Upgrade Post project
Profileimage by Anonymous profile, ISO/IEC Information Security Auditor/Lead Auditor-TÜV, Information Security Officer, ITSM
Wittenberg
not available until 06/03/2024

Last update: 07.03.2024

ISO/IEC Information Security Auditor/Lead Auditor-TÜV, Information Security Officer, ITSM

Company: Eulert Consulting
Graduation: not provided
Hourly-/Daily rates: show
Languages: German (Native or Bilingual) | English (Limited professional)

Keywords

Skills

ISO/IEC Information Security Auditor/Lead Auditor-TÜV, ISMS nach ISO/IEC 27001 - Information, ISO/IEC 20000 nach ITSM, ITIL, HTML, JavaScript, VBS, Datenbanken, Client/Server-Tools, Lotus Notes 5, 6. 7. 8, MS Access 2000, MS SQL, Sharepoint, Snapshot, Ghost, DriveImage, Acronis True Image, Photoshop, Open Groupware, Remedy, Peregrine Servicecenter, HP Service Center, MAXIMO(Ticket System), Assyst, HP Service Manager, Helpmatics, Peregrine Tivoli Asset Management 4.3.2, Bloomberg, Reuters, FileMon, Regmon, Open Office, MS Projekt, HP IP Console Viewer, IBM Virtual Console, VM Ware Virtual, Console, VShere, XenAPP Provisioning Servers, On Command, Remote Master, VNC, AT, T Network, Client-IBM, IBM-Director 5.1.0, Checkpoint Firewall, Bitblocker, SafeGuart Easy, BMC- Patrol (Monitoring), WhatsUp Gold, Nagios, TheGuard, BMC Remedy ITSM, SM7, Tivoli Storage Manager (TSM), SAP R/3, Module MM, FI, PM, IS-U, HCM, BW, EMC Dokumentum, SAP Solution Manager, SAP Solution Manager 7.1 - Incident Management, Jira Project, Management, SCORE, eCTD Manager, RegTrack, gCMW, ARISg, DNS, DHCP, RAS, VPN, WINS, DFS, Active Directory, GPO, SUS, SAN, Cisco, Windows 9x/ 2000/2003/2008, NT 4.0/ ME/ XP, Windows7, Windows10, Terminalserver, Citrix XenApp Server 6.5, Novell 4/5, Linux (Enterprise Server 8, Suse 8.2, TCP/IP, UDP, FTP, HTTP, SSL, Novell-IPX, LAN, WAN, MS-Office, Microsoft Office2003/2010/Office365, Microsoft Lync, Internet Explorer 5.x, Netscape Communicator 4.x, Mozilla, Server HP Proliant GL 380 G4, IBM, xSeries, Blade Center, Dell Power Edge 350, Maxdata, Cisco 800, IOS, Dreytec (Vigor), Supermicro, Cisco Switch, Cisco Catalyst 3750, Workstations HP, FujiutsuSiemens, Lintec, Dell, Compaq, PDA, Notebook, Toshiba, Sonic Firewall, Atlassian, Confluence, ITIL V3, Office365, IT Security, Jira, Confluence) inklusivePlanung, IT-Security, Skype for Business, Microsoft Office2013, Lync- Skype for Business, Citrix, HP, Cloud, Microsoft Office2010, RSA, Lync, HP Service Manager 9, Sharepoint 2010, HP Encryption, LanDesk, Dell Encryption, Checkpoint Security, SCCM, SCOM, Microsoft Outlook 2010, Mc Afee, Jira Project Management, SAP, Quest, Identity Management, WordPress, Lotus Notes 8.5, MAN, HP ServiceCenter 2.0, Windows Server 2012, MS Exchange 2010, Windows 7, Citrix XenApp 6.5, Lotus Notes 7.0/8.0, HP ServiceCenter 2.0, 5.0, Omnitracker, SCOM Hardware Lenovo, Blackberry, MAXIMO, Lotus Notes, Office XP, Six Sigma, MS Exchange2007/2010, Remote Control Master 4.05, PC Anywhere, BMC Remedy, Helpline-Peregrine Service, Service Now, Center, Peregrine Tivoli Asset Management 4.3.2 (Datenbankmanagementsystem), Citrix-ICA-Client, T Network Client-IBM, Tivoli, Manager, BMC- Patrol, SCCM 2007, Matrix42, Empirum, Virtual Console, HyperV, SAP BO/BA/BW, IBM Series, 206 Server, Blade Center, IBM Notebook, MS Exchange, WINNT4.0 - W2K3, Logfiles, MS Exchange 5.5, MS Exchange 2003, LDAP, RDP, W2K3, MS Exchange 5.5 - 2003, Windows XP, Terminalserver 2003, Citrix Metaframe Software Office XP, MS-Office Projekt Web Access 2003, Quest Migrator 6.2, Windows Script, BMC Remedy ARS(5.0), Clear-Case 4.2, ADS, MS Windows XP, MS Office XP, VM WARE Workstation Version 4.5.2, IDB 3.0, Hardware Workstation Fujitsu-Siemens, MS /Client, MS /Client-Server, Citrix Metaframe, Basis W2K3, MS Windows 2000 Prof, MS Office 2000, Lotus Notes 6,5, 7.0, 8.0, F-Secure Anti-Virus, Domino Server, Exchange Migration wizard, MS Windows Server 2003, Lotus Notes 4.6, dumpact.zip, Dame Ware, Remote Control, IBM Server 330, Microsoft Office 2003, Windows 2003, Windows Server 2003, SYSPREP, Citrix Metaframe XP Server for Windows Release 3, Mc Afee7.1, Big Brother Hardware Server, HP Proliant GL 380 G4, Switch (Cisco Catalyst 3750, VNC Viewer4, ZENworks, Windows NT auf XP, Novell Client for Windows, Novell 5, Drive Image, TCPView, SnagIT32, Novell Console One, Remote Access (Unicenter Remote Access Control, Outlook, Lotus Notes 6.5, Windows Server 2003 / XP, MS Office, Remote Access, Unicenter Remote Access Control

Project history

05/2023 - 06/2023
ITIL- Security Berater
Institut Straumann AG (Pharmaceuticals and medical technology)
  •  Mapping of ITIL support services processes (incident-,problem-, change-, asset management processes) to ensure high performance services level based on 24x7
  •  Establishment of a global IT emergency process in accordance with NIST
  •  Technical consulting for the MFA (Multi Factor Authentication) implementation project
  •  Coordination of business case activities for TEAMS roll-out
  •  Preparation of presentation for management
11/2021 - 03/2023
IT-Security Consultant ISMS
Porsche AG (Automotive and vehicle construction)
  •  Support in the manual review of the security specifications for 2nd level
  •  security measures as well as 2nd line controls of the ISMS regulations
  •  Support-processing of IT security requests
  •  Ticket tracking within the scope of ISMS consulting
  •  Evaluation in Vulnerability Management and its Vulnerability Management Processes
  •  Investigations in the areas of: Endpoint Security, Infrastructure- and Cloudsecurity, Identity- and Access Management, Cryptography, Windows Client, Server, AD, Azure Active Directory according to BSI Standard 200-3
  •  Creation of weekly reports for management
  •  Definition of cyber security requirements based on common standards (e.g. ISO27001 and BSI) and market-specific standards in the automotive sector
  •  Review of findings with all departments
  •  Participation in the development of concepts for the cybersecurity
  •  Planning and implementation of IT security tests and technical security tests in the area of IAM SAP Audit
  •  Coordination, management and support of external auditors in the implementation of external IT service providers
  • Quality assurance of results documentation and reviews
  •  Internal evaluation of all findings, review of appropriateness, reconciliation of findings, as well as measures with all specialist departments
  •  Conducting internal audits to ensure that the applicable Tisax requirements are met
  • coordination of implementation with external IT service providers
  •  Execution of risk analyses and regular IT security audits of IAM


07/2021 - 11/2021
IT-Security Manager
Hapag- Lloyd AG (Transport and Logistics)
  • Management review, coordination of remrediation oof the found vulnerability scans
  •  Regular review oft he existing SIEM
  •  Technically consult the SOC- team to adequately cope with security risks connected with the detected flaws and vulnerabilities and their mitigation
  •  quality standards are defined by the industry standards – ISO 27001 and BSI IT basic protection
  •  Advise on ways to address identified security deficiencies and vulnerabilities, via email, virtual sessions via MS teams, and by phone
  •  Analyze security concepts provided by threat and vulnerability management team in order to identify vulnerabilities in all software layers
  •  Review-coordinate regular pentests and all finding with all departments
  • Evaluation: cyber security management, cloud security (azure,aws), governance & compliance, it risk management and it audit
  •  Risk identification
06/2021 - 08/2021
IT security expert
ABCFinance GmbH (Banks and financial services)
  •  Establishment of a security incient process in the existing incident process
  •  Development of decision templates and solutions for a central SIEM/SOC,CERRT according to BSI basic protection
  •  Evaluatiuon, documentation, process optimization, and consulting, according to itil and iso 27001, as well BSI IT basic protection of internal processes
  •  Design oft he processes of specificstions in operational security
  •  Preparation of presentation for management
09/2020 - 06/2021
IT Security Architecture - BSI-Grundschutz consultant
LZPD- State Authority (Public service)
  •  Definition of requirements for possible products or security services: central contact point/ reporting office, bsi-security audit services/ consulting
  • Development of a central security solution: siem (security information event management)
  •  Establishment of an early warning system: detection of anomalies from historical data
  • Methodology and procedure according to the bsi standard 200-1-basic protection methodology
  • Creation of it security concepts for standard protection of the state police authority nrw and their procedures
  • Coordination of preparatory emergency measures of iso 27001 on the basis of bsi it-grundschutz in are of the police nrw
  • Testing of the it security architecture (e.g. virus protection, certificate management, security monitoring, etc.)


02/2020 - 03/2020
Consultant Cybersecurity ISO 27001 – Audit - Compliance
VW (Automotive and vehicle construction, >10.000 employees)
  • Processregistration
  • Assessment of applicable compliance controls - as-is recording
  • Operationalization of compliance controls
  • coordination tasks 
  • Planning and implementation of workshops
  • Stakeholder management
  • Coordination and management of the IT security steering committee
  • Monitoring the implementation of information security measures
  • Securing, documentation of the information security measures including the access regulations
  • Test, develop of the information security requirements
  • Planning of internal security assessments for all brands in the area of information security at VW and the Protected Customer CSMS - Cyber Security Management Systems
  • Test, develop of the information security requirements
  • Comparison of Cyber Security relevant controls of the UNECE (United Nations Economic Commission for Europe), in relation to the ISO 27001 standard, as well as compliance and risk management in the automotive sector
  • Rule coordination, GAP analysis in the steering committee with specialist teams from the IT technical team vehicles, development and business 
01/2020 - 02/2020
Audit ISO 20000 Consultant
IBM Deutschland GmbH / VW Kassel / Baunatal (Internet and Information Technology, >10.000 employees)
  • support in the preparation fon an iso 20000 audit
  • audit support
  • development of possible questions for service responsible for the ISO 20000 audit: availability, business continuity, capacity, configuration management process, business continuity- bcm, emergency precautions for emergency-relevant services, as well as all business-critical processes
06/2019 - 12/2019
Consult Servicemanagement
EWE AG Oldenburg/Bremen (Energy, water and environment)
  • control of incident management
  • coordination of external suppliers and provider
  • central recording and prequalification of all fault messages
  • dispatching into the responsible solution areas and tracking the filtering
  • review of all resolved incidents
  • informing customers about faults and availability of the services provided in close cooperation with sales and service management
  • monitoring and evaluation of the agreed availability and ongoing optimization of the procedures and processes for securing and restoration of availability (BCM- business continuity management)
  • overall coordination of escalations and documentation of crisis situations
  •  
  • improve service and process quality process KPI reporting
  • analysis and extension of the associated documentation
  • analysis of the current process structures for incident processing as a basis for the conception phase
  • overview of incidents via the Omnitracker tool (incidents of purchasing department, legal department, service technician, internal staff working with mobile devices)
  • concept development for integration of a centralized incident management process according to ITIL V3 including milestones for the overall consideration of the security of supply reports (deviation of the actual electricity and natural gas supply from the planned electricity and natural gas supply) and solutions taking into account ISO 27001 standard
  • creation of a process key figure report for the analysis of the solutions and duration until the resolution of incidents
  • creation of a service process map in sharepoint (atlassian, confluence) of all business-critical processes
  • test phase via the ITIL V3 defined solutions and adaptation of the change requirements in the test phase in the management process according to ITIL V3
  • participation in process meetings for the status exchange / process status and for the presentation of the results with the o.g. Specialist departments of the end customer
  • preparation of a detailed technical documentation according to ITIL V3
12/2018 - 01/2019
Consultant IT Security Production Network- Cybersecurity
Olympus Surgical Technologies Europe / Hamburg (Pharmaceuticals and medical technology)
  • head of network security project troubleshooting audit findings with the internal IT, as well development department
  • control of individual phases as external project management: Initialize, planning, execution, completion
  • planning, control and implementation of the project
  • effort estimation, resource planning, cost, deadline and milestone planning
  • definition of required work packages
  • planning, development and securing of IT security
  • preparation and execution of kick-off appointments
  • ensuring the quality of the project, quality management
  • evaluation, process optimization, and consulting according to ITIL and the ISO 27001 standard
10/2018 - 10/2018
Consultant for Proof of Concept Clientsystems
Beiersdorf AG / Hamburg (Consumer goods and retail)
  • ist analysis, feasibility study, creation POC (proof of concept)
  • development of decision templates and solutions for the central service desk and service delivery area for predictive analytics-predictive analytics
  • optimization of internal service desk and 2nd level processes
  • evaluation, documentation, process optimization and consulting, according to ITIL and ISO 27001 internal processes
  • evaluation, documentation, process optimization and consulting, according to ITIL and ISO 27001 internal processes
  • creation presentation for top management
09/2017 - 09/2018
IT Operation Manager
Airsysy GmbH (Airport Hamburg) (Public service)
  • analysis and preparation of fault messages (in particular   incidents)
  • steering and guidance of a 25 specialist team, which for configuration or adjustments of various platform is responsible at the airport
  • control, coordination of external suppliers
  • it project responsibility for internal projects in sharepoint (atlassian-jira, confluence) including planning, implementation, budget and target achievement
  • prioritization and coordination of it requirements including control of external partners
  • ensuring internal knowledge management and employee training according to ITIL standard
  • evaluation, testing of internal ITIL processes, as well as regular improvement of the IT security concept according to iso 27001 bsi-support
  • advice to employees and customers on topics related to information security and it security
  • assistance with projects, especially with regard to it security relevant Aspects
  • definition of it security standards and processes as well as ensuring the implementation
  • ensuring the operation of the used technologies according to the established standards
  • documentation and maintenance of the fault rectification in close coordinate with the working it operating area
  • support / coaching of the it operating areas in all organizational as well as methodical questions on the trouble processing
  • communication on the processing status within it as well as the customers, preparation for the preparation of status reports  as well as statistics on the course of disturbances, traffic
  • optimization of existing services, improvement of service quality
  • regular planning and implementation in the emergency management and recovery test (business continuity) in close coordination with all departments, as well as the federal police
  • continuous securing of the existing It services, improvement of the service quality in area availability, capacity, business continuity management iso 20000
  • initiate quality assurance, optimization and IT service KPIs and SLAs within the technology
  • sla tracking and KPI reporting
  • coordination on escalations, major service incidents and their cause
  • support in the suppression by means of targeted coordination in the various departments involved at the same time, including 3rd parties
07/2017 - 08/2017
Project Manager
Wincor Nixdorf Portavis GmbH (Internet and Information Technology)
  • Project management, evaluation and audit of internal ITIL processes for a international outcourcing project
  • Review and audit of existing documentation
  • Check feasibility for relocation delivery center in a banking environment with regard to ISO 27001
04/2016 - 06/2017
IT Delivery Manager
QSC AG / Hamburg (Internet and Information Technology)
  • responsibility for delivery of the contracted services in appropriate quality
  • cloud service catalog, it transformation project, implementation, operation control and coordination of pure enterprise cloud (PEC) computing
  • verification, audit support ISO 27001 bsi protection
  • control of operational activities in case of escalation
  • monthly emergency management exercises - availability business continuity managed to ensure it service iso 20000
  • organization and implementation of service review meetings
  • execution of operations meeting
  • testing / monitoring of tickets (Incident, Request, Changes, Problems) using HP Service Manager to ITIL
  • Continuous improvement of business process-related reporting using HP Service Manager
  • Interface extension in the HP Service Manager in cooperation with ITIL
  • Control of complex Requests
  • external provider control
  • cost of verification of complex customer inquiries /Requests
  • support the service manager at the accounting
01/2016 - 04/2016
Incident und Problem Manager
Wincor Nixdorf Portavis GmbH / Hamburg (Internet and Information Technology)
  • testing and constant improvement of international it security management isms according to bsi basic protection
  • coordination, moderation and examination of security incidents in connection to the international it security
  • treatment of persistent problems and preventive activities to avoid incidents
  • manage all problems through the lifecycle
  • create, update and manage problem report
  • quality assurance problem ticket to the final solution
  • coaching / moderation of incidents and problem analysis with international specialists in task force
  • regular status report to the globally defined recipients
  • external provider control
  • performing trend analysis and major problem review
  • initiator problem board evaluation and testing of sla violations
08/2015 - 11/2015
Consultant IT-Monitoring and process consulting
Mülheim an der Ruhr (Consumer goods and retail)
  • support / advice on the international monitoring structure
  • connection monitoring of events , -and incident
  • evaluation, documentation, process optimization,consultancy ITIL and ISO 27001 internal processes worldwide
  • weekly international evaluation - Review Incidents with Jira
  • security reviews on international monitoring and event management
  • advising on IT security issues at the international and national levels
  • ensuring the application and infrastructure security with customers
  • advising on data protection, information security and IT security topics: policy checks, audits, review
  • optimization and monitoring range of internal processes
  • verification, creation of IT security concepts according to ISO 27001 bsi support
  • setup from SLAs for support
  • examination and preparation of technical security policies for international support
  • User management with ADM Identity Manager
04/2015 - 06/2015
Projektmanager – Enterprise Applications
GFK SE / Nuremberg (Other)
  • control of employees and international supplier teams (architecture, software development, support it operations)
  • review of processes, major incidents and problems of release updates in the area sccm and scom worldwide, moderation tasks force using hp service manager to itil
  • weekly international service review meetings
  • demand-/supply planning
  • tracking and compliance with project plans in jira
  • administration jira, interfaces, right structure, plugins
  • set up sla for support
  • change-, escalation management
  • risk ,project analysis and risk assessment
  • ^vendor management , check external supplier contracts

Local Availability

Open to travel worldwide
PLZ: D0, D1, D2, D3
Profileimage by Anonymous profile, ISO/IEC Information Security Auditor/Lead Auditor-TÜV, Information Security Officer, ITSM ISO/IEC Information Security Auditor/Lead Auditor-TÜV, Information Security Officer, ITSM
Register