Convince yourself of our experience

Job:

Multi Teamlead of the Information Security Competence Center

Strategie Consulting

Recruiting new Information Security Talents

Task:


ISCC Information Security Expert, Team Lead Information Protection, Team Lead SaaS Security
Responsible topics:
- Information Classification & Labeling
- Information Rights Management
- Information storage standards
- SaaS security, CASB, risk assessments, cloud solution on-boarding
- Process design
- Recruitment of new team members
- Assistance with tenders and evaluation of offers
- Information protection strategy
- SaaS security strategy
- DLP project audit
- Support of the DLP team in setting up the global DLP service

Job:

Multi Projekt Manager

Task:


Project manager for the renewal of the client malware protection including consolidation

Project manager for patch management and security configuration management

Project Manager for Azur Information Protection with a focus on MS Teams

As a multi-project manager, I support the insurance group to set up a modern endpoint security infrastructure for server and client systems, as well as to define operating processes including security incident management in order to organize the cooperation between internal staff and sourcing partners.
In the second project, the goal is to create, implement, train and document a patch and security configuration management process according to the latest findings and according to group standards.
On the strategic side, I advise the Integration & Operations department to set up a security operations team and thus bring the newly created processes and operational responsibilities into line.
In the area of ​​AIP, I support the group in preparing a preliminary study on the use of MS teams and the secure integration into company processes.
Other topics included consulting services and workshops on risk assessment (cloud assets) and the expansion of the CMDB functionalities to efficiently support asset management and patch management.

Job:

Patch Management

Task:


Advice and creation of processes, process descriptions, market analyzes and further documents as part of the security initiative (patch management). Creation of training documents on patch management for different manager roles such as asset manager, asset owner, ISO & CISO level. Implementation of the training courses on a global level. The scope of the project was all Siemens locations in all product divisions.

Job:

Consulting and controlling service for implementation of a vulnerability assessment solution

Task:


Consulting the automotive company to implement a vulnerability solution, defining the solution architecture, designing the process incl. integration with existing patch management processes and planning the rollout phases on a global level for all sites and locations.

Job:

Sub-Project Manager and Consulting service to implement new security technologies.

Task:


Architecture design for Endpoint Security and Vulnerability Management Solutions, Sub-Project Manager and team coordination supporting an international security service deliverer to improve the SOC of a central bank.

Job:

Consulting and controlling service regarding Data Leakage Prevention.

Task:


DLP Change Managment Process Design, DLP Rule Release Management, IT Analysis of business requirements, development team coordination and testing organization for new DLP rules or product upgrades.

Job:

Implementation of an Information Security Policy,
implementation of an IT Risk Assessment Methodology, consulting service regarding know how protection

Tasks:


Consulting service to implement an ISMS according to ISO 27001

Job:

Consulting service regarding Application Management of globally used IT Risk Management Applications.

Task:


Release Management, IT Analysis of business requirements, development of functional specifications, development team coordination and preparation of investment decisions.

Job:

Industry sector: Engine Construction

Job:Tasks:


ISMS Self Assessment according to ISO 27001 & general IT Security related services

Tasks:


Conception, execution and analysis of interviews, effectivity measurement of already implemented controls, advisory notice, presentation of results to top management.
Vulnerability Assessment of DMZ systems, presentation and design of a risk assessment method, risk assessment of usage of mobile devices, consulting in regards of security aspects of IT Outsourcing.

Job:

IT Security Consulting

Tasks:


Vulnerability Assessment of client server environment, consulting service regarding improvement and implementation of security processes.

Job:

IT Security Consulting

Tasks:


Vulnerability Assessment of web servers, consulting service regarding IT Security incident response processes.

Job:

Team Lead Program Management Office of IT Security Governance Department.

Tasks:


Consulting service regarding IT Risk Assessment & Management, support of all IT risk responsible colleagues globally (4000 people spread over 90 countries),  consulting service regarding IT-Security training, improvement of IT Risk & Governance processes, enhancement of IT Risk Applications as product manager (requirement analysis, development team coordination, release management, service management).
Development of IT Risk Assessment & Management Reporting for CIOs and the management board.

Job:

IT Security Consulting

Tasks:


Planning, execution, result analysis and presentation of a Self Assessments following ISO 27001.

Job:

Consulting services regarding disaster recovery planning

Tasks:


Development of disaster recovery plans and manuals covering all data centers of the company.

Job:

Project coordination to design and implement an ISMS according to ISO 27001 as a preparation for the certification of all german sites, Project Lead to enhance prototyp security processes according to regulations of the german VDA as preparation for the certification.

Tasks:


Coordination of internal and external staff members of the ISMS teams. Design, planning and execution of a Self Assessment following ISO 27001 and prototype security, gap-analysis and advisory notice, design and implementation of security processes and policies. Design and execution of a Security Awareness Program. Execution of technical vulnerabilty assessments. Implementation of new security technologies regarding Data Leakage Prevention. Design and development of an Access database to support information security management processes.

Job:

IT Security Consulting regarding Vulnerability Management

Tasks:


Execution of regular technical vulnerability assessments and consulting services of administrators in terms of remediation. Design, planning and execution of hands on workshops to teach all security officers (Germany, Austria, Switzerland) how to accomplish vulnerabiltiy assessments and to organize system patch management. The workshop location was Zurich and Hamburg.

Job:

IT Security Consulting regarding Vulnerability Management

Tasks:


Design, planning and execution of hands on workshops to teach all security officers EMEA how to accomplish vulnerability assessments and to organize system patch management. The workshop location was Hamburg and Budapest.

Job:

External IT Security Officer

Tasks:


Implementation of group wide defined security policies and controls, development and implementation of local security policies and processes. Design, implementation and coordination of a local CERT (german wide). Monitoring and administration of security tools for intrusion detection, virus protection and vulnerability scanning, risk assessments and consulting services regarding patch management, conception and execution of OS Hardening of controlling servers for x-ray and other medical systems regulated by HIPAA & FDA.

Job:

IT Security Consultant

Tasks:


Development of an IT Security Manual as a guidance for the company how to implement IT Security Controls according to the german BSI Grundschutzhandbuch.

Job:

IT Security Consultant

Tasks:


Security monitoring, Firewall und DMZ-Server administration, development and implementation of security policies and tasks to organize a secure service management for DMZ systems.