Marco Baldauf

1 Comment

IT Security Insights #1: Tino, Squad Lead for Cloud Security Consulting

For our new blog series “IT Security”, today I met with Tino, Squad Lead for Cloud Security. Since he is currently expanding his team, I was especially interested in the skills future team colleagues need to have, along with his duties and projects.

Data security illustration

Keeping data safe in the cloud? That would be your job in Tino's team. Whether you are a medium-sized company or a DAX corporation - the range of customers is broadly diversified, so that there is sufficient potential for exciting challenges.

Tino, you are Squad Lead in Security Consulting for cloud security at Deutsche Telekom Security GmbH in Bonn. What are your responsibilities?

Tino: We help to guarantee the security of our customers’ cloud installations and protect their data. Armed with our knowledge, we try to find solutions to ensure that our customers’ data gets the best possible protection against unauthorized access.
The responsibilities on the team are quite varied. They range from designing a cloud environment to the implementation of individual security measures. They can also include assessing a cloud setup and its security configuration, which customers can run themselves or outsource as a service.

If a customer doesn’t use the cloud yet, what do you suggest? Use Magenta Cloud and that’s it? Or do you also suggest other cloud solutions?

Tino: We look at the existing IT first, for example, whether the customer already uses an SaaS solution. These SaaS solutions often define the best environment to use. We then start working on an initial concept as to what solution from which provider might represent the best cloud for the customer. 

We provide vendor-neutral advice and support the customer. We are completely open and want to find out which cloud solution is the best fit for the customer and their needs. In addition to our Group’s own cloud products, we have the three largest cloud solutions in our portfolio, so we’re familiar with virtually all hybrid variants from our previous customer projects. 

Who exactly is the “we” you keep mentioning?

Tino: We run many projects with at least two or more consultants with different areas of expertise. We have Azure experts, AWS professionals, Open Telekom Cloud gurus, and all-rounders who know their way around private clouds. Depending on what the customer needs, we staff our teams with different consulting experts and architects with differing levels of seniority. A team has to consist of a variety of specialists, so we can get the most out of the project and provide mutual support.

What does your typical work week look like?

Tino: With our large number of different projects of varying durations, there’s no such thing as a “typical” work week for us. 
I often have short-term projects that require my cloud security expertise. And then there are large, long-lasting cloud implementation projects that take up a lot of time, because the existing IT and processes are highly complex. Since security plays a role in every IT project, we are in high demand, supporting our customers as well as colleagues from other T-Systems units.

Man is sitting at the table with several colleagues.

If you can put yourself in your opposite position and think abstractly, understand connections, then you have a good basis for a successful cooperation. We want to give our customers the feeling "I understand you and your requirements."

What interesting projects are you and your team currently working on?

Tino: Right now I’m working for a major chemicals company, for which we’re doing a security assessment, and I have a project with a public sector customer that involves a private cloud. We’ve recently completed a few minor projects, one with an automotive supplier and another with a chain of hardware stores. Our customers are pretty widely diversified, over all industrial sectors and company sizes. The long-running projects are usually with the really big corporations, where we often implement large-scale cloud environments with a significant financial investment.

My most interesting project to date was the implementation of new security structures and improvement of IT security for a mid-market company. We discovered a variety of technical structures and non-transparent organizational responsibilities. We succeeded in strengthening the existing security governance structures and introducing stricter security requirements. The great thing was the collaboration with the customer, which was very friendly and trusting, nearly familial. 

Cloud security is a growth market, you’ve been cleared to expand your team. Who are you looking for? What do future colleagues need to bring to the table?

Tino: I’m looking for people who enjoy solving problems together with our customers and who challenge themselves to find the best cloud solution for our customers. Selling our portfolio to all and sundry isn’t part of our job description. Nor is mastering every last detail of all programming languages. You have to be able to understand correlations and to think abstractly, not just concentrate on the technology. Communication with the customer is a priority. Being able to discuss the different technical and process-related topics with different contact persons and giving customers the feeling that we understand them and their requirements. Just being a straight-up techie isn’t enough.

Why should people choose to work for us and for you as a squad lead?

Tino: What makes my team special is that we’re all devoted to making the cloud safer and more secure. We support each other and don’t leave anyone standing out in the cold. Our collaborative spirit is a major plus. There are no rigid hierarchies. We’re all experts on an equal footing, who deal with each other at eye level and learn from one another. On our team, a senior consultant doesn’t necessarily have more to say than a junior. We all have our specializations and are asked for our advice.

Why would people want to join us in Security Consulting at Deutsche Telekom Security GmbH? 

Tino: Because we let you develop as a consultant without the up-and-out structures you find at many large consulting firms. We have many different functions and roles, essentially the full spectrum of security consulting. So if you discover that cloud computing really isn’t your thing, you can switch to other topics like infrastructure security, IoT security, GRC security, network security, or cyber defense. 

Tino, thank you for the interview and the insights into your everyday work as a cloud security consultant.

Have we piqued your interest? You can find all current vacancies at Deutsche Telekom Security GmbH in our job search. We look forward to receiving your application.