Keywords
Skills
Special Know-How
General Know-How
08/2018 – 07/2019
Project Management, Business Analysis
ISO 27001 Implementation project for a Middle East Air Navigation Services Provider
Project lead for the implementation of an ISO /IEC 27001/27002 based Control Framework and the Information Security Management System
Task:
> Project Lead
> Setup and lead the project team
> Time, cost, and quality control
> Coordination with the client
> Development of the Governance Framework
> Development and implementation of Policies, Standards and Guidelines
> Definition and Implementation of the Information System Risk Management
07/2017 – 08/2018
Business Analysis and Consulting
Public Key Infrastructure process review and improvement for a Swiss Telecom
> Review of existing order and provision processes
>> commercial, security and technical aspects
>> documentation
>> contractual aspects
> Documentation updates
> Improvement proposals
07/2017 – 08/2018
Business Analysis
Business Impact Analysis for a Swiss Hospital
Business Impact Analysis with regards to potential outages of central IT systems
> Analysis of and system-based process
>> Outage impact on hospital departments
>> Identification of mission critical processes
>> Identification of weaknesses and gaps in business continuity plans
>> Documentation and presentation of result including proposal for improvements
01/2018 – 05/2018
Project Management
Program Lead for Program setup phase Telecom / Swiss Bank
Project planning and organization for services changes after contract renewal for Network Outsourcing
Tasks:
> Overall Program Lead
> Setup and lead the project teams
> Plan and initiate sub projects with the teams of the outsourcing client
> Time, cost, and quality control
09/2017 – 12/2017
Business Analysis
Services optimization project for Swiss Telecom
Service and organization review and recommendations to optimize the service provision and organizational setup.
> Review of current services and organization
> Optimization proposals
06/2017 – 12/2017
Business Analysis
IT Security and Data protection in IT Migration to Cloud Services for a Swiss Retail Bank
Security requirements and review for the provision of cloud services in a Cloud (Private / Public)
> Definition of security requirements for the implementation of cloud services
> Design review in support of the Internal Audit Department
> Review of the supplier’s test results
04/2015 – 12/2016
Project Management
Project Management in physical and cyber security projects for Power Grid Operator
Project Management in physical and cyber security projects for a major Swiss Power Grid Operator
> Project planning, management and reporting
> Tender documentation
> Supplier selection
12/2015 – 08/2016
Business Analysis
Audit point remediation support for a major Swiss Bank
Governance framework to remediate Internal Audit findings (Network Security)
> Governance framework
> Control processes and procedures
> Action plan development and execution
10/2013 – 12/2014
CISO
ISO 27001 and CISO in Outsourcing Telecom / Swiss Bank
Lead on introduction of a 27001/27002 based Control Framework
CISO Position at the Provider in Outsourcing for a major Swiss Bank
Task:
> Get well plan definition and execution for Compliance and Security related matters
> Analysis and Setup ISO 27001/27002 Control Framework
> Requirements definition, tool selection and implementation
> Analyse, improve, define and implement control processes and procedures
> Risk Mgmt.
08/2011 – 09/2012
Program Lead
Program Lead: Telephony TDM to VoIP migration, Telecom / Swiss Bank
Program lead in a Telecom’s Outsourcing project migrating a TDM (Time Division Multiplex) telephony infrastructure (approx. 30000 desks) into a VoIP (Voice over IP) managed service. The Telecom’s client is a Swiss Bank
Tasks:
> Overall Program Lead
> Setup and lead the project teams
> Coordination with the suppliers
> Communication with the client
> Time, cost and quality control
01/2011 – 07/2012
Audit Support
Support Client in Audits, Telecom / Swiss Bank
Audit support for the network outsourcing service provider, where the outsourcing client performed an internal audit against the outsourcing service provider
Tasks:
> Coordinate audit between service provider and client
> Coordinate evidence collection at the service provider
> Quality control of delivered evidence
> Review and discuss audit findings with the outsourcing client
08/2010 – 05/2011
Project Risk Manager
Risk Management in Client’s Network Change Program, Financial Service Provider
A Financial Service provider changed its Network infrastructure (integration of dedicated networks into one common network infrastructure requiring new physical and logical setup)
Tasks:
> Review the projects risk situation on a regular basis
> Develop risk dashboard
> Report to internal audit
> Report to project board
02/2007 – 06/2009
Project Manager
Project Manager for the Service Provider in a Global Network Outsourcing Project of a Swiss Bank, Telecom / Swiss Bank
In a Network Outsourcing project, a Swiss Bank sourced out its global network services to British/Swiss cooperation of network service providers
Tasks:
> Project Lead for the Vulnerability Management Project
>> Requirements analysis
>> Design; Organization, Processes, Procedures, Service Level Agreements
>> Test and Implementation planning
> Security subprojects consulting and support
> Service Level Management and re-negotiations
> Sub-project financial analysis
03/2005 – 09/2005
Project Consulting
Public Key Infrastructure Service setup, Telecom
A Swiss Telecom company established a Public Key Infrastructure service.
Task:
> Consulting in the regulatory setup
>> Regulatory requirements analysis
>> Design: organizational setup; process design; review of the technical design
>> Support in testing and implementation
>> Support in operational handover
01/2004 – 06/2004
Project Manager
Business Continuity Management Review and Concept, Trading (Electricity)
Tasks:
> Review of existing Business Continuity Concepts and implementation in a electricity trader environment
> Design and implementation of a new BCM concept
Recurring
IT-Audits
- IT Risk Management
- IT Security and Data Protection / Regulatory
- IT Audit
- Program and Project Management Telephony migration/ outsourcing (20+ MCHF)
- IT- Services Outsourcing
- Project Risk Management
- Contract Management
- Service Management
- Project Quality Management
- Data Security in Cloud Services Implementation
- Process analysis and improvement
- Strategic Planning
- Systems Management
- Software Evaluation
- Reviews, Inspection
- Acceptance Testing
- Testing Organisation
- Integration Testing
- Test Management (Planning, Steering and Evaluation)
- Test Methods and Procedures
General Know-How
- Project Management
- Requirements Analysis
- Project Office incl. Time-, Budget- and Resource Planning, Project Controlling
- Management of people
- Reporting.
08/2018 – 07/2019
Project Management, Business Analysis
ISO 27001 Implementation project for a Middle East Air Navigation Services Provider
Project lead for the implementation of an ISO /IEC 27001/27002 based Control Framework and the Information Security Management System
Task:
> Project Lead
> Setup and lead the project team
> Time, cost, and quality control
> Coordination with the client
> Development of the Governance Framework
> Development and implementation of Policies, Standards and Guidelines
> Definition and Implementation of the Information System Risk Management
07/2017 – 08/2018
Business Analysis and Consulting
Public Key Infrastructure process review and improvement for a Swiss Telecom
> Review of existing order and provision processes
>> commercial, security and technical aspects
>> documentation
>> contractual aspects
> Documentation updates
> Improvement proposals
07/2017 – 08/2018
Business Analysis
Business Impact Analysis for a Swiss Hospital
Business Impact Analysis with regards to potential outages of central IT systems
> Analysis of and system-based process
>> Outage impact on hospital departments
>> Identification of mission critical processes
>> Identification of weaknesses and gaps in business continuity plans
>> Documentation and presentation of result including proposal for improvements
01/2018 – 05/2018
Project Management
Program Lead for Program setup phase Telecom / Swiss Bank
Project planning and organization for services changes after contract renewal for Network Outsourcing
Tasks:
> Overall Program Lead
> Setup and lead the project teams
> Plan and initiate sub projects with the teams of the outsourcing client
> Time, cost, and quality control
09/2017 – 12/2017
Business Analysis
Services optimization project for Swiss Telecom
Service and organization review and recommendations to optimize the service provision and organizational setup.
> Review of current services and organization
> Optimization proposals
06/2017 – 12/2017
Business Analysis
IT Security and Data protection in IT Migration to Cloud Services for a Swiss Retail Bank
Security requirements and review for the provision of cloud services in a Cloud (Private / Public)
> Definition of security requirements for the implementation of cloud services
> Design review in support of the Internal Audit Department
> Review of the supplier’s test results
04/2015 – 12/2016
Project Management
Project Management in physical and cyber security projects for Power Grid Operator
Project Management in physical and cyber security projects for a major Swiss Power Grid Operator
> Project planning, management and reporting
> Tender documentation
> Supplier selection
12/2015 – 08/2016
Business Analysis
Audit point remediation support for a major Swiss Bank
Governance framework to remediate Internal Audit findings (Network Security)
> Governance framework
> Control processes and procedures
> Action plan development and execution
10/2013 – 12/2014
CISO
ISO 27001 and CISO in Outsourcing Telecom / Swiss Bank
Lead on introduction of a 27001/27002 based Control Framework
CISO Position at the Provider in Outsourcing for a major Swiss Bank
Task:
> Get well plan definition and execution for Compliance and Security related matters
> Analysis and Setup ISO 27001/27002 Control Framework
> Requirements definition, tool selection and implementation
> Analyse, improve, define and implement control processes and procedures
> Risk Mgmt.
08/2011 – 09/2012
Program Lead
Program Lead: Telephony TDM to VoIP migration, Telecom / Swiss Bank
Program lead in a Telecom’s Outsourcing project migrating a TDM (Time Division Multiplex) telephony infrastructure (approx. 30000 desks) into a VoIP (Voice over IP) managed service. The Telecom’s client is a Swiss Bank
Tasks:
> Overall Program Lead
> Setup and lead the project teams
> Coordination with the suppliers
> Communication with the client
> Time, cost and quality control
01/2011 – 07/2012
Audit Support
Support Client in Audits, Telecom / Swiss Bank
Audit support for the network outsourcing service provider, where the outsourcing client performed an internal audit against the outsourcing service provider
Tasks:
> Coordinate audit between service provider and client
> Coordinate evidence collection at the service provider
> Quality control of delivered evidence
> Review and discuss audit findings with the outsourcing client
08/2010 – 05/2011
Project Risk Manager
Risk Management in Client’s Network Change Program, Financial Service Provider
A Financial Service provider changed its Network infrastructure (integration of dedicated networks into one common network infrastructure requiring new physical and logical setup)
Tasks:
> Review the projects risk situation on a regular basis
> Develop risk dashboard
> Report to internal audit
> Report to project board
02/2007 – 06/2009
Project Manager
Project Manager for the Service Provider in a Global Network Outsourcing Project of a Swiss Bank, Telecom / Swiss Bank
In a Network Outsourcing project, a Swiss Bank sourced out its global network services to British/Swiss cooperation of network service providers
Tasks:
> Project Lead for the Vulnerability Management Project
>> Requirements analysis
>> Design; Organization, Processes, Procedures, Service Level Agreements
>> Test and Implementation planning
> Security subprojects consulting and support
> Service Level Management and re-negotiations
> Sub-project financial analysis
03/2005 – 09/2005
Project Consulting
Public Key Infrastructure Service setup, Telecom
A Swiss Telecom company established a Public Key Infrastructure service.
Task:
> Consulting in the regulatory setup
>> Regulatory requirements analysis
>> Design: organizational setup; process design; review of the technical design
>> Support in testing and implementation
>> Support in operational handover
01/2004 – 06/2004
Project Manager
Business Continuity Management Review and Concept, Trading (Electricity)
Tasks:
> Review of existing Business Continuity Concepts and implementation in a electricity trader environment
> Design and implementation of a new BCM concept
Recurring
IT-Audits
- Public Services
- Public Key Infrastructure
Project history
Local Availability
Open to travel worldwide
Other
linkedin: https://www.linkedin.com/in/siegfried-lescow-65125313b