduction into modern methods to integrate security into the development lifecycle.
Assessment

CLOUD SECURITY STRATEGY
Assessment of the cloud security strategy or the implementation. Giving recommendations to enhance cloud security.

SECURITY ASSESSMENT AND MANAGEMENT
Assessment of the overall security status, planning of activities and check of the effectiveness.

DevSecOps-ASSESSMENT
Assessment of the current DevOps security status, planning of activities and check of the effectiveness.

Quick security check of web applications to identify threats in running applications for common pit falls.
Recent & upcoming Talks
Sicherheit per Kultur – Agile Security & DevOps
Breaking Agile Meetup
My containers have been running stable for a year, is that good?
Continuous Lifecycle London
Experience
August 2018 – Present
Hamburg, Germany
DevSecOps Consultant
Leading finance- and insurance software development company (NDA)
- Development of strategies and concepts to integrate security into the development lifecycle and into operations (e.g. Kubernetes)
- Conception and implementation of continuous security tests in the build pipeline
- Security review of complex IT Systems like OAuth2, multi factor authentication, webserver and Java applications
- Training of internal security experts
February 2017 – Present
Hamburg, Germany
DevSecOps Consultant
SIGNAL IDUNA Gruppe
- Development of concepts to integrate security into the development lifecycle
- Conception and implementation of continuous security tests in the build pipeline
- Security review of complex IT Systems like OAuth, multi factor authentication, webserver, OpenShift clusters and Java applications
- Training of internal security experts
March 2016 – May 2016
Kiel, Germany
Websecurity Consulant
Web Agency (NDA)
- Automation of static and dynamic security tests in the build pipeline
- Conduction of security trainings
January 2016 – June 2016
Kiel, Germany
DevSecOps Consultant
Startup (NDA)
August 2014 – November 2014
Hamburg, Germany
Webdeveloper with security background
Iteratec GmbH
- Evaluation and implementation of dynamic security tests as a prototype for SecureCodeBox.io
June 2014 – June 2018
Kiel, Germany
Fullstack Developer
Lengalia
- Development and maintenance of a web vocabulary trainer in PHP and JavaScript
August 2012 – June 2013
Kiel, Germany
IT-Referent
AStA of the University of Applied Sciences Kiel
August 2009 – September 2013
Kiel, Germany
Webdevelopment and system administration (work student)
ennit interactive GmbH
- Development of hotel booking engines in PHP and JavaScript
- Administration of webservers like Apache or OpenStreetMap
February 2006 – June 2010
Kiel, Germany
Qualified IT specialist for system integration
TNG AG (now Ennit AG)
Teaching
October 2020 – present
Elmshorn, Germany
Lecturer for Security in IT-Security
Nordakademie
- Conception of the module IT-Security bachelor students
- Conduction of the course
April 2019 – present
Wedel, Germany
Lecturer for Security in Webapplications
University of Applied Sciences Wedel
- Conception of the module Security in Webapplications for master students
- Conduction of the course
October 2018 – present
Hamburg, Germany
Conduction of Docker Security Workshop
iteratec GmbH
- Conduction of one day docker security trainings
July 2018 – present
Nürnberg, Germany
Conduction of a DevSecOps Workshop
Leading tax software development company (NDA)
- Conduction of a two days DevSecOps and Agile Secure Development Lifecycle training for the head of security
September 2016 – January 2017
Kiel, Germany
Lecturer for IT-Infrastructure
Schleswig-Holstein Business Academy
- Conception of the module IT-Infrastructure for bachelor students
- Conduction of the course
- Conception and implementation of a virtual IT infrastructure with Virtualbox
June 2014 – September 2014
Kiel, Germany
Lecturer for Security in Webapplications
University of Applied Sciences Kiel
- Conception of a teaching concept and the module Security in Webapplications for bachelor students
- Conduction of the course
- Conception and implementation of a virtual IT infrastructure to learn how to conduct IT security audits
Contact
- web@pagel.pro
- 040 / 35774631
- Olewischtwiet 36a, 22177 Hamburg