Keywords
Skills
15.08.12 – 31.10.12 BAYER AG, Leverkusen, Germany
Senior Consultant
• Business case set up, planning & cost comparison
• Security Plan development
• Definition of the security roles and responsibilities
• Information Security process re-design
• ISMS Definition & Planning (ISO27001)
• Identification of conceptual flaws in ISMS and operational approaches
01.06.12 – 15.08.12 RITTAL GmbH & Co. KG, Herborn, Germany
Project Manager International Internet Rollout
• Set up of the International Internet Rollout Project (CMS / EPIM / TMS / Wep-shop / DAM)
• Team Set-up and Team training
• Cost management & NPV calculations for different business cases
• Coordination of service provider
• Conceptual problem solving of integration issues
• Project plan development and management
• Project management
01.11.11 – 15.03.12 Audi AG, I/FP-22, Ingolstadt, Germany
Senior Consultant
• Set up of the IT-eye (ISMS) PMO
• Contact Manager/Roll-out Manager for ITSP
• Synchronization between IT-eye and ITSP
• Professional support/assistance of all IT-eye projects (especially the PKI Roll-out)
• Conceptual rethinking of IS procedures within IT operations
• Definition of KPI’s and reporting strategy
• Cost reporting
• Project plan / Program plan Management
• Project management
01.06.11 – 31.07.11 Deutsche Telekom AG, TSG, Bonn, Germany
Project Manager Information Security Management System @ TSG
(ISMS@TSG) within ISO 27000 and BSI 100-1 and BSI 100-2
• Project Management & Controlling
• Project cost controlling & discounting
• Lead of the Project Team ISMS@TSG
• Project Risk Management
• Team building and innovative empowerment of team members
• Development of PSP & Milestones
• SLA & OLA Examination
• Definition of the IS/IT Balanced Scorecard
• Preparation of initial ISO 27001 Audit
01.11.10 – 31.03.11 Bayer Business Services, Department O&I, Leverkusen, Germany
Consultant
• Business Case development and rationalization
• Development and Realization of the IT-Security Reporting
• Enhancement of the IT-Security Reporting
• Conceptual rework of the IT Security Risk Measurement
• Design of IS/IT KPI’s
• Identification of shortcomings in IT Reporting procedures
01.05.10 – 31.07.10 ING-DiBa, Department IRM, Frankfurt am Main, Germany
Risk Manager/Information Security Manager
• Continuous improvement and implementation of IS Governance (ISMS) within the ISO 27000 Standard and BSI 100-1 and BSI 100-2 (MaRisk)
• Further development and support of the Security Monitoring and IS Management reports
• Risk analysis with ISO 27005 and BSI 100-3
• Independent risk evaluations of IS/IT Security
• Support of the departments: IS Incident Management, data classification, personnel security, physical security, access control, platform security, network security, BCM and DRP
• Development of BCM scenarios in line with BSI 100-4
• IS training of ING staff
• Set up of an Awareness Campaign for the introduction of the ISMS
• Project Management
• Co-ordination and support of the reporting process towards the ING Headquarters
• Set-up of project costing & controlling
• Development of BCM/DRP Scenarios with BSI 100-4
01.01.10 - 30.04.10 Deutsche Telekom AG, Department GHS, Bonn, Germany
Security Program Manager for Europe and South Eastern Europe
(The project was conducted in the English language)
• Project management services on highly complex information / IT security projects and issues
• Developing and communicating of security proposals, procedures, and guidelines for multiple platforms and diverse systems environments (SIEM, PKI,…)
• Review of developments, assessments, and implementation of security plans, products, and control techniques
• Investigating and recommending appropriate corrective actions for data security incidents
• Identification of security risks to the organization and ensuring that appropriate data security procedures and products are implemented
• Maintaining of awareness programs of corporate security policies and government regulations pertaining to information security
• Leading the ISO27000 standard convergence and also using various other IT Security and/or Information Security Management concepts such as Access controls, Identity Management, Risk Management, ISO, NIST, CVSS, SOX, PCI/DSS
01.02.09 – 30.06.09 Deloitte & Touche GmbH, Munich & Frankfurt, Germany
Senior, Financial Service Industry, Enterprise Risk Service
• Business Development
• Due Diligence and IT outsourcing preparation/evaluation (near shore/off shore) for a major real estate bank in Germany
• Critical business process consulting for the FSI
• Developing of holistic ISMS Frameworks with Deloitte methodologies, ISO27001, ITIL, PCI-DSS and MaRisk (VA)
• Definition of IT Security KPI Models
• ISMS Development & Implementation with ISO27000 and BSI-100-x
• Risk analysis with ISO 27005 / Potential risk mapping
• Development of BCM Scenarios with BSI-Standard 100-4 (preview)
• Working on internal strategy projects
• Developing of IT Security Audit Programs based on COSO & CobiT frameworks
• Deloitte & Touche internal methodologies training for:
• Enterprise Value Delivery for SAP and Oracle
• Enterprise Information Management
• Risk Intelligence Overview
• Risk intelligence Value Map
• Business Process Risk Assessment
• Value Map, M&A
• Outsourcing
• Program Leadership & Path to Value
01.05.08 – 31.07.08 TPG The Project Group GmbH, Munich, Germany
Consultant, Enterprise Project Management, MS-Project Server 2007
• Project Management with MS-Project Server 2007
• Enterprise Project Management (EPM) Consulting
• Implementation of Project 2007 and MS-Project Server 2007
• PMI / PMP Consulting
01.01.06 – 31.01.09 Entrepreneur / Freelance IT Consultant
• IT-Strategy Consulting
• Business Development and implementation of marketing strategies for IT Administration companies
• Project Management (incl. Turnaround Management)
• Consulting, Staffing and Auditing of IT-Projects for Small and medium-sized Enterprises
• Auditing of IT outsourcing contracts and services
• Implementing of Project Management Structures incl. Project Management Offices (PMO) with MS–Project Server 2007
• IT-Security Consulting (MaRisk) for Fortis Bank (now BNP Paribas Fortis)
01.08.03 – 31.12.05 CCR Logistics Systems AG, Holding Munich
Division Manager IT-Operations and deputy Manager
IT-Development
• IT Operation Team Lead with Budget Responsibility
• Set up of an ITIL conform IT Service Management
• IT Management for two redundant Data Centers
• Data Center consolidation via Server virtualization
• IT Process Design and alignment with international Customers (VW, BMW, …)
• MS Navision / MS Dynamics evaluation, customizing and implementation (incl. add-on development of Webservice interfaces and Webfrontends)
• Outsourcing of SAP and Web applications including SLA design
• IT Security Management
01.07.00 – 31.07.03 CCR Logistics Systems AG, Holding Munich
IT Co-ordinator
• Integration of Web applications of major international customers build up on set interface definitions
• Development of an international billing- and SCM Software
• Set up & Management of Inter- and Intranet Services incl. Security Processes
• IT Administration, IT Security & Management of all international subsidiaries
• Set up of IT Security Systems (DMZ) and Processes with contemporaneous white box security testing of all IT systems
01.04.97 – 30.06.00 Entrepreneur in the field of IT consulting and Software
developing for medical processes and networks
• Development of an accounting Software for the
Kassenärztliche-Bundes-Vereinigung (Resident Doctors’
Association, Germany)
• IT Administration
Senior Consultant
• Business case set up, planning & cost comparison
• Security Plan development
• Definition of the security roles and responsibilities
• Information Security process re-design
• ISMS Definition & Planning (ISO27001)
• Identification of conceptual flaws in ISMS and operational approaches
01.06.12 – 15.08.12 RITTAL GmbH & Co. KG, Herborn, Germany
Project Manager International Internet Rollout
• Set up of the International Internet Rollout Project (CMS / EPIM / TMS / Wep-shop / DAM)
• Team Set-up and Team training
• Cost management & NPV calculations for different business cases
• Coordination of service provider
• Conceptual problem solving of integration issues
• Project plan development and management
• Project management
01.11.11 – 15.03.12 Audi AG, I/FP-22, Ingolstadt, Germany
Senior Consultant
• Set up of the IT-eye (ISMS) PMO
• Contact Manager/Roll-out Manager for ITSP
• Synchronization between IT-eye and ITSP
• Professional support/assistance of all IT-eye projects (especially the PKI Roll-out)
• Conceptual rethinking of IS procedures within IT operations
• Definition of KPI’s and reporting strategy
• Cost reporting
• Project plan / Program plan Management
• Project management
01.06.11 – 31.07.11 Deutsche Telekom AG, TSG, Bonn, Germany
Project Manager Information Security Management System @ TSG
(ISMS@TSG) within ISO 27000 and BSI 100-1 and BSI 100-2
• Project Management & Controlling
• Project cost controlling & discounting
• Lead of the Project Team ISMS@TSG
• Project Risk Management
• Team building and innovative empowerment of team members
• Development of PSP & Milestones
• SLA & OLA Examination
• Definition of the IS/IT Balanced Scorecard
• Preparation of initial ISO 27001 Audit
01.11.10 – 31.03.11 Bayer Business Services, Department O&I, Leverkusen, Germany
Consultant
• Business Case development and rationalization
• Development and Realization of the IT-Security Reporting
• Enhancement of the IT-Security Reporting
• Conceptual rework of the IT Security Risk Measurement
• Design of IS/IT KPI’s
• Identification of shortcomings in IT Reporting procedures
01.05.10 – 31.07.10 ING-DiBa, Department IRM, Frankfurt am Main, Germany
Risk Manager/Information Security Manager
• Continuous improvement and implementation of IS Governance (ISMS) within the ISO 27000 Standard and BSI 100-1 and BSI 100-2 (MaRisk)
• Further development and support of the Security Monitoring and IS Management reports
• Risk analysis with ISO 27005 and BSI 100-3
• Independent risk evaluations of IS/IT Security
• Support of the departments: IS Incident Management, data classification, personnel security, physical security, access control, platform security, network security, BCM and DRP
• Development of BCM scenarios in line with BSI 100-4
• IS training of ING staff
• Set up of an Awareness Campaign for the introduction of the ISMS
• Project Management
• Co-ordination and support of the reporting process towards the ING Headquarters
• Set-up of project costing & controlling
• Development of BCM/DRP Scenarios with BSI 100-4
01.01.10 - 30.04.10 Deutsche Telekom AG, Department GHS, Bonn, Germany
Security Program Manager for Europe and South Eastern Europe
(The project was conducted in the English language)
• Project management services on highly complex information / IT security projects and issues
• Developing and communicating of security proposals, procedures, and guidelines for multiple platforms and diverse systems environments (SIEM, PKI,…)
• Review of developments, assessments, and implementation of security plans, products, and control techniques
• Investigating and recommending appropriate corrective actions for data security incidents
• Identification of security risks to the organization and ensuring that appropriate data security procedures and products are implemented
• Maintaining of awareness programs of corporate security policies and government regulations pertaining to information security
• Leading the ISO27000 standard convergence and also using various other IT Security and/or Information Security Management concepts such as Access controls, Identity Management, Risk Management, ISO, NIST, CVSS, SOX, PCI/DSS
01.02.09 – 30.06.09 Deloitte & Touche GmbH, Munich & Frankfurt, Germany
Senior, Financial Service Industry, Enterprise Risk Service
• Business Development
• Due Diligence and IT outsourcing preparation/evaluation (near shore/off shore) for a major real estate bank in Germany
• Critical business process consulting for the FSI
• Developing of holistic ISMS Frameworks with Deloitte methodologies, ISO27001, ITIL, PCI-DSS and MaRisk (VA)
• Definition of IT Security KPI Models
• ISMS Development & Implementation with ISO27000 and BSI-100-x
• Risk analysis with ISO 27005 / Potential risk mapping
• Development of BCM Scenarios with BSI-Standard 100-4 (preview)
• Working on internal strategy projects
• Developing of IT Security Audit Programs based on COSO & CobiT frameworks
• Deloitte & Touche internal methodologies training for:
• Enterprise Value Delivery for SAP and Oracle
• Enterprise Information Management
• Risk Intelligence Overview
• Risk intelligence Value Map
• Business Process Risk Assessment
• Value Map, M&A
• Outsourcing
• Program Leadership & Path to Value
01.05.08 – 31.07.08 TPG The Project Group GmbH, Munich, Germany
Consultant, Enterprise Project Management, MS-Project Server 2007
• Project Management with MS-Project Server 2007
• Enterprise Project Management (EPM) Consulting
• Implementation of Project 2007 and MS-Project Server 2007
• PMI / PMP Consulting
01.01.06 – 31.01.09 Entrepreneur / Freelance IT Consultant
• IT-Strategy Consulting
• Business Development and implementation of marketing strategies for IT Administration companies
• Project Management (incl. Turnaround Management)
• Consulting, Staffing and Auditing of IT-Projects for Small and medium-sized Enterprises
• Auditing of IT outsourcing contracts and services
• Implementing of Project Management Structures incl. Project Management Offices (PMO) with MS–Project Server 2007
• IT-Security Consulting (MaRisk) for Fortis Bank (now BNP Paribas Fortis)
01.08.03 – 31.12.05 CCR Logistics Systems AG, Holding Munich
Division Manager IT-Operations and deputy Manager
IT-Development
• IT Operation Team Lead with Budget Responsibility
• Set up of an ITIL conform IT Service Management
• IT Management for two redundant Data Centers
• Data Center consolidation via Server virtualization
• IT Process Design and alignment with international Customers (VW, BMW, …)
• MS Navision / MS Dynamics evaluation, customizing and implementation (incl. add-on development of Webservice interfaces and Webfrontends)
• Outsourcing of SAP and Web applications including SLA design
• IT Security Management
01.07.00 – 31.07.03 CCR Logistics Systems AG, Holding Munich
IT Co-ordinator
• Integration of Web applications of major international customers build up on set interface definitions
• Development of an international billing- and SCM Software
• Set up & Management of Inter- and Intranet Services incl. Security Processes
• IT Administration, IT Security & Management of all international subsidiaries
• Set up of IT Security Systems (DMZ) and Processes with contemporaneous white box security testing of all IT systems
01.04.97 – 30.06.00 Entrepreneur in the field of IT consulting and Software
developing for medical processes and networks
• Development of an accounting Software for the
Kassenärztliche-Bundes-Vereinigung (Resident Doctors’
Association, Germany)
• IT Administration
Project history
AUDI
Deutsche Telekom
BAYER
Deloitte
ING-Diba
Deutsche Telekom
BAYER
Deloitte
ING-Diba
Local Availability
Only available in these countries:
Germany, Austria und Switzerland
anytime anywhere
