Zurich Gruppe Deutschland: Projekt Manager IAM

• Led the definition and planning of an audit-compliant master authorization concept, including the design of a structured rollout plan.
• Developed a new Joiner-Mover-Leaver (JML) process standard, including the creation of a detailed business concept for handover to the technical workstream.
• Conducted a risk re-evaluation (protection requirements) across several hundred applications to ensure alignment with regulatory and internal security standards.
• Designed and implemented Segregation of Duties (SoD) concepts tailored to various business units.
• Created a mainframe-specific access management concept, including in-depth analysis of privileged mainframe accounts based on Vanguard exports.
• Coordinated the onboarding of privileged mainframe accounts into CyberArk, ensuring secure and compliant integration of legacy infrastructure into modern PAM systems.

Zurich Gruppe Deutschland: Projekt Manager and interims Product Owner

• Led the implementation of the AGP@ARTEMEON software suite to digitalize key Governance, Risk, and Compliance (GRC) functions, aligned with VAIT (Versicherungsaufsichtliche Anforderungen an die IT) and the upcoming DORA (Digital Operational Resilience Act) regulatory requirements.
• Assumed Business and IT ownership for the ARTEMEON application, including responsibilities to fulfill customer-defined compliance objectives and audit requirements.
• Developed a comprehensive third-party management framework, including the creation of action catalogs and communication plans for third-party providers.
• Designed and maintained the information network (Informationsverbund), serving as the foundation for multiple compliance and reporting processes.
• Created and maintained auditable documentation and reporting structures based on the information network, supporting internal and external audits.
• Implemented and managed multiple GRC modules within ARTEMEON, including the VAM (Third-Party Management) and BCM (Business Continuity Management) modules.
• Authored a compliant and audit-ready policy for critical functions, and developed a detailed concept for identifying and managing critical functions within the information network.
• Provided technical oversight of data integrations and imports from various interfaces into ARTEMEON, ensuring data quality, consistency, and up-to-date reporting.
• Ensured ongoing maintenance and operational stability of the information network, acting as the central coordination point between business and IT stakeholders.

Munich RE: Cyber Security Program

• Project Manager for a project within a comprehensive Cyber Security Program, focusing on Privileged Access Management.
• Objective: Enhance the criteria for invoking privileged access and implement downstream controls across the organization.
• Managed the entire project lifecycle from initiation to closure, including Planning, Budgeting, Forecasting, Risk, Issue, and Dependency Management.
• Garnered C-Level attention, with the project being directly requested by the CIO.

Munich RE: Cyber Security Program

• Project Manager for a cyber security enhancement project in the domain of Privileged Access Management.
• Objective: Significantly reduce unregulated local admin access by eliminating personal and locally created accounts from local admin groups organization-wide.
• Oversaw the full project cycle from initiation to closure, encompassing Planning, Budgeting, Forecasting, Risk, Issue, and Dependency Management.

MEAG: KAIT Project

• IT project management for a KAIT project.
• Planning, alignment, and monitoring for UAM activities (Authorization Concept, Entitlement onboarding (AACS), GPAM onboarding, SoD implementation, Recertification, Reconciliation, SIEM).
• Alignment and facilitation of the decision-making processes for the prioritization of IAM application onboarding.
• Facilitation of the decision-making process for Island vs. Full onboarding
• Alignment and reporting for identification of non-personal user accounts (potentially orphan accounts).
• Planning, alignment, and monitoring for ?MR Essentials? (Operating Manual, Change Enablement, CMDB, EAM repository, etc.) incl. trainings, kick-offs, and creation of corresponding documents for the client.
• Planning, alignment, and monitoring for several process management activities (Change Management process, requirements management process, test management, defect management process).
• Covering projects management topics like risk and issues management on operational and management level and status calls for KAIT-C project management.
• Development and automation of dashboards from Azure DevOps to Power BI to Powerpoint (automated presentations from operational level to management).

Munich RE: Interims Management

• IT Operations Manager for Identity and Access management (IAM)
• Support of the Run Organization in various initiatives and additional projects relevant for the One Identity Manager, acting also as Cutover and Hypercare Manager:
• Planning and execution of the One Identity Manager upgrade from version 8.1.2 to 8.2.1
• Introduction of SAP SuccessFactors as the authoritative HR data source and decommissioning of the SAP HCM interface
• Management and facilitation of the IAM operations team (ca. 20 team members) for the One Identity Manager
• Management of continuous improvement initiatives in IAM operations
• As operations manager acting as change owner and gatekeeper for releases in production
• Setup of development, testing and operations processes for the entire delivery pipeline (business requirement to productions release)
• Coverage of project management topics like status / progress reports, risk and issue management on operational and c-level

Chemical & Materials supplier:

• IT Project Management and Consulting for an integration of a Dutch chemicals & materials supplier.
• Focus on IT project management within the separation of central infrastructure services (e.g. Voice, LAN/WLAN, Windows Client, O365 Services Shopfloor Clients, Server).
• Steering of different processes (TSAs/SLAs, Knowledge Transfer, Service hand-over, RAID).
• Infrastructure planning, dependency management/critical path analysis and progress tracking.

Automotive supplier:

• IT Project Management and Consulting for a carve-out / spin-off.
• Focus on IT project management within the separation of central infrastructure services (e.g., Voice, LAN/WLAN, MS Teams, Sharepoint, ITSM-Tool Provisioning, Windows Client, O365 Services, Shopfloor Clients).
• Steering of different processes (TSAs/SLAs, Knowledge Transfer, Service hand-over, RAID).
• Infrastructure planning, dependency management/critical path analysis and progress tracking.
• Development of the business partner access process (Firewall Whitelisting, EXT-Accounts, Access rights, etc.).
• Support of the local service separation for a site with 8000 employees within the area of user support (e.g., AD clean-up, ticketing, printing, etc.).
• Project management support for sites in China, Thailand, Japan (ASEAN).
• Set-up of a process to separate Business Managed Applications and structured/unstructured data.

Automotive supplier:

• IT Carve-Out Factbook (IT landscape, locations, licenses & contracts, entanglements, security, projects, data separation and stand-alone-model).

British multinational company:

• IT Due Diligence: Analysis from IT Strategy, Organization, Infrastructure, Supplier Landscape, IT-Projects, Security, Finance, Web Analytics, Business IT Apps and Processes.

Medical care company:

• Regulatory Due Diligence: Analysis of accreditations and certifications, quality and risk management systems, validation and qualification.

German bank:

• Team lead for an Anti-Money Laundering (AML) project.
• Investigative processing of suspicious activities connected to AML and reporting of money laundering activities to authorities. 

International German reinsurance:

• Preparation and moderation of IT/Business Assumption/Requirement decision-making committees as well as project and Program Management Jour Fixes/Steering Committees.
• Support for agile development of business and IT requirements.
• Support of the process and governance design for the development/acceptance of requirements.
• Development and roll-out of a Budget Controlling and Progress monitoring process and tool for the entire IFRS17 program (MSP, PWA, Excel).

International German bank:

• Investigative processing of money laundering suspicions (AML/CTF) and preparation of money laundering suspicious activity reports for the Financial Intelligence Unit.
• Independent development of a turnover analysis tool (Excel-VBA) for a more efficient money laundering analysis to improve results for the client.
• Technical lead for the locations in Germany (DUS, HAM, BER, FFM, MUC):
  • Trainer and review on new joiners.
  • Assumption of leadership responsibility.
  • Leading status meetings and performance measurement.