Convince yourself of our experience
On this page we present our services and project success of the past years.
2019 Q3 - 2020 Q4
Industry sector: Insurance / Switzerland | ||
| Job: | Tasks: | |
| Multi Project Manager | Project manager for the renewal of the client malware protection including consolidation Project manager for patch management and security configuration management Project Manager for Azur Information Protection with a focus on MS Teams As a multi-project manager, I support the insurance group to set up a modern endpoint security infrastructure for server and client systems, as well as to define operating processes including security incident management in order to organize the cooperation between internal staff and sourcing partners. In the second project, the goal is to create, implement, train and document a patch and security configuration management process according to the latest findings and according to group standards. On the strategic side, I advise the Integration & Operations department to set up a security operations team and thus bring the newly created processes and operational responsibilities into line. In the area of AIP, I support the group in preparing a preliminary study on the use of MS teams and the secure integration into company processes. Other topics included consulting services and workshops on risk assessment (cloud assets) and the expansion of the CMDB functionalities to efficiently support asset management and patch management. | |
2021 Q1 - 2021 Q3
Industry sector: Machine building for the Chip Industry / Netherlands Eindhoven | ||
| Job: | Tasks: | |
| Multi Teamlead of the Information Security Competence Center Strategie Consulting Recruiting new Information Security Talents | ISCC Information Security Expert, Team Lead Information Protection, Team Lead SaaS Security Responsible topics: - Information Classification & Labeling - Information Rights Management - Information storage standards - SaaS security, CASB, risk assessments, cloud solution on-boarding - Process design - Recruitment of new team members - Assistance with tenders and evaluation of offers - Information protection strategy - SaaS security strategy - DLP project audit - Support of the DLP team in setting up the global DLP service | |
2018 Q2
Industry sector: Technology / Automotive | ||
| Job: | Tasks: | |
| Consulting and controlling service for implementation of a vulnerability assessment solution | Consulting the automotive company to implement a vulnerability solution, defining the solution architecture, designing the process incl. integration with existing patch management processes and planning the rollout phases on a global level for all sites and locations. | |
2018 Q3 - 2019 Q2
Industry sector: Technology / Siemens AG (HQ) | ||
| Job: | Tasks: | |
| Sub-Project Manager and Consulting service to implement new security technologies. | Advice and creation of processes, process descriptions, market analyzes and further documents as part of the security initiative (patch management). Creation of training documents on patch management for different manager roles such as asset manager, asset owner, ISO & CISO level. Implementation of the training courses on a global level. The scope of the project was all Siemens locations in all product divisions. | |
2012-2017
Industry sector: Banking | ||
| Job: | Tasks: | |
| Consulting and controlling service regarding Data Leakage Prevention. | DLP Change Managment Process Design, DLP Rule Release Management, IT Analysis of business requirements, development team coordination and testing organization for new DLP rules or product upgrades. | |
2017-2018
Industry sector: Aerospace / Central Banking | ||
| Job: | Tasks: | |
| Sub-Project Manager and Consulting service to implement new security technologies. | Architecture design for Endpoint Security and Vulnerability Management Solutions, Sub-Project Manager and team coordination supporting an international security service deliverer to improve the SOC of a central bank. | |
2011
Industry sector: Banking | ||
| Job: | Tasks: | |
| Consulting service regarding Application Management of globally used IT Risk Management Applications. | Release Management, IT Analysis of business requirements, development of functional specifications, development team coordination and preparation of investment decisions. | |
2010
Industry sector: Engine Construction | ||
| Job: | Tasks: | |
| ISMS Self Assessment according to ISO 27001 & general IT Security related services | Conception, execution and analysis of interviews, effectivity measurement of already implemented controls, advisory notice, presentation of results to top management. Vulnerability Assessment of DMZ systems, presentation and design of a risk assessment method, risk assessment of usage of mobile devices, consulting in regards of security aspects of IT Outsourcing. | |
2007 - 2010
Industry sector: Banking | ||
| Job: | Tasks: | |
| Team Lead Program Management Office of IT Security Governance Department. | Consulting service regarding IT Risk Assessment & Management, support of all IT risk responsible colleagues globally (4000 people spread over 90 countries), consulting service regarding IT-Security training, improvement of IT Risk & Governance processes, enhancement of IT Risk Applications as product manager (requirement analysis, development team coordination, release management, service management). Development of IT Risk Assessment & Management Reporting for CIOs and the management board. | |
2005 - 2007
Industry sector: Automotive | ||
| Job: | Tasks: | |
| Project coordination to design and implement an ISMS according to ISO 27001 as a preparation for the certification of all german sites, Project Lead to enhance prototyp security processes according to regulations of the german VDA as preparation for the certification. | Coordination of internal and external staff members of the ISMS teams. Design, planning and execution of a Self Assessment following ISO 27001 and prototype security, gap-analysis and advisory notice, design and implementation of security processes and policies. Design and execution of a Security Awareness Program. Execution of technical vulnerabilty assessments. Implementation of new security technologies regarding Data Leakage Prevention. Design and development of an Access database to support information security management processes. | |
2005
Industry sector: Semiconductor | ||
| Job: | Tasks: | |
| IT Security Consulting regarding Vulnerability Management | Execution of regular technical vulnerability assessments and consulting services of administrators in terms of remediation. Design, planning and execution of hands on workshops to teach all security officers (Germany, Austria, Switzerland) how to accomplish vulnerabiltiy assessments and to organize system patch management. The workshop location was Zurich and Hamburg. | |
2004
Industry sector: Electronic group of companies | ||
| Job: | Tasks: | |
| IT Security Consulting regarding Vulnerability Management | Design, planning and execution of hands on workshops to teach all security officers EMEA how to accomplish vulnerability assessments and to organize system patch management. The workshop location was Hamburg and Budapest. | |
2003 - 2005
Industry sector: Medical Systems | ||
| Job: | Tasks: | |
| External IT Security Officer | Implementation of group wide defined security policies and controls, development and implementation of local security policies and processes. Design, implementation and coordination of a local CERT (german wide). Monitoring and administration of security tools for intrusion detection, virus protection and vulnerability scanning, risk assessments and consulting services regarding patch management, conception and execution of OS Hardening of controlling servers for x-ray and other medical systems regulated by HIPAA & FDA. | |
2002 - 2003
Industry sector: Packaging | ||
| Job: | Tasks: | |
| IT Security Consultant | Development of an IT Security Manual as a guidance for the company how to implement IT Security Controls according to the german BSI Grundschutzhandbuch. | |
2001 - 2002
Industry sector: Insurance | ||
| Job: | Tasks: | |
| IT Security Consultant | Security monitoring, Firewall und DMZ-Server administration, development and implementation of security policies and tasks to organize a secure service management for DMZ systems. | |