• Name auf Anfrage ist ein Unternehmen für strategisches Informations-, Sicherheits- und Service-Management. Unsere Vision ist mit der Kraft unserer Mitarbeiter das Kerngeschäft unserer Kunden zu Unterstützen und deren Marktposition durch digitale Serviceprozesse zu optimieren.

Interner Audit und Prozessanalyse Informationssicherheit und IT-Infrastruktur. Eine der Hauptprioritäten des Kunden ist es, die neuen Supply-Chain-Prozesse mit einer neu gebauten Beschaffungs- und Rechtsabteilung in Einklang zu bringen. Analyse der Lücken und Prozessoptimierungspotenziale gemeinsam mit der Compliance-Abteilung auf Basis der Anforderungen der ISO 27001 und der Kunden-/Vertragsanforderungen. Ein Teil des internen Audits sind technische und organisatorische Interviews, um die Ergebnisse mit der bestehenden Prozessdokumentation abzugleichen. Ziel ist es, den Kunden bei der Grundlage für eine ISO 27001 Readiness zu unterstützen.

Die kommissarische Position des Interim-Informationssicherheitsbeauftragten beinhaltete die Verantwortung für den deutschen Teil der Kundenorganisation mit 2000+ Mitarbeitern in einer holdingorientierten Organisationsstruktur. Unterstützung im Bereich IT-relevanter Prozesse inkl. Etablierung neuer ITIlL-Strukturen, IT-Betriebsprozesse und Architekturbetreuung für eine ganzheitliche Unternehmensarchitektur einschließlich der Entwicklung einer hybriden Azure Landing Zone. Unterstützung der internen GAP-Analyse für ISO 27001 und NIS2 Readyness einschließlich Sicherheitsprozess- und Risikoanalyse im umfassenden Kontext von Produkt- und Lieferkettenprozessen. (ISO 27001 / NIS 2 / Kritis)

Weltweiter Projekt Manager für die O365 Migration von 12.000 Usern von 50.000 in ein internationales Environment mit 5 Sub-PL?s weltweit verteilt (ausgenommen China) inkl. Budget Verantwortlichkeit.

Enhanced Data Security mit O365 Funktionaltäten (z.B. WIP; MFA; ?bring your own certificate?, DLP, ?) und CIS Hardening in einer Hybridumgebung, Entwicklung und Implementierung eines ESAE Environment.

Design, Implementierung und Rollout einer PKI-Infrastruktur für 12.000 User in einer internationalen Umgebung mit O365 Enhanced Security Features für Exchange und Data Protection

(DLP, PKI und Certificate Management, WIP, …) und O365 Client Hardening

• Aufbau des Programms Windows 10 Client und Rollout zur Aktualisierung der Kundeninfrastruktur für ca. 1.100 Lokationen weltweit.

• Projektleitung der Microsoft Workstreams im Rahmen des Migrationsprojektes Windows 10 und Office 365 im internationalen Umfeld eines weltweiten Konzerns

• Projekteitung der Exchange OnPrem Migration für 17.000 Mailboxen im Rahmen des Kunden CarveOuts. 

• Projektleiter Office 365 Enablement & Rollout
• Office 365 Architekt / Projektleiter FNC O365
• Projekt team >25 Mitarbeiter weltweit
• >180 Lokationen sowie >70.000 Users in 70 Ländern
• Management, Resourcen- and Budgetverantwortung
• O365 Architekt und Mitglied des „Center of Excellence“

• Projektleiter Office 365 Enablement & Rollout
• Office 365 Architekt / Projektleiter FNC O365
• Projekt team >25 Mitarbeiter weltweit
• >180 Lokationen sowie >70.000 Users in 70 Ländern
• -Management, Resourcen- and Budgetverantwortung
• O365 Architekt und Mitglied des „Center of Excellence“

• Projektleitung Office 365 Enablement & Rollout
• Management eines 25-köpfigen Projektteams weltweit
• 180 Lokationen mit ca. 50.000 Usern in 40 Ländern
• Ressourcen- und Budgetverantwortung

• Unterschiedliche kleine Projecte im Bereich Windows
  012R2/2016, Exchange, O365, Azure

• Sales/Pre-Sales Consulting
• Produktentwicklung
• Multi-Cloud-Beratung
• IT-Infrastruktur und Solution Architektur
• Aquise-, Angebotsmanagement und Budgetplanung
• Team Management (> 5 Mitarbeiter)
• Fachartikel Autor und Fachvorträge

• Bereichsleitung Enterprise Core Infrastructure & Cloud
  (Personalverantwortung > 5 Mitarbeiter)
• Projekt Management (>10 Mio € Gesamtbudget; 20 Mitarbeiter)
• Strategische Projektausrichtung / Projektcontrolling
• Security Konzepte und Implementierung
• Verantwortlich für Infrastrukturarchitektur und –konzeptionierung
• Vertragsverhandlung, Akquise und Kundenpräsentationen,
  Relationship Management

Budget Responsibility and Leading a Team of 50+ members for a transition Project of 11.000 User from Windows XP to Windows 8.1with a Data Center Infrastructure change. The Infrastructure change was Novell => Active Directory; Novell File Services => Windows Fileserver Cluster; Citrix strategy implementation and planning; Application Management and Migration; Windows Client Rollout. Office Document Migration. Budget Responsibility of ~25 Mio €

Planning an Office 2003 to Office 2010 Migration for the Office Product and the Document Migration. Implementing an Office Document Analysis Reporting.

• Office Migrations-Projekte (MS-Office XP/MS-Office 2003 nach MS-Office 2010)
• Analyse und Vorstudien zu Windows 7 / Office Migrations-Projekten
• Relationship-Management, Akquise und Kundenpräsentationen
• RZ-Performance Analyse und Optimierung

Analyzing and problem solving of a Citrix 4.5 Server Farm in case of performance and Office 2010 problems. Reviewing the Project Management of the customer Office 2010 Migration project and Reporting the Results to the management Board, LAN, QWan Analysis and Concept optimization

Pre Implementation Study to baseline Time and financial budgeting for an Office 2010 Migration Project. 

Requirements:

To give small and mid-size companies the opportunity to move their complete Office management into the cloud system.

Implementation:

Fully virtualized Hyper-V environment with Remote Access and Security Infrastructure. Hosted Exchange Implementation. SQL-Server 2008R2 Setup for real estate cloud software.

• SQL-Server 2008 / 2008 R2 & Business Intelligence
• Private Cloud Konzeptionierung, Implementierung & Management (Windows 2008R2, Exchange 2010 Hosting Environment, Data Protection Manager, Hyper-V, RZ-Management

Migration from AS400 Database to Oracle Database for a real estate Software Migration.

Projekt Management and IT Migrations-Projecte (Client / Server)

• Windows Rollout & Strategy Management
• IT Operations (Windows Server / AD / Database)

Project management, planning and implementation of a new business communications system based on the latest Microsoft technologies. Transfer of old data and e-mail migration to a highly available MS-Cluster system. User migration (150 users) in three locations with file, user, email and application data migration.

• Betriebsführung von Rechnersystemen und Internetapplikationen
• Technische Betreuung und Beratung von Kunden
• Implementierung und Integration von IT-Systemen
• Steuerung (internationalen) Softwareentwicklung
• Implementierung eines Release-Managements
• Realisierung eines Call-Center-Prozessautomatisierungs-Systems
• Planung, Aufbau und Inbetriebnahme komplexer Windows-Umgebungen
• Pflichtenhefterstellung, Auswertung von Herstellerangeboten
• Kundenmanagement

Project management, planning and preparation of specifications for the tender of the software development for Flex Notes. The system was developed as an independent object model for Lotus Notes integration, so that the RUMBA plugin can be controlled with Lotus Notes script.

Support in Firewall administration, Router configuration and VPN-/leased line Management. The computer center is designed in three self-sufficient units with around 600 Servers. The communication is realized on a multi-layer Firewall concept with different Firewall vendors. Beside the six corporate offices the customer connections to (Deutsche Börse Systems, Stock exchange Stuttgart, Stock exchange Frankfurt. Centralized Log file and Alert analysis was developed and implemented.

Planning and implementing of a MS-Enterprise Project Management solution. The customer wanted to centralize its project work and give externals access to specific project information. MS-Project Server was selected as the strategic Platform. The external access through VPN was based on a Cisco PIX solution. Server system was Windows 2003 and SQL-Server 2005. Before using it in production a test installation was implemented on a VM-Ware GSX-Server. After successful Tests System was migrated to a Production Cluster (SQL-Server 2005 Cluster - HP-Server - EMC²-Storage) and load balanced Windows 2003 Web server.

• Strategisches Informations- und Sicherheitsmanagement
• Software-Entwicklung (CMS)
• IT Security Planung, Implementioerung und Prozess Management

Windows NT 4.0 => Windows XP / 2003

Migration of a network with 40 internal and 20 external Users and VPN-Connections to 3rd party corporations. Target was a migration of the whole System Platform to boost system availability, upgrade to new Hardware and Software Versions and relocation to a new office. Individual Recovery Scenarios, VPN and Internet Communication were implemented.

The security policy is based on BS7799 / ISO IEC 17799 as an international Standard about Security Policy and parts of the BSI baseline Protection Manual and other documents e.g. NSA.

Fundamental documents and rules are developed, implemented and controlled by myself.

My assignment was the development, implementation, rollout and documentation of the CONSUL Germany IT-System at two branch offices.

The implementation:

• Windows 2000 Server automated rollout
• Active Directory planning and implementation
• Optimization of replication topology (Düsseldorf, Hamburg and HQ Netherlands)
• User and backup management
• Controlling of the IT-System
• Client remote administration
• Realization of the Security Policy for CONSUL Germany
• LAN / WAN VPN-Configuration
• Firewall administration and implementation (Symantec Enterprise Firewall)

IBM Server and IBM Laptop

Conception, project management and realization of a security concept with VPN-Authentication for the departments Development and Consulting

Requirements:

1. Safe Internet Access
2. Centralized Administration
3. VPN-Access

Component usage:

• Symantec Enterprise Firewall 6.5 and 7.0
• Symantec NetProwler
• Symantec Intruder Alert
• Microsoft ISA-Server
• Aladdin eSafe
• Aladdin eToken as administrator authentication

The customer requested a most restrictive and secures internet access with centralized administration. Only users with hardware token authentication (Aladdin eToken) are authorized to administer the system.

• Produktgestaltung Security
• Technischer Support
• Projektrealisierung
• Durchführung von Workshops und deren Dokumentation
• Fachreferent bei Roadshows mit entsprechenden Produktpräsentationen
• Pre-Sales-Consultancy - Angebots- und Konzepterstellung
• Vertrieb und Kundenmanagement

Secure communication of branches with centralized administration and VPN for home office workers.

Component usage:

• Symantec VelocyRaptor
• Symantec NetProwler
• Microsoft ISA-Server
• COBION Content Filtering

The development, project management and project controlling was centralized organized by myself. The technical realization at the customer was done by employees of the branch office in Karlsruhe.

Conception, development, documenting and realization of a security audit Requirements:

The customer requested a check of their computer center about threads and vulnerabilities and a test of a centralized leased connection about non authorized accesses from outside.

Component usage:

• Symantec NetProwler (Intrusion Detection)
• Symantec NetRecon
• Nessus

Development of a security analysis and a catalogue of recommendations used by a security policy

Component usage:

• BSI baseline Protection Manual (parts)
• BS 7799
• ISO IEC 17799
• NSA Documents

Based on the recommendation of the customer, we developed a basic security policy together.

The customer was transferred in the situation, that they could develop additional security processes by themselves. After the basic analysis we developed a catalogue of recommendations with priorities. In this part of the project we assisted the customer by their Implementation and troubleshooting.

Project management, documentation and redundancy concept of a system based on CISCO components at 30 branch Offices.

A centralized administered VPN was developed. It was a highly recommended task to implement redundancy and availability. All implemented systems are based on a primary leased line and a dialup backup line. The centralized office had a 34 MBit leased primary line and a 2 MBit leased backup line. Due to a financial impact structural separation of the leased line was not realized.

Planning, implementing, documenting and project management for the IT-Reconfiguration in three European countries. (Germany, Austria, France and the central computer center of a SAP R/3 Outsourcing Company in Dortmund)

Based on an enterprise separation the customer’s requirements are a complete reinstallation and purchase of all IT-system components of all branch offices.

Customer requirements:

• Centralized administration of all branch offices
• Roaming user concept (cross location concept)
• Provider selection and Firewall, VPN, IDS and centralized Virus scanning concept
• Migration of all existing data to a new data storage system
• Windows 2000 rollout based on unattended setup
• Centralized automatic software installation with NETINSTALL
• Centralized backup and security management
• Movement of a SAP R/3 systems to new  Hardware in an external computer center
• Centralized system management based on HP-OpenView and HP-ManageX
• Centralized secure internet access
• Detailed Documentation

The implementation timeframe at the customer was defined by 5 working days to do the well prepared Migration.

The whole system was build, configured and tested in a configuration office. Afterwards the components were delivered to each branch office. We had a timeframe of 2 days at each location to install and test the installation. From the central location all post configuration was done over the VPN.

03/00 – 12/00

Ausbildung zum SAP R/3 Basisberater und Project Manager (PMI) über Berufsförderungsdienst der Bundeswehr – Projektleitung und Durchführung eines Migrations-Projektes mit Windows Active Directory (Windows 2003) sowie Client Rollout und RZ-Planung in 3 Europäischen Ländern und SAP
Outsourcing-Rechenzentrum.

03/98 – 03/00

Systemkoordinator und IT-Security Specialist NATO-School(SHAPE)

07/95 – 02/98

Systemprogrammierer im IBM Rechenzentrum (Mainframe)
Amt für Fernmelde- und Informationssysteme der Bundeswehr, Rheinbach

08/93 - 06/95

Datenverarbeitungs-Unteroffizier (Personalwesen) Sicherungs- und Versorgungsregiment BMVg, Bonn

01/93 – 07/93

Grundausbildung, Wachbataillon BMVg
Bergisch Gladbach

Planning of an IT-Configuration for a new building at the

NATO School (SHAPE).

Based on my planning budget was requested and permitted by NATO HQ.

The planning includes telecommunication and all IT-Systems.

Due to this planning, the implementation based on ATM and VoIP. At this timeframe gigabit Ethernet and protocol based bandwidth management are not realizable. All server and client hardware were planned based on Compaq systems. The security guideline for the new building was newly developed in conjunction with NATO security department, because no one has fulfilled such requirements like the one from NATO School (Shape) before.

IT-Reconfiguration and secure system architecture

The rollout planning was based on a most secure network configuration

Requirements:

• Safe migration of all data and a reorganization of the data storage structure
  (100 GB File data, 20 GB Mail data)
• Migration of Exchange from 5.0 to 5.5/2000
• Migration of all Workstation of Windows NT, 95, 98 to 
  Windows NT 4.0
• New implementing, planning and configuring of a new Firewall system
• Centralized software deployment based on MS-SMS and Netinstall

My assignment was a part project management and internal coordinating.
Administration, configuration and controlling of all security components were guided by NATO Security Office and me. 
The NATO School (Shape) has put the focus for this project to Security, stability and ease of management. The users were not able to save any Data to the local System or install 
unauthorized Software. We created a centralized repository for all school data. After a NATO Security check, the System was approved as a C2 compliant network based on Windows NT 4.0.  This was the first C2 approval at NATO. The Network had 150 Workstation and nearly 2.500 Students a year with continually changing Trainers. The Network was divided in 5 physically separated Networks, each for his own classification.