Jan Kalbantner

Email me | kalbantner.com | linkedin.com/in/jankalbantner

Professional Summary

15 years in security engineering and governance across FSI, automotive, and critical infrastructure. Has built security teams from the ground up, led security assessments and global security transformations for DAX organisations — often in an advisory CISO capacity — and now specialises in securing enterprise AI adoption, including adversarial ML defences, data protection controls and agentic workflow security. Hands-on with SIEM/SOAR automation, IAM/PAM architecture and multi-cloud security (AWS, Azure, GCP), with governance depth across ISO 27001, TISAX, NIS2, and the EU AI Act. PhD in Information Security.

Professional Experience

Senior Manager, Capgemini Invent

Stuttgart, Germany | Hybrid
September 2025 - Present

• Serves as a high-level strategic advisor to C-suite executives, often acting in an advisory CISO / Deputy CISO capacity. Architecting comprehensive cybersecurity transformations and resilient global strategies for DAX and MDAX organizations across diverse industries, including manufacturing, automotive, retail, energy and transportation.
• Built and scaled multidisciplinary security engineering teams across APAC and DACH markets, establishing team culture, hiring security engineers, and aligning team direction with global organizational security objectives, to deliver and secure multi-million-euro enterprise programmes.
• Oversees AI-first security engineering programmes, managing AI-motivated automation workflows and agentic security tools that augment enterprise security assurance, reduce manual analyst toil, and scale threat detection and remediation across global cloud environments.

Senior Manager Information Security, Porsche

Stuttgart, Germany | Hybrid
June 2024 - August 2025

• Steered a multi-million EUR strategic budget and cross-functional team to drive a 20% gain in operational efficiency by pioneering AI/ML, advanced cybersecurity and IT/OT security initiatives.
• Orchestrated a comprehensive global security transformation that reduced enterprise-wide incidents by 30% through strategic security control design, including the deployment of Zero Trust, DevSecOps and cloud-native defense architectures.
• Architected a global Information Security Service Delivery model that optimized incident response times by 50% while maintaining 99.99% availability for mission-critical international operations.

Domain Leader & Cyber Security Manager, KPMG Ignition Tokyo

Tokyo, Japan | Hybrid
September 2023 - May 2024

• Acted as a technical leader to elevate the organizational risk posture and ISO 27001:2022 compliance maturity by 25% through rigorous security control design across global operations.
• Engineered and deployed automated security orchestration workflows (SIEM/SOAR via Microsoft Sentinel), building AI-augmented automation pipelines across enterprise API ecosystems that drove measurable reductions in analyst toil and accelerated threat response.
• Spearheaded development of inaugural enterprise AI security engineering frameworks, defining controls for adversarial machine learning risks, model theft, data poisoning, and agentic AI workflows establishing foundational security engineering standards for compliant enterprise AI adoption.

Solution Architect & Cyber Security Lead (acting CISO), Wechselgott

London, UK | Hybrid
October 2019 - August 2023

• Founded and built a Cloud Security Engineering team from the ground up, hired, onboarded and developed security engineers in a B2B startup environment, architecting and hardening multi-cloud infrastructure (AWS, Azure, Kubernetes) to achieve 99.9% production reliability.
• Bridged digital-native agility with enterprise compliance, directing a risk strategy and security control design that achieved 100% regulatory alignment (ISO 27001, NIST).
• Leveraged customer-side cloud security technologies to build technical trust and overcome procurement hurdles with highly regulated enterprise prospects.

Lead Engineer & IT Consultant, K13 Solutions (Co-Founder)

Heidelberg, Germany | Remote
May 2015 - June 2020

• Owned the end-to-end technical sales cycle as an independent consultant, successfully driving engagements from initial outbound prospecting and pre-sales scoping through to the final technical execution and delivery of the project.
• Acted as the lead Solutions Architect and Technical Product Manager to pitch, design and supervise 5 major enterprise software development projects (e.g. Python, GoLang, TypeScript, C#), ensuring tight alignment with customer business needs.
• Served as a trusted pre-sales technical advisor in the highly regulated financial sector, conducting over 50 security audits to ensure 100% compliance with stringent EBA guidelines, BSI 200 and ISO 27001 standards.

IT Application Consultant, Bürkert Fluid Control Systems

Ingelfingen, Germany | On-Site
June 2013 - September 2017

• Led internal stakeholder management and enterprise change management initiatives, bridging the gap between technical development teams and non-technical business units to drive successful digital transformation within a traditional manufacturing environment.
• Designed and implemented Target Operating Models to optimize internal software development lifecycles, establishing scalable frameworks and repeatable processes that fostered cross-functional collaboration.
• Directed internal full-stack software development projects (JavaScript, Java, Python, PHP), ensuring that technical architectures and applications were tightly aligned with evolving business needs, operational workflows, and overarching organizational goals.

Software Engineer, Freelance

Germany | Remote
August 2011 - June 2013

• Engineered and delivered full-stack web applications using HTML, CSS and JavaScript, translating client requirements into functional, user-centric digital solutions across multiple projects.
• Designed and implemented responsive, standards-compliant front-end interfaces, ensuring cross-browser compatibility and an optimized user experience for diverse stakeholders.
• Owned the end-to-end development lifecycle, from initial requirements gathering and architecture through to deployment, establishing repeatable delivery processes and building a strong foundation in modern web technologies

Education

Executive MBA (EMBA) in Business and IT

Technical University Munich (TUM), Germany

• Focus: “Leadership & Cooperation”
• Expected 2027

Doctor of Philosophy (PhD) in Information Security (Completed)

Royal Holloway University of London, United Kingdom

• Focus: Applied Cybersecurity and Data Privacy, Critical Infrastructure

Master of Science (MSc) in Information Security (Completed)

Royal Holloway University of London, United Kingdom

• Focus: Cybersecurity, Applied Information Security, Research

Master of Science (MSc) in Applied Computer Science

University of Heidelberg, Germany

• Completed specialized Master’s level modules in Artificial Intelligence and Big Data as part of the Applied Computer Science MSc program to deepen technical expertise in frontier technologies.

Bachelor of Science in Applied Computer Science (Completed)

DHBW Mosbach, Germany

• Focus: Software engineering, Applied Technologies

Technical Skills & Programming Capabilities

• Security Operations, Identity & Compliance: Information Security Governance, Endpoint, Infrastructure/Cloud and Application Security, Identity & Access Management (IAM), Privileged Access Management (PAM), Zero Trust, Authentication and access controls, security assessments, code reviews, Identity Governance & Administration (IGA), Trustworthy AI Systems and AI Risk Management, Data protection controls
• Security Tooling:
  • SAST/DAST: Snyk, CodeQL, SonarQube, SonarCloud
  • SIEM/SOAR: QRadar, Sentinel, Splunk, Chronicle
  • Enterprise & Cloud Native: Palo Alto (NGFW, CASB, DLP, Prisma Cloud), Trellix, CyberArk, Tenable, Nessus, Aqua Security, AWS (GuardDuty, Macie, Inspector, Security Hub), Microsoft (Defender XDR, Defender for Cloud, Entra ID, Azure Firewall)
• Applied AI, LLMs & Data Science: Prompt Engineering, LLM Evaluation, Enterprise AI Deployments, API Integrations, Production LLM Use Cases, AI System Architecture, Natural Language Processing (NLP), Deep Learning, Model Benchmarking, Conversational Applications, AI / LLM SecOps, Adversarial Machine Learning
• AI Ecosystems & Models: Claude (Enterprise, Code, API), Google Vertex AI / Gemini AI Studio, OpenAI, Copilot AI Studio, Kimi, Mistral
• Solution Consulting & Leadership: Solution Consulting, Pre-Sales execution, SAFe, Agile & Scrum project management, and enterprise technology sales, Change Management, Problem Management, Cross-Functional Global Stakeholder Management
• Cloud Platforms & DevOps: AWS, Microsoft Azure, Google Cloud Platform (GCP), IBM Cloud, Kubernetes, Docker, Terraform, Ansible, Pulumi, Microsoft Azure Blueprints
• Standards, Regulations & Privacy: ISO/IEC 27001, ISO/SAE 21434, ISO/IEC 42001, GDPR, EU AI Act, OWASP Top 10, BSI 200 series, NIST 800-53 Rev. 5, FINMA, EBA, MaRisk, PCI DSS, DORA, NIS2, TISAX VDA ISA, CRA, Data Protection Officer (GDPR Specialist)
• Programming & Scripting:
  • Backend & Frontend: C#, Python, R, GoLang, JavaScript, TypeScript
  • Mobile & Scripting: Kotlin, Java, Swift, PowerShell, SQL, KQL (Kusto Query Language)
• Frameworks & Libraries: .NET, Vue.js, Next.js, Tensorflow, PyTorch, TruLens, Scikit-Learn, Keras, CNTK, Apache Spark, Pandas

Certifications

• ServiceNow, Certified Implementation Specialist (CIS) – Security Operations (Ongoing)
• ServiceNow, Certified System Administrator (CSA) (Ongoing)
• Anthropic, Claude with Google Cloud’s Vertex AI (Ongoing)
• ServiceNow, Pre-Sales Expert Security Black Belt - 2026 - On Request
• Google Cloud, Extend Gemini with controlled generation and Tool use - 2026 - Link
• University of Maryland (UMD), Fundamentals of Technology Sales - 2026 - Link
• Anthropic, Claude 101 - Link
• Anthropic, AI Fluency: Framework and Foundations - 2026 - Link
• Anthropic, Introduction to Model Context Protocol - 2026 - Link
• Google, AI Professional Certificate - 2026 - Link
• IBM, ETL and Data Pipelines with Shell, Airflow and Kafka - 2025 - Link
• Technical University Munich (TUM), EMBA, Leadership and Cooperation - 2025 - On Request
• Offensive Security, Certified Professional (OSCP) Course – 2024 - On Request
• Rochester Institute of Technology (RITx), Computer Forensics - 2024 - Link
• IBM, Generative AI for Cybersecurity Certificate – 2024 - Link
• IBM, Penetration Testing and Incident Response Certificate - 2024 - Link
• IBM, DevOps and Software Engineering Certificate - 2023 - Link
• IBM, Applied DevOps Engineering Certificate - 2023 - Link
• Microsoft, Cybersecurity Analyst – 2023 - On Request
• Google, Cybersecurity Certificate – 2023 - Link
• IBM, Security Analyst Fundamentals Certificate - 2023 - Link
• IBM, Cybersecurity Analyst Certificate - 2023 - Link
• Google, Project Management Certificate - Scrum/agile project management - 2022 - Link
• TÜV SÜD, DSGVO / GDPR Specialist Certificate – 2021 - On Request
• Certified Information Systems Security Professional (CISSP) Course - On Request
• Certified Information Security Manager (CISM) Course - On Request
• More certificates can be found here: https://www.credly.com/users/jan-kalbantner

Publications

• Kalbantner (2024) Security and Privacy Issues of Distributed, Complex P2P Smart Grid Marketplace Systems. PhD thesis. Available at: https://pure.royalholloway.ac.uk/ws/portalfiles/portal/63153877/main.pdf.
• Kalbantner et al. (2024) ZKP Enabled Identity and Reputation Verification in P2P Marketplaces. Available at: https://ieeexplore.ieee.org/abstract/document/10664332.
• Shepherd, Kalbantner, Semal, Markantonakis (2023) A Side-Channel Analysis of Sensor Multiplexing for Covert Channels and Application Profiling on Mobile Devices. Available at: https://ieeexplore.ieee.org/abstract/document/10278225.
• Kalbantner et al. (2021) A DLT-based Smart Contract Architecture for Atomic and Scalable Trading. Available at: https://arxiv.org/abs/2105.02937.
• Kalbantner et al. (2021) P2PEdge: A Decentralized, Scalable P2P Architecture for Energy Trading in Real-Time. Available at: https://www.mdpi.com/1996-1073/14/3/606.
• Semal, Markantonakis, Akram, Kalbantner (2020) A study on microarchitectural covert channel vulnerabilities in infrastructure-as-a-service. Available at: https://link.springer.com/chapter/10.1007/978-3-030-61638-0_20.
• Semal, Markantonakis, Mayes, Kalbantner (2020) One covert channel to rule them all: A practical approach to data exfiltration in the cloud. Available at: https://ieeexplore.ieee.org/abstract/document/9343152.
• Semal, Markantonakis, Akram, Kalbantner (2020) Leaky Controller: Cross-VM Memory Controller Covert Channel on Multi-Core Systems. Available at: https://link.springer.com/chapter/10.1007/978-3-030-58201-2_1.
• Kalbantner (2020) Rowhammer – from DRAM faults to escalating privileges. Available at: https://www.computerweekly.com/ehandbook/Royal-Holloway-Rowhammer-from-DRAM-faults-to-escalating-privileges.
• Kalbantner (2018) Software-based Microarchitectural Fault Attack. MSc thesis. Available at: https://www.royalholloway.ac.uk/media/14911/techreport-kalbantnerj.pdf.
• Also available on: Google Scholar

Languages

• German (Fluent)
• English (Fluent)
• French (Basic)
• Spanish (Basic)
• Japanese (Basic)