Vulnerability Management (including tools like DefectDojo)
-
100
%
Establishment of Good Security Culture
-
100
%
Security Strategy
-
80
%
Security Assessment
-
80
%
Development Skills
Java
-
80
%
Clean Code
-
80
%
JavaScript
-
80
%
PHP
-
80
%
Design Pattern
-
70
%
Operations
Linux
-
100
%
Containers
-
90
%
Kubernetes
-
80
%
Cloud Service Providers like AWS, GCP
-
60
%
Virtualization
-
80
%
AzureAD
-
80
%
ArgoCD, ArgoWorkfows
-
90
%
Bash
-
90
%
DevSecOps Trainer/Architect/Strategist
Timo Pagel has been in the IT industry for over twentyfive years. After a career as a system administrator and web developer, he advises customers as a DevSecOps consultant and trainer. His focus is on integrating security into the development lifecycle. For example with security test automation for software and infrastructure and assessment of complex applications in the cloud. In his spare time, he teaches "Web and Application Security" at various universities of applied sciences.
Certifications and Qualifications
Certifications
Certified Cloud Security Professional
Certified Ethical Hacker
Volunteering
Leader: OWASP DevSecOps Maturity Model - https://dsomm.owasp.org
Development of an application security program based on OWASP DevSecOps Maturity Model
Development of an Application Security Program (application security maturity model with 3 levels)
Lead development of "OWASP Metric Analyzer and Collector"
Web- and Cloud-Security training for internal security experts
CTO
FHUNii Media UG & Co KG
(
Kiel, Germany
)
2015 - 2018
Creation of a 360 Degrees Online Event Management Platform
Java
Container
Build-Pipeline with Jenkins
Vulnerability Management
Conduction of Security Trainings
Various Organizations
2016 - Present
Delivering of security knowledge with topics like Container Security, Cloud Security, OWASP Top Ten, OWASP API Top Ten, Secure Coding, Open Policy Agent, Kubernetes Security, Secure Coding
DevSecOps Engineer
NDA
(
Kiel, Germany
)
2016 - 2018
Evaluation and implementation of DevOps strategies to enhance the security of webapplications
Work Student
Iteratec GmbH
(
Hamburg, Germany
)
2014 - 2014
Evaluation and implementation of dynamic security tests (DAST) as a prototype for SecureCodeBox.io in Java
Web Developer (Freelance)
Lengalia
(
Hamburg, Germany
)
2012 - 2013
Lead development and maintenance of a web vocabulary trainer in PHP and JavaScript
Web Developer (Work Student)
(
Germany
)
2010 - 2014
Development in PHP, JavaScript and C++
ennit interactive GmbH: Development of hotel booking systems in PHP
QSC AG: Development of architecture metric dashboards in PHP
P& M Agentur Software & Consulting GmbH: OT device software for trucks in C and JavaScript