available for new opportunities

Mustafa
Bagci

Cybersecurity/IT Security/IAM

Business informatics graduate focused on IT security. I combine risk assessment (ISO 27001), Identity & Access Management and secure automation — from analysis to clean implementation.

Get in touch CV
visitor@mustafabagci: ~/profile
visitor@mustafabagci:~$

Try helpwhoamiprojects · Tab to autocomplete

01 / about

Security as a craft,
not a checklist.

I help organizations understand and deliberately reduce their attack surface — pragmatic, transparent and grounded in real-world operations.

As a working student at Zurich Insurance Group, I currently assess the cybersecurity of mid-sized and large enterprises against ISO 27001. Earlier, at KfW Bankengruppe I automated Identity & Access processes and cut the manual effort of access provisioning by 90%.

My background in business informatics means I think about security not only technically, but also across processes, governance and measurable value.

Security & Risk

Risk assessments to ISO 27001, SIEM/SOC/EDR, BCM and forensic analysis — from finding to remediation.

IAM & Automation

Identity governance, recertification and secure automation with Python & REST APIs.

Cloud & Networking

Network security, Cisco/Wireshark, containers & virtualization with Docker and a clean SSDLC.

02 / experience

Experience

current since 10/2025 · Frankfurt am Main

Working Student — Cyber & IT

Zurich Insurance Group
  • Conducting cyber risk assessments for mid-sized (>€400M revenue) and large enterprises (>€1bn revenue) across industries against ISO 27001 (SIEM, SOC, EDR, OT, SSDLC, BCM, FW/DMZ).
  • Analyzing forensic reports, roadmaps and annual reports to evaluate response measures, security initiatives and cyber-relevant risk factors.
ISO 27001SIEMSOC EDRBCMForensics
01/2023 – 01/2025 · Frankfurt am Main

Working Student — Application & Technology (Client)

KfW Bankengruppe
  • Built IAM software for automated access provisioning with API integration to an external cloud service — reducing manual effort by 90%.
  • Led the recertification of access rights for more than 800 data rooms.
  • License and user management across more than 11 software applications.
  • 2nd- and 3rd-level support including troubleshooting and API/UI improvements with the SaaS provider’s developers.
IAMPythonREST API CloudGovernance
03 / education

Education

04/2025 – expected 09/2026 grade 1.2
M.Sc. Business Informatics
Focus: IT Security · Technische Hochschule Mittelhessen
  • Penetration Testing & Secure Coding
  • Network Security
  • Distributed Applications & Integration Engineering
10/2021 – 02/2025 grade 2.0
B.Sc. Business Informatics
International Business Information Systems · Frankfurt UAS
  • Object-oriented programming (Java, Python)
  • Operating systems, networks, databases & SQL
  • IT controlling & project management (COBIT, TOGAF)
› bachelor thesis · grade 1.3

Performance comparison of ARM and x86-64 architectures in QEMU emulation (Debian/FreeBSD) — focusing on virtualization, containerization & system performance with Docker.

04 / skills

Skills

// Self-assessment · core skills

$ security & networking
ISO 27001Pen-TestingSecure Coding IAMSIEM / SOC / EDRWireshark Packet Tracer (Cisco IOS)FW / DMZ
$ development & data
JavaPythonJavaScript SQLREST APIVBA
$ cloud, devops & methods
DockerGitWindows / Linux Shell M365ScrumJIRA COBITTOGAF
$ languages
German Native English C1 Turkish B2
05 / projects

Selected Projects

PRJ — 01automation

IAM Proof of Concept

Automated access provisioning with API integration to an external cloud service, including support for recertifying large data-room inventories.

−90% manual effort
PythonREST APICloud IAM
PRJ — 02bpm

Camunda BPMN Workflow

Modeling and orchestration of business processes via a BPMN engine with connected service logic.

Process automation
JavaNode.jsCamunda
PRJ — 03algorithms

Sudoku Solver

Constraint-based solver using backtracking — a compact, efficient implementation as an algorithm study.

Backtracking
Python
PRJ — 04backend

Spring Boot Game

Interactive game application built on a Java backend with Spring Boot — focused on clean architecture.

Java backend
JavaSpring Boot
06 / contact

Let’s talk about
security.

Open to working-student, internship and entry-level roles in cybersecurity & IT — in the Frankfurt am Main area or remote.

Send email CV
c@mustafabagci.com linkedin.com/in/mustafabagci mustafabagci.com