Keywords
Analysis
AS/400
BPO
IT Project Manager
IT purchasing
IT Risk Assessment
IT Rollout
IT Service Delivery
IT Service Management
IT Supplier
IT Team Leader
ITIL
ITIL V3
BPMN
JIRA
Know Your Customer
KPI
KPI monitoring
KPI Report
KRI
KYC
KYC Review
landesk
large project
business
LE
leadership
leadership skills
Leadership Coaching
Licensing
License Manager
License Management
M&A
Managed Services
Management Consultancy
Business & Functional Requirements Gathering
Management Advisory
management and business consultant
Management Consultant
Management Consulting
management reporting
Manager
MIFID II
MS Office suite
MS project
Outsourcing
Business & IT Analyst
Outsourcing & procurement
P&L
Performance Management
PRINCE2® Practitioner
PRINCE2®
Procurement
Project management
Project Manager
Project Delivery
project experience
Business & IT Consultant
Project lead
Project Leader
project leadership
project management & consulting
Project Management Outsourcing
project monitoring
Quality assurance / management
Quality Management
RFI
RFP
Business Analysis
RfP full life-cycle
RFP/RFQ
RFQ
Risk and Compliance
Risk Management
Scrum
Scrum Master
scrum master certified
Segregation of Duties (SoD)
Service & Incident Management
Business Analyst
Service contracts
Service Delivery
Service Delivery Manager
Service Level Agreements
Service Management
Service Manager
Service Now
Service provider
SLA
SLA Management
Business and Finance
Sourcing
Sourcing Management
Sourcing Manager
Sourcing strategy
SoD
Software Licensing
Software life-cycle
SOX
supplier development
Supplier Lifecycle Management
Business and IT
Supplier management
SUPPLIER QUALIFICATION
supplier sourcing
Transition Management
Transition manager
UAT
UAT Testing
Vendor Management
Vendor Invoice Management
Vendor relationship
Bank Know How
Business and IT Process Management
Business Consultant
Business Consulting
Business Continuity Management
Business Management
Business Needs Clarification
Business Operations
Business Partner
Business process model
Carve Out Management
Bank Technology
Carve-out
Certification
Change & Performance Management
Change Management
Change the Bank
COBIT
Communication
Compliance
Compliance Management
Contract
Banking & Finance
Contract evaluation
Contract Management
Contract Manager
Contract Negotiation
Contract preperation
Contract/Risk Manager
Contractor Management
Controlling
CSI metrics
CSI processes
Banking experience
data flow diagramming
Data Modelling
Data Privacy
data protection
Delivery Management
Delivery Manager
Disaster Recovery
Document Management System (DMS)
Documentation
Documentum
banking sector
EBA
EBA Outsourcing Regulations
eDMS
English
English native speaker
English and German
ERP
GDPR
GDPR Compliance
German
Basel II
German and English
Global Administrator
global delivery
Global implementations
Global Sourcing
Global Teams Management
global timelines
Global Project Management
Intercultural Communication
International deployments
Basel III
international project management
international Projects
International Rollouts
International Sourcing
interpersonal skills
ISO 27001
IT Business Analyst
IT Consultant
IT Consulting
IT contract administration
BCM
IT Freelancing
IT generalist
IT Governance
IT Infrastructure
IT Management
IT Management Consulting
IT Licensing
IT Manager
It outsourcing
IT project management
Skills
Certification: Prince2®, ITIL v3®, Scrum Master
Technical Knowledge and Experience
MaRisk, BAIT, VAIT, EBA Guidelines for Outsourcing
Vendor management
KPI / SLA Management / KRI
EU & DE Data Protection / Compliance
Business process analysis & design
Change Management / Organization & Documentation
Risk Management
SoD (Segregation of Duties), Functional Taxonomy / Scorecard Analysis
KYC (Know Your Customer)
Regulatory Knowledge
GWG - Geldwäschegesetz Anti-Money Laundering Law
VAG - Versicherungsaufsichtsgesetz Insurance Governance Law
WpHG - Wertpapierhandelgesetz Securities Trading Act
DVO 2017 - Delegierte Verordnung (EU) 2017/ 565 Organisational requirements and operating conditions for investment firms
Technical Knowledge and Experience
MaRisk, BAIT, VAIT, EBA Guidelines for Outsourcing
Vendor management
KPI / SLA Management / KRI
EU & DE Data Protection / Compliance
Business process analysis & design
Change Management / Organization & Documentation
Risk Management
SoD (Segregation of Duties), Functional Taxonomy / Scorecard Analysis
KYC (Know Your Customer)
Regulatory Knowledge
- MaRisk Minimum Requirements for Risk Management
- BAIT Regulatory Obligations for IT in the Banking Industry
- VAIT Regualtory Obligations for IT in the Insurance Industry
- BDSG German Federal Data Protection Act
- GDRP EU General Data Protection Regulation
GWG - Geldwäschegesetz Anti-Money Laundering Law
VAG - Versicherungsaufsichtsgesetz Insurance Governance Law
WpHG - Wertpapierhandelgesetz Securities Trading Act
DVO 2017 - Delegierte Verordnung (EU) 2017/ 565 Organisational requirements and operating conditions for investment firms
Project history
03/2021
-
12/2021
Business Analyst, Outsourcing Expert
Aareal Bank
(1000-5000 employees)
Banks and financial services
06/2020
-
02/2021
Regulatory Senior Expert
Deutsche Börse AG
(1000-5000 employees)
Banks and financial services
04/2019
-
04/2020
Regulatory Specialist, Vendor Management Specialist
Finanz Informatik Technologie Services (FI-TS)
(500-1000 employees)
Banks and financial services
Responsible for the strategic, conceptual development of the Provider Management service. Area of expertise was in the context of outsourcing and relocation of services in the field of data processing and business informatics within the banking sector. Especially taken into account were the current requirements of the supervisory authorities BaFin, ECB and Bundesbank as well as the general legal requirements for support in central provider management.
Activities:
• Continual supervision of current and new regulations in the area of the ECB, MaRisk, BAIT/VAIT and ensure the proper implementation of such into internal regulations and processes
• Drive forward the digital transformation of the company by developing solutions for the digitalization of provider management processes and their auditable implementation
• Create management reports representing status quo as well as current challenges and risks
• Support internal and external audits by providing appropriate governance documentation and checklists
• Act as main provider management contact person for management, internal and external auditors as well as customers from the finance and insurance industries
Activities:
• Continual supervision of current and new regulations in the area of the ECB, MaRisk, BAIT/VAIT and ensure the proper implementation of such into internal regulations and processes
• Drive forward the digital transformation of the company by developing solutions for the digitalization of provider management processes and their auditable implementation
• Create management reports representing status quo as well as current challenges and risks
• Support internal and external audits by providing appropriate governance documentation and checklists
• Act as main provider management contact person for management, internal and external auditors as well as customers from the finance and insurance industries
06/2018
-
03/2019
Regualatory Specialist, Vendor Management Specialist
Bethmann Bank
(500-1000 employees)
Banks and financial services
Define, create, and implement central outsourcing management in accordance with the current regulatory landscape
Activities:
• Coordinate with the main affected parties to document and incorporate business requirements into the new governance model of outsourcing management
• Identification and classification of relevant IT contracts in relation to MaRisk, AT 9 / BAIT / GDPR
• Analyze contract fulfillment against MaRisk, AT 9 / BAIT / GDPR
• Create of a standard risk assessment catalog to determine the criticality of a self-created application (IDV) from a risk management perspective (links, data quality, security-relevant and personal data)
• Revise official Outsourcing Strategy for publication in the Annual Report (in both English and German)
• Define and implement a sustainable governance structure
License Management:
• Identify, analyze, and consolidate existing IT vendor contracts (approx. 100 different applications) and determine licensing roadmap for each application
• Support the legal department by the negotiations with external software and system suppliers
• Create a roadmap to upgrade and update the (ARIBA) contract management system
Acted as SME (Subject Matter Expert) for issues concerning German/EU laws & Best Practice (regarding provider management):
- MaRisk Minimum Acceptable Risk in Outsourcing
- BAIT Supervisory Requirements for IT in Financial Institutions
- BDSG Federal Data Protection Law
- WpHG Securities Trading Act
- GDPR General Data Protection Regulation
- MiFID II Markets in Financial Instruments Directive II
- (EU) 2017 / 565 Organisational requirements and operating conditions for investment firms
- EBA/GL/2019/02 EBA Guidelines on outsourcing arrangements
Activities:
• Coordinate with the main affected parties to document and incorporate business requirements into the new governance model of outsourcing management
• Identification and classification of relevant IT contracts in relation to MaRisk, AT 9 / BAIT / GDPR
• Analyze contract fulfillment against MaRisk, AT 9 / BAIT / GDPR
• Create of a standard risk assessment catalog to determine the criticality of a self-created application (IDV) from a risk management perspective (links, data quality, security-relevant and personal data)
• Revise official Outsourcing Strategy for publication in the Annual Report (in both English and German)
• Define and implement a sustainable governance structure
License Management:
• Identify, analyze, and consolidate existing IT vendor contracts (approx. 100 different applications) and determine licensing roadmap for each application
• Support the legal department by the negotiations with external software and system suppliers
• Create a roadmap to upgrade and update the (ARIBA) contract management system
Acted as SME (Subject Matter Expert) for issues concerning German/EU laws & Best Practice (regarding provider management):
- MaRisk Minimum Acceptable Risk in Outsourcing
- BAIT Supervisory Requirements for IT in Financial Institutions
- BDSG Federal Data Protection Law
- WpHG Securities Trading Act
- GDPR General Data Protection Regulation
- MiFID II Markets in Financial Instruments Directive II
- (EU) 2017 / 565 Organisational requirements and operating conditions for investment firms
- EBA/GL/2019/02 EBA Guidelines on outsourcing arrangements
03/2017
-
11/2017
Business Analyst, Vendor Management Specialist
Finanz Informatik Technologie Services (FI-TS)
(500-1000 employees)
Banks and financial services
Engaged as Business Analyst for the Provider Management department. Responsible for providing guidance and support for two initiatives:
1) ECB Audit Resolution Project
• Provide guidance and support in resolving Findings from a recent audit of the European Central Bank
• Coordinate & train internal Stakeholders in updated procedures to resolve audit points
• Provide documentation for submission to the European Central Bank as evidence of Findings resolution and implementation of future risk mitigation measures
2) Contract Analysis
• Create database to capture risk-relevant information from client as well as vendor contracts
• Identify legacy documentation and analyze contractual value chain to ensure risk management compliance
• Create roadmap and provide procedural documentation for the resolution of identified compliance risks
Acted as SME (Subject Matter Expert) for issues concerning German/EU laws & Best Practice:
- MaRisk Minimum requirements for risk management [Mindestanforderungen an das Risikomanagement]
- BAIT Regulatory obligations for IT in the banking industry [Bankaufsichtliche Anforderungen an die IT]
- VAIT Regulatory obligations for IT in the insurance industry [Versicherungsaufsichtliche Anforderungen an die IT]
- BDSG Federal Data Security Law [Bundesdatenschutzgesetz]
- GDPR General Data Protection Regulation
Activities:
Analysis and update of internal business processes to comply with new data protection regulation in the areas of:
• Compliance and risk controlling
• Exit Strategies
• Contract Management
• Definition and implementation of a centralized Provider Management structure
1) ECB Audit Resolution Project
• Provide guidance and support in resolving Findings from a recent audit of the European Central Bank
• Coordinate & train internal Stakeholders in updated procedures to resolve audit points
• Provide documentation for submission to the European Central Bank as evidence of Findings resolution and implementation of future risk mitigation measures
2) Contract Analysis
• Create database to capture risk-relevant information from client as well as vendor contracts
• Identify legacy documentation and analyze contractual value chain to ensure risk management compliance
• Create roadmap and provide procedural documentation for the resolution of identified compliance risks
Acted as SME (Subject Matter Expert) for issues concerning German/EU laws & Best Practice:
- MaRisk Minimum requirements for risk management [Mindestanforderungen an das Risikomanagement]
- BAIT Regulatory obligations for IT in the banking industry [Bankaufsichtliche Anforderungen an die IT]
- VAIT Regulatory obligations for IT in the insurance industry [Versicherungsaufsichtliche Anforderungen an die IT]
- BDSG Federal Data Security Law [Bundesdatenschutzgesetz]
- GDPR General Data Protection Regulation
Activities:
Analysis and update of internal business processes to comply with new data protection regulation in the areas of:
• Compliance and risk controlling
• Exit Strategies
• Contract Management
• Definition and implementation of a centralized Provider Management structure
06/2016
-
12/2016
Business Analyst, Vendor Management Specialist
RWE Supply and Trading GmbH
(250-500 employees)
Banks and financial services
Engaged as Project Manager for the Quality Assurance Initiative "VIP” (Vendor Improvement Programme).. Tasked to analyze and revitalize stalled VIP project and create a roadmap to implement the 12 identified workflows.
Scope: 568 international vendors
Scale: Delivery window of 6 months, 14 delivery location in 9 countries (Germany, Czech Republic, England, India, Indonesia, Netherlands, Singapore, USA, Vietnam)
ERFOLGE: • Revitalized stalled project and brought it to conclusion within scheduling parameters
Activities:
- Create and implement an Engagement model for Vendor Management
- Coordinate with main business Stakeholders to document and incorporate business-side requirements into new Vendor Management Governance and Engagement models
- Create and implement Communications Plan; including the organization of Focus Groups, create and publish various internal and external project marketing collateral, create training documentation for the Vendor Management Group
- Provide project closure training and lead implementation kick-off sessions for the areas of Governance, Engagement, Risk Reporting and Communications
- Act as technical PM responsible for translating business requirements to offshore development teams
- Analyze and re-design the data model for two (2) SharePoint databases
- Coordinate UATs and implementation of database into production environment
01/2016
-
07/2016
Contract Specialist, License Manager
Postbank
(1000-5000 employees)
Banks and financial services
Engaged as Business Analyst/Contracts Specialist in the project 'Separation IT eWorkplace & Environment' which controls the contractual separation ('carve-out') of Postbank from Deutsche Bank in preparation for Postbank's stock market debut in June 2016.
Tasked to analyze current contractual relationship between Deutsche Bank/Postbank for the area of 'IT eWorkplace' and create a roadmap to translate this relationship to Postbank and its chosen continuance vendors
Acted as SME (Subject Matter Expert) for issues concerning German federal laws:
- BDSG Bundesdatenschutzgesetz [data protection]
- GWG Geldwäschegesetz [anti-money laundering]
- TKG Telekommunikationsgesetz [telecommunications]
- VAG Versicherungsaufsichtsgesetz [insurance governance]
Scope: 20000+ affected workplaces, 3 vendor resources engaged
Scale: Delivery window for target phase was 4 months
Success:
• Finalized contracts delivered on schedule
• Successfully incorporated COBIT and ITIL elements into the Frame Agreement, SLA-Agreement and individual Service Specifications (Leistungsscheine)
Activities:
• Analyze Frame Agreements and SLA-Agreements for inclusion/compliance with key BaFin auditing specifications
• Identify key business services and create Service Specification documents (Leistungsscheine) for such
License Management:
• Coordinate with main business Stakeholder to document and incorporate business-side requirements into new contracts framework
• Analyze global/tethered license agreements and determine carve out roadmap, i.e. release, third-party contract, hybrid volume, etc.
• Consolidate and negotiate license agreements according to enterprise economic guidelines
Tasked to analyze current contractual relationship between Deutsche Bank/Postbank for the area of 'IT eWorkplace' and create a roadmap to translate this relationship to Postbank and its chosen continuance vendors
Acted as SME (Subject Matter Expert) for issues concerning German federal laws:
- BDSG Bundesdatenschutzgesetz [data protection]
- GWG Geldwäschegesetz [anti-money laundering]
- TKG Telekommunikationsgesetz [telecommunications]
- VAG Versicherungsaufsichtsgesetz [insurance governance]
Scope: 20000+ affected workplaces, 3 vendor resources engaged
Scale: Delivery window for target phase was 4 months
Success:
• Finalized contracts delivered on schedule
• Successfully incorporated COBIT and ITIL elements into the Frame Agreement, SLA-Agreement and individual Service Specifications (Leistungsscheine)
Activities:
• Analyze Frame Agreements and SLA-Agreements for inclusion/compliance with key BaFin auditing specifications
• Identify key business services and create Service Specification documents (Leistungsscheine) for such
License Management:
• Coordinate with main business Stakeholder to document and incorporate business-side requirements into new contracts framework
• Analyze global/tethered license agreements and determine carve out roadmap, i.e. release, third-party contract, hybrid volume, etc.
• Consolidate and negotiate license agreements according to enterprise economic guidelines
04/2015
-
08/2015
Business Analyst, Information Security Consultant
Deutsche Bank
(>10.000 employees)
Banks and financial services
(a) Partial project within the group 'Global Technology & Operations'
Supporting the KYC Process (Know Your Customer):
• Production of localized presentations for the KYC rollout to selected areas in Germany (Kickoff)
• Identification and coordination of Stakeholders, analysis, and documentation of their current KYC processes, and planning for the integration/implementation of global KYC guidelines
(b) Partial project within group 'Identity & Access Governance' Engaged as Business Analyst in the CISO IAG GAMA BTF
CISO Chief Information Security Office
IAG Identity & Access Governance
GAMA Global Access Management
BTF Business Task Force
Tasked to create and document the Business Design for the SoD TOM for global implementation (Segregation of Duties, Target Operating Model)
Analyzed and documented processes for risk assessments and remediation with respect to the Functional Taxonomy
Project value: €45 Million
Scope: 4500+ affected applications, 50+ vendor resources engaged
Scale: Delivery window for target phase was 4 months
Activities:
Analysis and documentation of business processes relating to:
• Review and design of Functional Taxonomy to identify toxic combinations
• Application Security Fundamental Issues from violation identification to remediation
• Review of access management issues across key business applications
• Review of roles, privileges, and entitlements within applications
• Maintenance of program master documents and libraries
Time and spatial flexibility
Available fulltime, remote or on-site in Frankfurt / Rhine-Main Metro area