Definition and standardisation of ICT Security solutions for SMEs, leveraging Open Source technologies to provide a secure, cost-effective, and comprehensive framework.

• Designing and structuring the security offering, ensuring alignment with GDPR and ISO 27001
• Identifying and integrating Open Source solutions for mail services, VoIP, centralised access (OpenLDAP + SSO), and certified networking hardware
• Establishing standards for centralised login (LDAP), defining access role matrices and assignments
• Defining centralised logging, monitoring, backup strategies, and disaster recovery
• Analysing centralised log management to generate dashboards and extract key security metrics (VPN usage, failed access attempts, document and folder access patterns)
• Overseeing physical security aspects, including camera systems, access controls, and environmental management
• Collaborating with technical teams to discuss implementation strategies, ensuring feasibility and optimisation
• Continuously evolving security solutions and management processes (offering, planning, implementation, monitoring, ticketing) to enhance efficiency and meet emerging market needs

Conceptualisation of a structured Governance and Assessment Framework to evaluate the maturity, risk, and complexity of client Identity & Access Management and Governance (IAM/G) solutions.

• Strategic Objective Setting with C-Level: Defined IAM/G objectives, budget, and organisational structure, aligning them with the four core pillars (Compliance, Risk Reduction, Automation, and Cost Efficiency).
• Development of a Multi-Stage Questionnaire: Created a tiered survey (e.g., 10 questions for C-Level, 30 for Management, 60 for technical teams) to capture both perceptions and the actual fact base (e.g., integration of all applications, central HR identifiers).
• Validation of Technical Reality: Confirmed the technical realisation by interviewing technical teams (e.g., HR-flow management, standardisation of application connectors).
• Derivation of Priority, Maturity, and Risk: Determined priority, maturity levels, and inherent risks (e.g., risk analysis for in-house developed connectors) based on the collected data.
• Visualisation of Results: Presented findings in Excel Dashboards to clearly illustrate the client's current position and outline the necessary, prioritised measures.

MS System Center Service Manager - Centralisation of IT service requests and incidents into a group-wide IT service based on Microsoft technology (SCSM)

• Analysis of country-specific requirements
• Design concept for a group-wide IT service catalog
• Digitisation of the existing IT service catalog on Share Point
• Definition of the services and approval processes
• Definition of escalation process (1st, 2nd, 3rd level support)
• Reports creation

Digitisation of the project management process

• Migrate the project controlling process from Excel files and PPT to SharePoint
  • Analysis of the existing reporting tools
  • Design and implementation of the database structure
  • Conception and development of input masks
  • Design and implementation of project status reports (PPT, PDF, GANTT)

Digitisation of the HR Joiner process into SharePoint

• Analysis of the requirements of all departments involved
• Definition of the communication and workflow process
• Design and implementation of the database structure
• Conception and development of the input masks
• Definition of the user and access role for the different users

activation" process via SharePoint

• Definition of the minimum technical requirements for customers activation: (QoS, bandwidth, LAN probe)
• Gap analysis for competing services (landline, mobile)
• Creation of a questionnaire as a template for the "Welcome Call" with end customer
• Automation of the "contract visual inspection" process
• Automated email to customer and second level support Team
• Provision to delivery support of all relevant data for activation

Develop a concept for measuring IAG compliance based on the ISO standard 27001: 2005 Domain "Access Control"

• Conception and realisation of a high level design document for a "IAG Compliance Report"
  • Analysis and definition of key compliance indicators (KCI) based on bank policy and regulatory requirements (ISO 27001)
  • Analysis of a IAG compliance concept with regard to the comprehensive IT Staks infrastructure: applications, databases, Operating systems, network and building
  • Definition of the design and layout of the IAG compliance report: Heat map, dashboard and detailed layouts for steering committee and other stakeholders
  • Definition, development and management of change and Escalation process
  • Definition of SLA and SLO for the delivery of necessary Data
  • Distribution and maintenance of the monthly IAG compliance Reports

• Implementation of a centralised "Support Center" for Unified Collaboration & Communication (UCC) and VoIP
• Realisation of a concept requirements document for support Center
• Definition and introduction of company processes
• Organisational roles and responsibilities
• Definition and structure of a project and ticketing Management system
• Development of monitoring systems for end customers (more than 200 Customers and approx. 2000 services)
• Coordination and training of technical staff
• Review of work progress in coordination with the timeline and budget
• Customer advisory
• Implementation and administration on an open source basis: Firewall, proxy, VPN, mail, web, application and DB server, Backup systems, VoIP-PBX, video surveillance, monitoring, shell Scripting, VBA programming
• Implementation of risk analysis, vulnerability assessment and Penetration tests.

IAM - DEV, TEST, OPS - Project Manager for Centralised IAM security platform (PCS)

• PCS is an IAM (Identity Access Management) system with more than 200,000 users and nearly 200 applications. Responsible for the following sub-projects:
  • PCS Production: Team size: 18 people
  • Integration of applications in PCS: Team size: 14 people
  • DDT - separation of roles between application data manager and Database administrators: Team size: 9 people
  • IBM Tivoli Audit - Introduction of the Audit Monitoring System: Team size : 3 persons
  • KeEP (Key Management Encryption Platform) encryption of customer personal data: Team size: 6 people
  • AMOS (IBM Tivoli Access Manager for Operating System - PAM): Team size: 6 people
• Requirements analysis (DEV)
• Conception and realization of the infrastructure design (DEV - TEST)
• Coordination in the development, implementation and Administration of the PCS (OPS)

PCS Brasil

Development of the PCS solution in Brazil (44 servers, 50,000 users, 160,000 services, 3,000,000 authentications per day)

• Requirements analysis
• Conception and realisation of the infrastructure design document
• Maintenance and updating of the PCS Brasil
• Development for the integration of new applications in PCS Brasil
• Maintenance and updating of strong authentication systems
• Team size: 6 people