Dr. Jan Kalbantner

Senior Manager | Enable businesses to secure their data

cv@kalbantner.de | kalbantner.com | linkedin.com/in/jankalbantner

About me

Senior manager with a decade of experience in cybersecurity and privacy, specializing in securing infrastructures, developing resilient security strategies, and leading global interdisciplinary teams. Proven track record in compliance with international standards and implementing advanced tools for infrastructure and application security. Experienced in different roles with a history of success in research, project management, and technological innovation across various industries including academia, manufacturing, financial services, consulting, and automobile. Passionate about new technologies and enabling businesses globally.

Work Experience

Senior Information Security Manager, Porsche

Stuttgart, Germany | Hybrid
June 2024 - Present

• Directed global cybersecurity operations, achieving a 30% reduction in security incidents within 6 months by implementing application security (SSDLC), endpoint security and infrastructure security.
• Led a team of 7 external team members, managing a budget of 1.7 million EUR, and enhancing overall efficiency by 20% through interdisciplinary projects on AI/ML, cryptography, ICT & OT security, and cloud security.
• Designed and implemented a global Information Security Service Desk, streamlining issue resolution times by 50% across international locations and ensuring 99.99% availability in emergency situations.
• Implemented information security policies that adhere to standards such as TISAX, ISO 27001, NIST 800-53, or NIS2, increasing compliance by 15%.

Cyber Security Manager, KPMG Ignition Tokyo

Tokyo, Japan | Hybrid
September 2023 - May 2024

• Boosted incident resolution efficiency by 20% through significant security initiatives such as security workflows.
  
• Reduced response times by 50% by playing a key role in SIEM, SOAR, SOC monitoring, and triage operations using Microsoft Sentinel.
• Improved compliance with ISO 27001:2022 by 25% by identifying and resolving over 30 critical security vulnerabilities.
• Helped with shaping and issuing the first AI and post-quantum cryptography policies.

Chief Information Security Officer, Wechselgott

Tokyo, Japan | Remote
September 2022 - August 2023

• Managed and refined AWS, Azure, and Kubernetes infrastructure, supporting a 300% annual customer growth rate.
  
• Achieved full compliance with ISO 27001:2022, OWASP Top 10, EBA Guidelines (IT Grundschutz), and NIST 800-53, ensuring robust security standards.
  
• Provided leadership to internal and external teams, effectively managing a 150,000 EUR budget and integrating new security tools (DAST, SAST, IAST, SCA) into code pipelines, enhancing code quality by 25% and reducing vulnerabilities by 40%.

IT Infrastructure & Cybersecurity Manager, Wechselgott

London, United Kingdom | Remote
June 2020 - September 2022

• Led a team of 5 infrastructure & cybersecurity specialists, enhancing incident response time by 60% through the implementation of new security best practices
  
• Planned, managed, and implemented ISO 27001 and BSI 200 standards to the infrastructure and all products, ensuring compliance and security
  
• Introduced Infrastructure-as-a-Code (IaaC), achieving over 99.95% availability and total infrastructure recovery within 30 minutes

IT Infrastructure & Cybersecurity Specialist, Wechselgott

London, United Kingdom | Remote
May 2019 - June 2020

• Conducted comprehensive vulnerability assessments and security audits, enhancing security protocols by 20%.
  
• Spearheaded the integration of advanced SIEM tools, achieving a 30% faster threat response time.
  
• Collaborated with development teams to integrate secure coding practices, mitigating security risks by 45%.

Doctoral Researcher, Royal Holloway University of London

London, United Kingdom | Hybrid
October 2019 - May 2023

• Conducted academic research in security and privacy of P2P systems, resulting in 8 peer-reviewed publications, contributing to the advancement of cybersecurity knowledge.
  
• Analyzed data, formulated theses, and conducted various experiments, enhancing the understanding of security protocols and privacy measures.
  
• Managed self-directed projects for the doctoral thesis (PhD), demonstrating strong project management and independent research skills.

Research Assistant, Royal Holloway University of London

London, United Kingdom | Hybrid
October 2019 - July 2020

• Lectured and managed students for 3 classes, including information security, network security, and smart cards, enhancing their understanding of cybersecurity principles.
  
• Implemented an automated data processing pipeline, increasing data accuracy by 25% and reducing processing time by 50%, showcasing technical proficiency.
  
• Supervised and assisted with administrative tasks for over 250 students, demonstrating strong organizational and leadership skills.

IT Consultant, K13 Solutions (Self-Employed)

Heidelberg, Germany | Remote
May 2015 - June 2020

• Conducted over 50 security audits (penetration tests), ensuring 100% compliance with ISO 27001 and EBA standards.
  
• Led 4 development projects for secure web and mobile applications, enhancing security measures and reducing vulnerabilities.
  
• Managed and improved server infrastructure for various clients, utilizing programming languages including TypeScript, C#, Kotlin, and Swift.

IT Application Consultant, Bürkert Fluid Control Systems

Ingelfingen, Germany | On-Site
August 2016 - September 2017

• Directed software development projects, including full-stack application development using JavaScript, PHP, and Java, ensuring robust and secure applications.
• Managed 5 applications, achieving continuous improvement and error-free operations, enhancing system reliability by 25%.
• Collaborated with clients to understand their business processes, customizing software solutions to meet their requirements, improving client satisfaction rates by 30%.

Graduate Programme, Bürkert Fluid Control Systems

Ingelfingen, Germany | On-Site
June 2013 - August 2016

• Designed and implemented various applications, collaborating with teams and preparing detailed reports, enhancing project efficiency by 40%.
  
• Utilized programming languages including ABAP, Java, C#, and JavaScript as a full-stack developer, improving application performance by 20%.
  
• Led interdisciplinary projects involving different departments, fostering collaboration and achieving project goals within deadlines.

Education

Executive MBA (EMBA) in Business and IT

Technical University Munich (TUM), Germany 2025 - 2025

• Course: “Leadership & Cooperation”

Doctor of Philosophy (PhD) in Information Security

Royal Holloway University of London, United Kingdom
2019 - 2024

• Focus: Applied Cybersecurity and Data Privacy, Critical Infrastructure

Master of Science (MSc) in Information Security

Royal Holloway University of London, United Kingdom
2018 - 2019

• Focus: Cybersecurity, Applied Information Security, Research

Master of Science (MSc) in Applied Computer Science

University of Heidelberg, Germany
2017 - 2018

• Focus: AI/ML, Cybersecurity, Big Data

Bachelor of Science in Applied Computer Science

DHBW Mosbach, Germany
2013 - 2016

• Focus: Software engineering, Applied Technologies

Skills

• Cloud Platforms: AWS, Microsoft Azure, Google Cloud Platform (GCP), IBM Cloud
• Security Expertise: Identity Access Management (IAM), Privileged Access Management (PAM), Microsoft Defender for Cloud, AWS GuardDuty, Zero Trust
• Tools: Kubernetes, Docker, Terraform, Pulumi, Microsoft Azure Blueprints
• Security Tools: SAST/DAST (Snyk, SonarQube), SIEM/SOAR (QRadar, Sentinel, Splunk), Palo Alto (NGFW, CASB, DLP, Prisma Cloud), Trellix, CyberArk, Tenable, Nessus, Aqua Security
• Standards: ISO 27001:2022, GDPR, OWASP Top 10, BSI 200-1/2/3/4, NIST 800-53 Rev. 5, EBA, DORA, NIS2, TISAX

Programming Languages

• Backend: C#, Python, R
• Frontend: JavaScript, TypeScript
• Mobile Development: Kotlin, Java, Swift
• Scripting and Query Languages: PowerShell, SQL, KQL (Kusto Query Language)
• Frameworks and Libraries: .NET, Tensorflow, PyTorch, Scikit-Learn, Keras, CNTK, Apache Spark, Pandas

Certifications

• TUM EMBA, Leadership and Cooperation - 2025 - On Request
• Offensive Security Certified Professional (OSCP) Course – 2024 - On Request
• Rochester Institute of Technology (RITx), Computer Forensics - 2024 - Link
• IBM Generative AI for Cybersecurity Certificate – 2024 - Link
• IBM Penetration Testing and Incident Response Certificate - 2024 - Link
• IBM DevOps and Software Engineering Certificate - 2023 - Link
• IBM Applied DevOps Engineering Certificate - 2023 - Link
• Microsoft Cybersecurity Analyst – 2023 - On Request
• Google Cybersecurity Certificate – 2023 - Link
• IBM Security Analyst Fundamentals Certificate - 2023 - Link
• IBM Cybersecurity Analyst Certificate - 2023 - Link
• Google Project Management Certificate - Scrum/agile project management - 2022 - Link
• TÜV SÜD DSGVO / GDPR Specialist Certificate – 2021 - On Request
• Certified Information Systems Security Professional (CISSP) Course - 2020 - On Request
• More certificates can be found here: https://www.credly.com/users/jan-kalbantner

Publications

• Kalbantner (2024) Security and Privacy Issues of Distributed, Complex P2P Smart Grid Marketplace Systems. PhD thesis. Available at: https://pure.royalholloway.ac.uk/ws/portalfiles/portal/63153877/main.pdf.
• Kalbantner et al. (2024) ZKP Enabled Identity and Reputation Verification in P2P Marketplaces. Available at: https://ieeexplore.ieee.org/abstract/document/10664332.
• Shepherd, Kalbantner, Semal, Markantonakis (2023) A Side-Channel Analysis of Sensor Multiplexing for Covert Channels and Application Profiling on Mobile Devices. Available at: https://ieeexplore.ieee.org/abstract/document/10278225.
• Kalbantner et al. (2021) A DLT-based Smart Contract Architecture for Atomic and Scalable Trading. Available at: https://arxiv.org/abs/2105.02937.
• Kalbantner et al. (2021) P2PEdge: A Decentralized, Scalable P2P Architecture for Energy Trading in Real-Time. Available at: https://www.mdpi.com/1996-1073/14/3/606.
• Semal, Markantonakis, Akram, Kalbantner (2020) A study on microarchitectural covert channel vulnerabilities in infrastructure-as-a-service. Available at: https://link.springer.com/chapter/10.1007/978-3-030-61638-0_20.
• Semal, Markantonakis, Mayes, Kalbantner (2020) One covert channel to rule them all: A practical approach to data exfiltration in the cloud. Available at: https://ieeexplore.ieee.org/abstract/document/9343152.
• Semal, Markantonakis, Akram, Kalbantner (2020) Leaky Controller: Cross-VM Memory Controller Covert Channel on Multi-Core Systems. Available at: https://link.springer.com/chapter/10.1007/978-3-030-58201-2_1.
• Kalbantner (2020) Rowhammer – from DRAM faults to escalating privileges. Available at: https://www.computerweekly.com/ehandbook/Royal-Holloway-Rowhammer-from-DRAM-faults-to-escalating-privileges.
• Kalbantner (2018) Software-based Microarchitectural Fault Attack. MSc thesis. Available at: https://www.royalholloway.ac.uk/media/14911/techreport-kalbantnerj.pdf.
• Also available on: Google Scholar