IT-Projektmanagement, IT-Auditor (CISA), CISO, IT-GRC, IT-Architekt, Office 365 / Azure Cloud
Aktualisiert am 14.05.2024
Profil
Referenzen (1)
Freiberufler / Selbstständiger
Remote-Arbeit
Verfügbar ab: 03.06.2024
Verfügbar zu: 100%
davon vor Ort: 100%
IT-Security
ISMS
Informations
IT-Grundschutz
CISA
Managed Workplace
Cloud
IT Service Continuity Management
IT Servicemanagement
NIST CSF
ISO 27001
Security Management
BSI 200-x
NIST-800
Cybersecurity
Datensc
Security
IT-
IT-g
IT-s
German
native
English
Fluent
French
fluent
Chinese
basic
Thai
basic

Einsatzorte

Einsatzorte

Muenchen (+50km) Frankfurt am Main (+200km) Karlsruhe (Baden) (+200km) Hannover (+200km) Hamburg (+200km)
Deutschland, Schweiz, Österreich
möglich

Projekte

Projekte

1 Jahr 4 Monate
2023-01 - heute

Cloud Security

Security Matter Expert BMW Cloud Security ISO/IEC 20000 ISO 27000
Security Matter Expert BMW Cloud Security
  • Define security concept for all relevant applications running on the platform.
  • Connect applications to BMW central SOC / Splunk.
  • Regular Pen tests, IAST / SAST / DAST scans.
  • Assure compliance with BMW regulations.


Background:

  • BMW Group provides B2B and B2C services like CarData, FleetData, or Catena X via AWS cloud apps. 


Achievements (so far):

  • Security KPI of over 95% achieved.
  • Compliance KPI of over 90% achieved.

Informationssicherheit Secure coding
ISO/IEC 20000 ISO 27000
BMW Group / OpsSec
München
2 Jahre 4 Monate
2022-01 - heute

Cloud Vendor Assessments

Information Security Auditor Informationssicherheit
Information Security Auditor

  • Cloud Vendor Assessments (CVA) based on DCSO defined security domains (NIST/ISO)


Background:

  • DCSO conducts the Cloud Vendor Assessments (CVA) for VW, BASF, Bayer and Allianz.
  • All cloud-based solutions that shall be used, needs to pass a CVA


Achievements:

  • Conduct successful over 10 assessments in 2022
  • Conduct successful over 10 assessments in 2023

Informationssicherheit
Remote
4 Jahre
2020-01 - 2023-12

Cyber Security Programm

Project Lead NIST CSF ISO 27001 IT-Risk Management ...
Project Lead

  • Define Information Security (IS) roadmap till 2025.
  • Implement an ISMS according to ISO 27001, enriched with NIST-800 and NIST CSF controls.
  • Setup worldwide IS organization.
  • Setup of a worldwide 24/7 Incident Response Team.
  • Conduct a Business Impact Analysis and TCM/BCM concept.


Background:

  • Ottobock is a healthcare company with more than 400 locations in over 50 countries with 8K plus employees.


Achievements:

  • Approved Information Security (IS) strategy/policy.
  • Approved and published IS und GRC policies.
  • IS awareness concept in place.
  • IS Management Cockpit with defined KPIs.
  • PMI Risk Assessment defined.
  • Security Incident Response Team established.
  • MDR Security Operation Center established.

ISO 27000 agiles Projektmanagement
NIST CSF ISO 27001 IT-Risk Management SIEM SOC
Ottobock
Duderstadt, Niedersachsen
9 Monate
2022-12 - 2023-08

Interim IT-Security Manager EMEA

CISO EMEA Projektmanagement/Projektleitung
CISO EMEA
  • Interim CISO for EMEA


Background:

  • Evident Scientific is a spin-off from Olympus.
  • During 2022 the curve out was prepared and executed end of 2022.


Achievements:

  • Defined PPP Framework
  • IT-risk register EMEA established.
  • UK Cyber Essentials certificate accomplished
  • ISO 27001:2022 Maturity Assessment conducted 

ISO 27000
Projektmanagement/Projektleitung
Evident Scientific Europe GmbH
Hamburg
3 Jahre 3 Monate
2019-07 - 2022-09

Data Privacy Officer

Datenschutzbeauftrager GDPR
Datenschutzbeauftrager

  • Conduct Data Privacy Audits.
  • Implement technical and organizational measurements.
  • General GDPR officer activities.


Background:

  • Linkando.com offers a workplace solution with team rooms and call/video conference function
  • Data Privacy Officer needed according to GDPR


Achievements:

  • Implemented Data Privacy Management System.
  • Create and maintain RPA
  • Establish DPA with all sub-contractors and suppliers.

GDPR
Linkando GmbH
Landau in der Pfalz
4 Monate
2021-10 - 2022-01

Cloud Data Centre Assessment

Cloud Security Auditor Informationssicherheit
Cloud Security Auditor
- Conduct ISO 27001:2021 control assessment.
- Conduct BSI C5 control assessment.
- Define risk-based technical and organizational measurements to improve overall Cyber Security maturity level and resilience.  
ISO 27001
Informationssicherheit
Bechtle AG
Heilbronn (Neckar)
1 Jahr 3 Monate
2020-01 - 2021-03

Security Manager BMW AWS ODP CarData / FleetData

Security Manager ISO 27001 SOC SIEM
Security Manager
  • Define security concept for OpenShift and all relevant applications running on this platform.
  • Provide Security operations concept.
  • Connect Platform and applications to BMW central SOC / Splunk.
  • Regular Pen tests, IAST / SAST scans.


Background:

  • BMW Group provides B2B and B2C services like CarData or FleetData via connected drive /OpenShift infrastructure.
  • OpenShift platform hosted in AWS Cloud.


Achievements:

  • Security concept passed BWM internal Audit without any major or medium issue.
  • Interface to BMW SOC/Splunk established.

ISO 27001 SOC SIEM
BMW AG
München
6 Monate
2019-10 - 2020-03

Propose future IT Strategy

Senior IT-Strategy Consultant
Senior IT-Strategy Consultant
  • As-is analysis of existing IT-Infrastructure and IT-Services
  • As-is analysis of Business processes and mapping of Business process to IT-Services
  • Evaluate options for future IT Strategy and -organization
  • Propose future IT Strategy, based on the evaluated options


Background:

  • Allianz Warranty (AZWA) is an independent Business Unit of Allianz Partners in Germany.
  • Decision about the IT Strategy for the next 5 years outstanding (Integration into Allianz World, staying independent, Hybrid model).


Achievements:

  • As-is documentation created
  • Business processes reviewed with Business Impact Analysis
  • IT-Strategy defined
  • Handover to IT Manager to prepare rollout of defined IT-services and processes.

Allianz Warranty GmbH
1 Jahr 6 Monate
2018-01 - 2019-06

AIT Rollouts

AIT Coordinator APAC Region ITPM Project Controlling PMO
AIT Coordinator APAC Region

  • Responsible for the alignment of the different project pillars.
  • Responsible for the overall project budged controlling.
  • Responsible for the alignment between projects and local CIO´s for whole APAC region.
  • Responsible for the steering of the project execution.


Background:

  • Allianz Information Transition (AIT) projects are mandatory for all Allianz entities worldwide.
  • Including DCC (Data Centre), AVC (Virtual Client), GM (Global Mail), AGN (Network), AGN security services (VPN, RAS, Proxy).


Achievements:

  • Successful rollout of AGN, AGN security services and GM in 2018.
  • Rollouts for AVC and DCC in 2019.

ITPM Project Controlling PMO
Allianz Technology
Bangkok, Singapore, Beijing, Munich
2 Jahre 10 Monate
2016-03 - 2018-12

Profit and Lost responsibility for AVC program.

AVC Program Manager BSI 100-x ISO 27xxx
AVC Program Manager

  • Profit and Lost responsibility for AVC program.
  • Align with Organization Entities (OEs) the rollout plan for AVC.
  • Escalation counterpart for management of OE.
  • Steer rollout preparation and rollout execution.
  • Responsible for the AVC architecture team, package factory, engineering department, rollout team, PMO, finance team (internals and externals).
  • Reporting to top management of Allianz SE.


Background:

  • Allianz Virtual Client (AVC) is the mandatory Workplace solution for all Allianz OEs worldwide with 140K users.
  • Annual program budget approximate 20M Euro.
  • International project team with over 70 members.
  • Program started in 2013.


Achievements:

  • Customization of AVC solution to fit 24/7 operation model of Allianz Partners.
  • Rollout of AVC to over 70K users in Europe and APAC till end of 2018.

Verinice
BSI 100-x ISO 27xxx
Allianz Technology
3 Jahre
2016-01 - 2018-12

Create internal security organization

Security Officer
Security Officer
  • Create internal security organization for over 20 locations/business units in Germany.
  • Define information security policy according to BSI and ISO standards and consult the management in all topics related to information security.
  • Execute audits and follow-up audit findings.


Background:

  • Zentrum für Psychatrie is a public healthcare organization with several thousand employees.
  • Need information security officer to define and implement information security concept.
  • Security concept based on BSI 100-x and ISO 27xxx.
  • Setup and maintain ISMS.


Achievements:

  • BSI 100-1/2 and ISO27xxx information security concept.
  • IT-Emergency concept based on BSI 100-4.
  • Handover of ISMS end of 2018 to successor.

ZfP
1 Jahr
2016-01 - 2016-12

Collect and align all IT-Security relevant requirements

Senior Security Consultant
Senior Security Consultant
  • Collect and align all IT-Security relevant requirements within BMW Group.
  • Create a new SAP IT-Security concept as blueprint.
  • Test new SAP IT-Security concept in production and define worldwide rollout plan.


Background:

  • BMW Group need new IT-Security blueprint for all SAP systems worldwide.


Achievements:

  • New SAP IT-Security concept created.
  • Proof of concept with one productive SAP system in Munich.
  • Create worldwide rollout plan and align with all relevant parties.
  • Handover to Rollout Manager.

BMW Group
2 Jahre
2015-01 - 2016-12

Cloud operations concept

Senior Consultant COBIT ISO 27xxx ISO 20xxx ...
Senior Consultant

  • Create new IT organizational concept, based on Cobit 5 framework.
  • Define IT operational handbook with process and role description, based on Cobit5 framework.
  • IT architecture consulting for Cloud solution.


Background:

  • KIVBF changes whole service delivery to Cloud solution.
  • Need new IT organization and operational concept for service delivery to all public authorities in Baden Württemberg. (3500 Customers).


Achievements:

  • Pilot successful running since January 2015.
  • IT organization concept implemented, and existing staff migrated into new structure.
  • Cloud operations defined and implemented.

COBIT ISO 27xxx ISO 20xxx ITIL
KIVBF
Karlsruhe (Baden)
6 Monate
2016-01 - 2016-06

Re-Design DC infrastructure

Project Manager Re-Design DC infrastructure ITPM Data Centre design Enterprise Architecture ...
Project Manager Re-Design DC infrastructure

  • Define and align overall project plan.
  • Prepare decision paper for CIO after initial analysis of as-is and definition of business and IT requirements.
  • Align with involved stakeholders from suppliers, internal IT, and business the execution of the project plan.
  • Project controlling (cost, budget, resources, milestones).


Background:

  • Design new DC concept based on business and IT requirements collected during the design phase.
  • BIA with RTO / RPO.
  • Regulatory requirements of several countries, including Luxembourg, France, Germany, Italy, UAE, Malaysia.


Achievement:

  • Consolidation of DC infrastructure from worldwide 6 to 2 data centers.
  • Introduction of DR concept for all business lines.
  • Improvement in the overall operations and reduction of IT costs

ITPM Data Centre design Enterprise Architecture TOGAF META ISO 27xxx MARisk
FWU
Munich
1 Jahr
2014-01 - 2014-12

web-based customer interaction system

Project Manager / Compliance Officer ISO 38500 ITPM COBIT 5
Project Manager / Compliance Officer

  • IT Security concept according to ITPM.
  • Risk assessment according to ISO 27001.


Background:

  • BMW SF wants to migrate their business applications to new system, called COFIS. This system has integration of CRM and CIC modules, as well as reporting functions to PBOC, beside of usual SF business applications.


Achievements:

  • Finalized security concept.
  • ITPM review passed for go-live. 

ISO 38500 ITPM COBIT 5
BMW Financial Services China
Beijing
1 Jahr
2014-01 - 2014-12

DLP concept

  • Create business proposal to collect and summarize all requirements from business, IT and legal.
  • Define information protection / DLP concept.


Background:

  • BDSG officer requested a concept to secure customer PII related information.


Achievements:

  • Finalized DLP concept.
  • Successful PoC with 10 different use cases from TNS.
  • Project / roll-out and handover to operations.

TNS Infratest
2 Jahre
2013-01 - 2014-12

IT Coordination Butterfly

IT Coordinator NEV (New Engery Vehicle) ITPM ITIL COBIT 5
IT Coordinator NEV (New Engery Vehicle)

  • Overall steering of IT related activities at BMW in Munich for the Butterfly project at BBA.
  • IT Budget planning.
  • Identify dependencies and risks within the deliverables of the involved business and IT departments.


Background:

  • BMW JV in China (BBA) prepare the start of a new Brand in China, focused on NEV (New Energy Vehicle).


Achievements:

  • Overview of IT activities within BBA and BMW for Butterfly project.
  • Synchronize timelines and efforts to secure IT deliverables within the business scope.

ITPM ITIL COBIT 5
BMW AG
Munich, Shenyang
1 Jahr
2013-01 - 2013-12

IT-Security concept for RnD Center in China

Security Consultant ISO 27xxx ISO 20xxx COBIT 5
Security Consultant

  • Organize workshop with Business and IT stakeholder to clarify requirements.
  • Create business and system proposal according to defined requirements, including necessary applications and tools.
  • Define information security concept.


Background:

  • Audi is in the process to setup an R&D Center in China and needs an information protection concept that fits business and security needs. Focus is on 3rd parties delivering (IT) services to Audi China.


Achievements:

  • Definition of an overall information security concept to protect Audi R&D information against unauthorized access from IT suppliers.

ISO 27xxx ISO 20xxx COBIT 5
Audi AG
Beijing
2 Jahre
2012-01 - 2013-12

BCP/TCM implemenation project phase 2

Project Manager
Project Manager

  • Preparation of DC bid and support purchasing in the process of commercial issues.
  • Make a budget and invest plan for 2012 ? 2014 for the setup and migration of BIA related applications.
  • Create a project plan for the setup of the DC and migration of the BIA related applications till 2014.
  • Steer a multinational project team with (20) team members from UK, Germany, ZA, Singapore and China.


Background:

  • BMW China made a BIA (Business Impact Analysis) and identified several critical applications, hosted in a server room in the office in Beijing.
  • The phase2 of the project was responsible to setup a new DC in Beijing according to BMW standards and migrating business critical applications into the new DC.


Achievements:

  • Successful setup of new DC in Beijing, operated by central IT team.
  • Successful migration of all BIA related applications into the new DC.
  • In time and budget project. 

BMW Group China
Beijing

Aus- und Weiterbildung

Aus- und Weiterbildung

1 Monat
2024-03 - 2024-03

KRITIS Prüfverfahrenskompetenz §8a (3) BSIG

KRITIS Prüfverfahrenskompetenz §8a (3) BSIG, TÜV Süd
KRITIS Prüfverfahrenskompetenz §8a (3) BSIG
TÜV Süd

Position

Position

  • Programm Management
  • Projekt Management (ITPM)
  • IT-Auditor (CISA)
  • Enterprise Architekt (TOGAF/META)
  • IT-Organisation (COBIT)
  • IT-Service Management (ITIL)
  • IT Security Officer
  • IT Security Management
  • IT Workplace
  • Azure Cloud / Office 365
  • CISO

Kompetenzen

Kompetenzen

Top-Skills

IT-Security ISMS Informations IT-Grundschutz CISA Managed Workplace Cloud IT Service Continuity Management IT Servicemanagement NIST CSF ISO 27001 Security Management BSI 200-x NIST-800 Cybersecurity Datensc Security IT- IT-g IT-s

Produkte / Standards / Erfahrungen / Methoden

BSI 100-x
Experte
Citrix
Fortgeschritten
COBIT
Experte
COBIT 5
Experte
Enterprise Architecture
Fortgeschritten
GDPR
Experte
ISO 20xxx
Fortgeschritten
ISO 27001
Experte
ISO 27xxx
Experte
ISO 38500
Experte
IT-Risk Management
Experte
ITIL
Fortgeschritten
MARisk
Fortgeschritten
META
Fortgeschritten
Microsoft
Microsoft Azure
Fortgeschritten
MS Office 365
Fortgeschritten
NIST CSF
Experte
SIEM
Experte
SOC
Experte
TOGAF
VDI Solutions
Fortgeschritten
Verinice
Fortgeschritten
VM-Ware
Fortgeschritten
ISO 31000
Experte
NIST 800-X
Experte
Skills & experience
  • IT-Audits
  • ISO 27xxx, BSI 100-x / 200-x, ISO 38xxx, NIST 800-x, NIST CSF
  • IT-Security Management
  • IT Risk Management (ISO, BSI, COBIT) / IT-GRC
  • DLP / DRM (Integration and Management)
  • ITIL V4, ISO 20000
  • COBIT 5 / 2019
  • META / TOGAF Enterprise Architecture
  • ITPM
  • Cloud Computing / Azure Cloud / Office 365
  • TCM / BCP


Scope of work

  • IT-strategy, -organisation and -architecture
  • Cyber/Information Security (BSI, ISO, NIST, COBIT)
  • IT Governance, Risk and Compliance
  • Data Privacy Officer
  • International (IT) Project Management
  • IT Workplace / Cloud / Office365
  • IT-auditor


Additional Information

  • International project experience since 2004
  • Since 1998 Head of the examination committee chamber of commerce Karlsruhe for IT System Electronics
  • Head of on request
  • Member of  on request
  • Member of  on request
  • Member of  on request
  • Member of  on request
  • Member of  on request
  • Member of  on request

Design / Entwicklung / Konstruktion

Azure Cloud
Data Centre design
ITPM
Office 365
Workplace-Solutions

Managementerfahrung in Unternehmen

international Project Management
IT-GRC
PMO
Progam Management
Project Controlling

Personalverantwortung

Packaging factory
Personalsteuerung internationale Teams
Team Management

Branchen

Branchen

  • Finanzdienstleister
  • Banken
  • Versicherungen
  • Automotive
  • Energieversorger
  • Healthcare

Einsatzorte

Einsatzorte

Muenchen (+50km) Frankfurt am Main (+200km) Karlsruhe (Baden) (+200km) Hannover (+200km) Hamburg (+200km)
Deutschland, Schweiz, Österreich
möglich

Projekte

Projekte

1 Jahr 4 Monate
2023-01 - heute

Cloud Security

Security Matter Expert BMW Cloud Security ISO/IEC 20000 ISO 27000
Security Matter Expert BMW Cloud Security
  • Define security concept for all relevant applications running on the platform.
  • Connect applications to BMW central SOC / Splunk.
  • Regular Pen tests, IAST / SAST / DAST scans.
  • Assure compliance with BMW regulations.


Background:

  • BMW Group provides B2B and B2C services like CarData, FleetData, or Catena X via AWS cloud apps. 


Achievements (so far):

  • Security KPI of over 95% achieved.
  • Compliance KPI of over 90% achieved.

Informationssicherheit Secure coding
ISO/IEC 20000 ISO 27000
BMW Group / OpsSec
München
2 Jahre 4 Monate
2022-01 - heute

Cloud Vendor Assessments

Information Security Auditor Informationssicherheit
Information Security Auditor

  • Cloud Vendor Assessments (CVA) based on DCSO defined security domains (NIST/ISO)


Background:

  • DCSO conducts the Cloud Vendor Assessments (CVA) for VW, BASF, Bayer and Allianz.
  • All cloud-based solutions that shall be used, needs to pass a CVA


Achievements:

  • Conduct successful over 10 assessments in 2022
  • Conduct successful over 10 assessments in 2023

Informationssicherheit
Remote
4 Jahre
2020-01 - 2023-12

Cyber Security Programm

Project Lead NIST CSF ISO 27001 IT-Risk Management ...
Project Lead

  • Define Information Security (IS) roadmap till 2025.
  • Implement an ISMS according to ISO 27001, enriched with NIST-800 and NIST CSF controls.
  • Setup worldwide IS organization.
  • Setup of a worldwide 24/7 Incident Response Team.
  • Conduct a Business Impact Analysis and TCM/BCM concept.


Background:

  • Ottobock is a healthcare company with more than 400 locations in over 50 countries with 8K plus employees.


Achievements:

  • Approved Information Security (IS) strategy/policy.
  • Approved and published IS und GRC policies.
  • IS awareness concept in place.
  • IS Management Cockpit with defined KPIs.
  • PMI Risk Assessment defined.
  • Security Incident Response Team established.
  • MDR Security Operation Center established.

ISO 27000 agiles Projektmanagement
NIST CSF ISO 27001 IT-Risk Management SIEM SOC
Ottobock
Duderstadt, Niedersachsen
9 Monate
2022-12 - 2023-08

Interim IT-Security Manager EMEA

CISO EMEA Projektmanagement/Projektleitung
CISO EMEA
  • Interim CISO for EMEA


Background:

  • Evident Scientific is a spin-off from Olympus.
  • During 2022 the curve out was prepared and executed end of 2022.


Achievements:

  • Defined PPP Framework
  • IT-risk register EMEA established.
  • UK Cyber Essentials certificate accomplished
  • ISO 27001:2022 Maturity Assessment conducted 

ISO 27000
Projektmanagement/Projektleitung
Evident Scientific Europe GmbH
Hamburg
3 Jahre 3 Monate
2019-07 - 2022-09

Data Privacy Officer

Datenschutzbeauftrager GDPR
Datenschutzbeauftrager

  • Conduct Data Privacy Audits.
  • Implement technical and organizational measurements.
  • General GDPR officer activities.


Background:

  • Linkando.com offers a workplace solution with team rooms and call/video conference function
  • Data Privacy Officer needed according to GDPR


Achievements:

  • Implemented Data Privacy Management System.
  • Create and maintain RPA
  • Establish DPA with all sub-contractors and suppliers.

GDPR
Linkando GmbH
Landau in der Pfalz
4 Monate
2021-10 - 2022-01

Cloud Data Centre Assessment

Cloud Security Auditor Informationssicherheit
Cloud Security Auditor
- Conduct ISO 27001:2021 control assessment.
- Conduct BSI C5 control assessment.
- Define risk-based technical and organizational measurements to improve overall Cyber Security maturity level and resilience.  
ISO 27001
Informationssicherheit
Bechtle AG
Heilbronn (Neckar)
1 Jahr 3 Monate
2020-01 - 2021-03

Security Manager BMW AWS ODP CarData / FleetData

Security Manager ISO 27001 SOC SIEM
Security Manager
  • Define security concept for OpenShift and all relevant applications running on this platform.
  • Provide Security operations concept.
  • Connect Platform and applications to BMW central SOC / Splunk.
  • Regular Pen tests, IAST / SAST scans.


Background:

  • BMW Group provides B2B and B2C services like CarData or FleetData via connected drive /OpenShift infrastructure.
  • OpenShift platform hosted in AWS Cloud.


Achievements:

  • Security concept passed BWM internal Audit without any major or medium issue.
  • Interface to BMW SOC/Splunk established.

ISO 27001 SOC SIEM
BMW AG
München
6 Monate
2019-10 - 2020-03

Propose future IT Strategy

Senior IT-Strategy Consultant
Senior IT-Strategy Consultant
  • As-is analysis of existing IT-Infrastructure and IT-Services
  • As-is analysis of Business processes and mapping of Business process to IT-Services
  • Evaluate options for future IT Strategy and -organization
  • Propose future IT Strategy, based on the evaluated options


Background:

  • Allianz Warranty (AZWA) is an independent Business Unit of Allianz Partners in Germany.
  • Decision about the IT Strategy for the next 5 years outstanding (Integration into Allianz World, staying independent, Hybrid model).


Achievements:

  • As-is documentation created
  • Business processes reviewed with Business Impact Analysis
  • IT-Strategy defined
  • Handover to IT Manager to prepare rollout of defined IT-services and processes.

Allianz Warranty GmbH
1 Jahr 6 Monate
2018-01 - 2019-06

AIT Rollouts

AIT Coordinator APAC Region ITPM Project Controlling PMO
AIT Coordinator APAC Region

  • Responsible for the alignment of the different project pillars.
  • Responsible for the overall project budged controlling.
  • Responsible for the alignment between projects and local CIO´s for whole APAC region.
  • Responsible for the steering of the project execution.


Background:

  • Allianz Information Transition (AIT) projects are mandatory for all Allianz entities worldwide.
  • Including DCC (Data Centre), AVC (Virtual Client), GM (Global Mail), AGN (Network), AGN security services (VPN, RAS, Proxy).


Achievements:

  • Successful rollout of AGN, AGN security services and GM in 2018.
  • Rollouts for AVC and DCC in 2019.

ITPM Project Controlling PMO
Allianz Technology
Bangkok, Singapore, Beijing, Munich
2 Jahre 10 Monate
2016-03 - 2018-12

Profit and Lost responsibility for AVC program.

AVC Program Manager BSI 100-x ISO 27xxx
AVC Program Manager

  • Profit and Lost responsibility for AVC program.
  • Align with Organization Entities (OEs) the rollout plan for AVC.
  • Escalation counterpart for management of OE.
  • Steer rollout preparation and rollout execution.
  • Responsible for the AVC architecture team, package factory, engineering department, rollout team, PMO, finance team (internals and externals).
  • Reporting to top management of Allianz SE.


Background:

  • Allianz Virtual Client (AVC) is the mandatory Workplace solution for all Allianz OEs worldwide with 140K users.
  • Annual program budget approximate 20M Euro.
  • International project team with over 70 members.
  • Program started in 2013.


Achievements:

  • Customization of AVC solution to fit 24/7 operation model of Allianz Partners.
  • Rollout of AVC to over 70K users in Europe and APAC till end of 2018.

Verinice
BSI 100-x ISO 27xxx
Allianz Technology
3 Jahre
2016-01 - 2018-12

Create internal security organization

Security Officer
Security Officer
  • Create internal security organization for over 20 locations/business units in Germany.
  • Define information security policy according to BSI and ISO standards and consult the management in all topics related to information security.
  • Execute audits and follow-up audit findings.


Background:

  • Zentrum für Psychatrie is a public healthcare organization with several thousand employees.
  • Need information security officer to define and implement information security concept.
  • Security concept based on BSI 100-x and ISO 27xxx.
  • Setup and maintain ISMS.


Achievements:

  • BSI 100-1/2 and ISO27xxx information security concept.
  • IT-Emergency concept based on BSI 100-4.
  • Handover of ISMS end of 2018 to successor.

ZfP
1 Jahr
2016-01 - 2016-12

Collect and align all IT-Security relevant requirements

Senior Security Consultant
Senior Security Consultant
  • Collect and align all IT-Security relevant requirements within BMW Group.
  • Create a new SAP IT-Security concept as blueprint.
  • Test new SAP IT-Security concept in production and define worldwide rollout plan.


Background:

  • BMW Group need new IT-Security blueprint for all SAP systems worldwide.


Achievements:

  • New SAP IT-Security concept created.
  • Proof of concept with one productive SAP system in Munich.
  • Create worldwide rollout plan and align with all relevant parties.
  • Handover to Rollout Manager.

BMW Group
2 Jahre
2015-01 - 2016-12

Cloud operations concept

Senior Consultant COBIT ISO 27xxx ISO 20xxx ...
Senior Consultant

  • Create new IT organizational concept, based on Cobit 5 framework.
  • Define IT operational handbook with process and role description, based on Cobit5 framework.
  • IT architecture consulting for Cloud solution.


Background:

  • KIVBF changes whole service delivery to Cloud solution.
  • Need new IT organization and operational concept for service delivery to all public authorities in Baden Württemberg. (3500 Customers).


Achievements:

  • Pilot successful running since January 2015.
  • IT organization concept implemented, and existing staff migrated into new structure.
  • Cloud operations defined and implemented.

COBIT ISO 27xxx ISO 20xxx ITIL
KIVBF
Karlsruhe (Baden)
6 Monate
2016-01 - 2016-06

Re-Design DC infrastructure

Project Manager Re-Design DC infrastructure ITPM Data Centre design Enterprise Architecture ...
Project Manager Re-Design DC infrastructure

  • Define and align overall project plan.
  • Prepare decision paper for CIO after initial analysis of as-is and definition of business and IT requirements.
  • Align with involved stakeholders from suppliers, internal IT, and business the execution of the project plan.
  • Project controlling (cost, budget, resources, milestones).


Background:

  • Design new DC concept based on business and IT requirements collected during the design phase.
  • BIA with RTO / RPO.
  • Regulatory requirements of several countries, including Luxembourg, France, Germany, Italy, UAE, Malaysia.


Achievement:

  • Consolidation of DC infrastructure from worldwide 6 to 2 data centers.
  • Introduction of DR concept for all business lines.
  • Improvement in the overall operations and reduction of IT costs

ITPM Data Centre design Enterprise Architecture TOGAF META ISO 27xxx MARisk
FWU
Munich
1 Jahr
2014-01 - 2014-12

web-based customer interaction system

Project Manager / Compliance Officer ISO 38500 ITPM COBIT 5
Project Manager / Compliance Officer

  • IT Security concept according to ITPM.
  • Risk assessment according to ISO 27001.


Background:

  • BMW SF wants to migrate their business applications to new system, called COFIS. This system has integration of CRM and CIC modules, as well as reporting functions to PBOC, beside of usual SF business applications.


Achievements:

  • Finalized security concept.
  • ITPM review passed for go-live. 

ISO 38500 ITPM COBIT 5
BMW Financial Services China
Beijing
1 Jahr
2014-01 - 2014-12

DLP concept

  • Create business proposal to collect and summarize all requirements from business, IT and legal.
  • Define information protection / DLP concept.


Background:

  • BDSG officer requested a concept to secure customer PII related information.


Achievements:

  • Finalized DLP concept.
  • Successful PoC with 10 different use cases from TNS.
  • Project / roll-out and handover to operations.

TNS Infratest
2 Jahre
2013-01 - 2014-12

IT Coordination Butterfly

IT Coordinator NEV (New Engery Vehicle) ITPM ITIL COBIT 5
IT Coordinator NEV (New Engery Vehicle)

  • Overall steering of IT related activities at BMW in Munich for the Butterfly project at BBA.
  • IT Budget planning.
  • Identify dependencies and risks within the deliverables of the involved business and IT departments.


Background:

  • BMW JV in China (BBA) prepare the start of a new Brand in China, focused on NEV (New Energy Vehicle).


Achievements:

  • Overview of IT activities within BBA and BMW for Butterfly project.
  • Synchronize timelines and efforts to secure IT deliverables within the business scope.

ITPM ITIL COBIT 5
BMW AG
Munich, Shenyang
1 Jahr
2013-01 - 2013-12

IT-Security concept for RnD Center in China

Security Consultant ISO 27xxx ISO 20xxx COBIT 5
Security Consultant

  • Organize workshop with Business and IT stakeholder to clarify requirements.
  • Create business and system proposal according to defined requirements, including necessary applications and tools.
  • Define information security concept.


Background:

  • Audi is in the process to setup an R&D Center in China and needs an information protection concept that fits business and security needs. Focus is on 3rd parties delivering (IT) services to Audi China.


Achievements:

  • Definition of an overall information security concept to protect Audi R&D information against unauthorized access from IT suppliers.

ISO 27xxx ISO 20xxx COBIT 5
Audi AG
Beijing
2 Jahre
2012-01 - 2013-12

BCP/TCM implemenation project phase 2

Project Manager
Project Manager

  • Preparation of DC bid and support purchasing in the process of commercial issues.
  • Make a budget and invest plan for 2012 ? 2014 for the setup and migration of BIA related applications.
  • Create a project plan for the setup of the DC and migration of the BIA related applications till 2014.
  • Steer a multinational project team with (20) team members from UK, Germany, ZA, Singapore and China.


Background:

  • BMW China made a BIA (Business Impact Analysis) and identified several critical applications, hosted in a server room in the office in Beijing.
  • The phase2 of the project was responsible to setup a new DC in Beijing according to BMW standards and migrating business critical applications into the new DC.


Achievements:

  • Successful setup of new DC in Beijing, operated by central IT team.
  • Successful migration of all BIA related applications into the new DC.
  • In time and budget project. 

BMW Group China
Beijing

Aus- und Weiterbildung

Aus- und Weiterbildung

1 Monat
2024-03 - 2024-03

KRITIS Prüfverfahrenskompetenz §8a (3) BSIG

KRITIS Prüfverfahrenskompetenz §8a (3) BSIG, TÜV Süd
KRITIS Prüfverfahrenskompetenz §8a (3) BSIG
TÜV Süd

Position

Position

  • Programm Management
  • Projekt Management (ITPM)
  • IT-Auditor (CISA)
  • Enterprise Architekt (TOGAF/META)
  • IT-Organisation (COBIT)
  • IT-Service Management (ITIL)
  • IT Security Officer
  • IT Security Management
  • IT Workplace
  • Azure Cloud / Office 365
  • CISO

Kompetenzen

Kompetenzen

Top-Skills

IT-Security ISMS Informations IT-Grundschutz CISA Managed Workplace Cloud IT Service Continuity Management IT Servicemanagement NIST CSF ISO 27001 Security Management BSI 200-x NIST-800 Cybersecurity Datensc Security IT- IT-g IT-s

Produkte / Standards / Erfahrungen / Methoden

BSI 100-x
Experte
Citrix
Fortgeschritten
COBIT
Experte
COBIT 5
Experte
Enterprise Architecture
Fortgeschritten
GDPR
Experte
ISO 20xxx
Fortgeschritten
ISO 27001
Experte
ISO 27xxx
Experte
ISO 38500
Experte
IT-Risk Management
Experte
ITIL
Fortgeschritten
MARisk
Fortgeschritten
META
Fortgeschritten
Microsoft
Microsoft Azure
Fortgeschritten
MS Office 365
Fortgeschritten
NIST CSF
Experte
SIEM
Experte
SOC
Experte
TOGAF
VDI Solutions
Fortgeschritten
Verinice
Fortgeschritten
VM-Ware
Fortgeschritten
ISO 31000
Experte
NIST 800-X
Experte
Skills & experience
  • IT-Audits
  • ISO 27xxx, BSI 100-x / 200-x, ISO 38xxx, NIST 800-x, NIST CSF
  • IT-Security Management
  • IT Risk Management (ISO, BSI, COBIT) / IT-GRC
  • DLP / DRM (Integration and Management)
  • ITIL V4, ISO 20000
  • COBIT 5 / 2019
  • META / TOGAF Enterprise Architecture
  • ITPM
  • Cloud Computing / Azure Cloud / Office 365
  • TCM / BCP


Scope of work

  • IT-strategy, -organisation and -architecture
  • Cyber/Information Security (BSI, ISO, NIST, COBIT)
  • IT Governance, Risk and Compliance
  • Data Privacy Officer
  • International (IT) Project Management
  • IT Workplace / Cloud / Office365
  • IT-auditor


Additional Information

  • International project experience since 2004
  • Since 1998 Head of the examination committee chamber of commerce Karlsruhe for IT System Electronics
  • Head of on request
  • Member of  on request
  • Member of  on request
  • Member of  on request
  • Member of  on request
  • Member of  on request
  • Member of  on request

Design / Entwicklung / Konstruktion

Azure Cloud
Data Centre design
ITPM
Office 365
Workplace-Solutions

Managementerfahrung in Unternehmen

international Project Management
IT-GRC
PMO
Progam Management
Project Controlling

Personalverantwortung

Packaging factory
Personalsteuerung internationale Teams
Team Management

Branchen

Branchen

  • Finanzdienstleister
  • Banken
  • Versicherungen
  • Automotive
  • Energieversorger
  • Healthcare

Vertrauen Sie auf GULP

Im Bereich Freelancing
Im Bereich Arbeitnehmerüberlassung / Personalvermittlung

Fragen?

Rufen Sie uns an +49 89 500316-300 oder schreiben Sie uns:

Das GULP Freelancer-Portal

Direktester geht's nicht! Ganz einfach Freelancer finden und direkt Kontakt aufnehmen.