About Dragan
AI Security Architect with 20+ years in enterprise security, threat modeling and risk management. I help organizations safely adopt and scale AI/LLM solutions by assessing risks, reviewing architectures and establishing practical AI security governance aligned with EU AI Act, ISO/IEC 42001 and NIST AI RMF. I support AI, Data Science, engineering and security teams with clear guidance, actionable controls and fast, outcome‑driven reviews.
English
Native or bilingual
Serbian
Native or bilingual
Bosnian
Fluent
Croatian
Fluent
Remote only
Primarily works remotely
Experience
- Allianz Tech SEAI Security Architect/Consultant — securing AI adoption from PoC to Production.TECHMay 2018 - Today (8 years and 2 months)Munich, GermanyWith 20 years in enterprise cyber security architecture, threat modeling and risk management across regulated industries, I help AI engineering and security teams understand AI capabilities, assess risks and establish security governance for AI/LLM initiatives aligned with current threats and regulations (EU AI Act, ISO/IEC 42001, NIST AI RMF).AI Governance & Lifecycle Assessment (max 2 weeks)Input: Current AI adoption state (questionnaire). Gap analysis: NIST AI RMF, EU AI Act, ISO/IEC 42001.Deliverables: AI Security Gaps (processes, technologies, skills), AI Security Governance Strategy, Acceptable AI Use Policy, Project Lifecycle Security Playbook, AI risk register, SDLC/MLOps (runtime) concepts, Incident Response runbook (model drift, prompt injection, LLM data exfiltration).AI Security Architecture Review (within 1 week)Review AI/LLM service architecture, identify design flaws, real life threats, assessed risks and defined a risk‑prioritized remediation plan.Input: AI service purpose, use cases 7FRs, architecture diagrams, data stores/flows, user access, APIs, vector stores, RAG pipelines, agent tool permissions, identity & secrets.Deliverables: Prioritized threats list mapped to design flaws and safeguards, annotated architecture diagram, actionable mitigation strategy and costs estimated - all included in Architecture Decision Proposals (ADP).Threat Modeling Workshop (1 or 2 days)AI‑assisted hands‑on training using STRIDE +LINNDUN+MAESTRO frameworks. Covers prompt injection, data poisoning, model extraction, data leakage, insecure plugins, supply‑chain risk, jailbreaks.Deliverables: Methodologies, case study (threat actors, vectors, AI + traditional kill chains, risk scoring), mitigations mapped to engineering tasks.Background: Security Architecture · AI Security · Cloud Security · Pentesting · Threat Modeling · AI Governance · CISO risks reportingFree 1h consultation - concerns & needs. Book: https://calendar.app.google/PqEqJw9FddP4Q1eQ6
Recommendations
Be the first to recommend Dragan
Help this freelancer shine by sharing your experience working together.
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Certifications
- Certificate of Cloud Security Knowledge v.4Cloud Security Alliance2024