IT Security & Audit Projektmanager Dipl. Inf, Dipl. BW, MBA CISA CISM CEH SSCP ITIL Foundation CISSP ISO 27001 Lead Auditor/ Lead Implementer
Aktualisiert am 25.04.2024
Profil
Freiberufler / Selbstständiger
Remote-Arbeit
Verfügbar ab: 25.04.2024
Verfügbar zu: 100%
davon vor Ort: 100%
IT Security & Audit Projektmanager
BAIT
DORA
MaRisk
KAIT
VAIT
ISO 27000
CISSP
Auditor
English

Einsatzorte

Einsatzorte

Frankfurt am Main (+50km)
Deutschland
möglich

Projekte

Projekte

4 Jahre 4 Monate
2020-01 - heute

Driving and supporting regulatory audits

Regulator
Regulator

  • Parttime. 
  • Driving and supporting regulatory audits within asset management & financial institutes related to BAIT & KAIT around IT Outsourcings, digital asset IPOs and regulatory permissions.

1 Jahr 4 Monate
2022-08 - 2023-11

Security Consulting & Implementation

Asset Manager
Asset Manager
  • Security Consulting & Implementation of regulatory controls for global Transition project (cloud).
1 Jahr 7 Monate
2021-01 - 2022-07

Definition and Setup of 1st LoD

Asset Manager
Asset Manager
  • Definition and Setup of 1st LoD (CISO) and 2nd LoD organisation aligned to different Standards (ISO 2700x, NIST) and regulatory requirements for asset managers (KAIT/ BAIT, ESMA, etc), related to cloud outsourcing and digital asset management.
Bank
1 Jahr 1 Monat
2019-12 - 2020-12

regulated environment due to loss of internal CISO

Asset Manager, Senior Information Security Team Lead
Asset Manager, Senior Information Security Team Lead
  • Interim Team Lead (CISO) team size 20 colleagues regulated environment due to loss of internal CISO.
1 Jahr 1 Monat
2018-12 - 2019-12

ISMS Implementation

Asset Manager, Senior Information Security ISMS Implementation
Asset Manager, Senior Information Security ISMS Implementation
  • Implementation of an ISO 2700x ISMS and Setup 3LoD structure aligned to regulatory requirements. Both firms (Düsseldorf & Munich) within a global group havebeen certified for ISO27001
Bank
3 Jahre 11 Monate
2015-01 - 2018-11

Providing Service

Asset Manager, External Manager
Asset Manager, External Manager
  • Providing Service as external Information Security Manager for different German Asset Managers/ Financial Institutes
3 Jahre 7 Monate
2015-02 - 2018-08

Leading Global Information Security Risk & Compliance Assessments

Senior Information Security Advisor
Senior Information Security Advisor
  • Leading Global Information Security Risk & Compliance Assessments (aligned to ISO 27001 & different regulatory requirements) on different Implementation, Outsourcing & IPO/ M&A Projects. 
  • Advising on Information Security Remediation approaches.
Bank
5 Monate
2014-10 - 2015-02

Global Information Security Support for a new eDiscovery organisation

  • Creation of Security Concepts along Bank Security Standards; SPOC for CISO & DPO requests and Security Management for operational Teams in their build-up phase
Bank
1 Jahr 5 Monate
2013-06 - 2014-10

Global Program for CISO Access Management

  • Program management for a new global application to automatically revoke primary and secondary accesses within regulatory timeframes
Bank
2 Jahre
2011-06 - 2013-05

Global IT Security Problem Management

  • Global IT Security Problem Management/ IT Security Assessments Central Contact for Security Problem Resolution & IT Security Process Improvements. 
  • Consulting of internal projects to resolve existing IT Security Problems and Audit Contact.
Bank
5 Monate
2011-01 - 2011-05

Execution of Risk Driven Assessments (Audits)

Operational Risk Management Risk Assessor
Operational Risk Management Risk Assessor
  • Execution of Risk Driven Assessments (Audits)
Bank
5 Monate
2010-08 - 2010-12

Interim CISO and execution of internal IT Audits

Interim IT Security Lead and Auditor
Interim IT Security Lead and Auditor
  • Interim CISO and execution of internal IT Audits
Bank
1 Jahr 6 Monate
2009-03 - 2010-08

Global IT Risk and Audit Coordination

  • Central contact person in the area of infrastructure for internal, external and regulatory audits and queries, execution of internal IT security and risk evaluations
  • Project management in the area of IT security and risk management. 
  • Provision of support during the development of action plans for minimising and managing risk.
Bank
1 Jahr 7 Monate
2007-08 - 2009-02

HERKULES public-private partnership project

Project Manager, & external CISO
Project Manager, & external CISO
  • Project manager & external CISO of a main division in the HERKULES public-private partnership project, responsible for a Germany-wide client rollout, interim manager of data centre?s operation, consolidation and relocation, interim department manager, support of several projects involving the analysis and planning of high security infrastructures for authorities.
Industry/Authorities
6 Monate
2007-03 - 2007-08

Global outsourcing rollout coordination

Global outsourcing rollout coordination CISO
Global outsourcing rollout coordination CISO
  • Global outsourcing rollout coordination CISO (Chief Information Security Officer) and CITRM (Chief information technology risk manager); Management of the external provider in IT security matters. 
  • Coordination of common security policies and monitoring of compliance with these.
Industry
3 Monate
2007-01 - 2007-03

Conception and development

  • Conception and development of a risk-based reporting and license management structure in the field of infrastructure, for a county authority.
Authorities

Aus- und Weiterbildung

Aus- und Weiterbildung

Education:

  • Master of Business Administration
  • Diploma in Business Administration (Tech. College)
  • Diploma in Computer Science (Tech. College)


Training:

  • CISA
  • CISM
  • CEH
  • SSCP
  • ITIL Foundation
  • CISSP
  • ISO 27001 Lead Auditor
  • ISO 27001 Lead Implementer
  • PMI
  • IT Security Officer, German Airforce (qualified for NATO Top Secret)

Einsatzorte

Einsatzorte

Frankfurt am Main (+50km)
Deutschland
möglich

Projekte

Projekte

4 Jahre 4 Monate
2020-01 - heute

Driving and supporting regulatory audits

Regulator
Regulator

  • Parttime. 
  • Driving and supporting regulatory audits within asset management & financial institutes related to BAIT & KAIT around IT Outsourcings, digital asset IPOs and regulatory permissions.

1 Jahr 4 Monate
2022-08 - 2023-11

Security Consulting & Implementation

Asset Manager
Asset Manager
  • Security Consulting & Implementation of regulatory controls for global Transition project (cloud).
1 Jahr 7 Monate
2021-01 - 2022-07

Definition and Setup of 1st LoD

Asset Manager
Asset Manager
  • Definition and Setup of 1st LoD (CISO) and 2nd LoD organisation aligned to different Standards (ISO 2700x, NIST) and regulatory requirements for asset managers (KAIT/ BAIT, ESMA, etc), related to cloud outsourcing and digital asset management.
Bank
1 Jahr 1 Monat
2019-12 - 2020-12

regulated environment due to loss of internal CISO

Asset Manager, Senior Information Security Team Lead
Asset Manager, Senior Information Security Team Lead
  • Interim Team Lead (CISO) team size 20 colleagues regulated environment due to loss of internal CISO.
1 Jahr 1 Monat
2018-12 - 2019-12

ISMS Implementation

Asset Manager, Senior Information Security ISMS Implementation
Asset Manager, Senior Information Security ISMS Implementation
  • Implementation of an ISO 2700x ISMS and Setup 3LoD structure aligned to regulatory requirements. Both firms (Düsseldorf & Munich) within a global group havebeen certified for ISO27001
Bank
3 Jahre 11 Monate
2015-01 - 2018-11

Providing Service

Asset Manager, External Manager
Asset Manager, External Manager
  • Providing Service as external Information Security Manager for different German Asset Managers/ Financial Institutes
3 Jahre 7 Monate
2015-02 - 2018-08

Leading Global Information Security Risk & Compliance Assessments

Senior Information Security Advisor
Senior Information Security Advisor
  • Leading Global Information Security Risk & Compliance Assessments (aligned to ISO 27001 & different regulatory requirements) on different Implementation, Outsourcing & IPO/ M&A Projects. 
  • Advising on Information Security Remediation approaches.
Bank
5 Monate
2014-10 - 2015-02

Global Information Security Support for a new eDiscovery organisation

  • Creation of Security Concepts along Bank Security Standards; SPOC for CISO & DPO requests and Security Management for operational Teams in their build-up phase
Bank
1 Jahr 5 Monate
2013-06 - 2014-10

Global Program for CISO Access Management

  • Program management for a new global application to automatically revoke primary and secondary accesses within regulatory timeframes
Bank
2 Jahre
2011-06 - 2013-05

Global IT Security Problem Management

  • Global IT Security Problem Management/ IT Security Assessments Central Contact for Security Problem Resolution & IT Security Process Improvements. 
  • Consulting of internal projects to resolve existing IT Security Problems and Audit Contact.
Bank
5 Monate
2011-01 - 2011-05

Execution of Risk Driven Assessments (Audits)

Operational Risk Management Risk Assessor
Operational Risk Management Risk Assessor
  • Execution of Risk Driven Assessments (Audits)
Bank
5 Monate
2010-08 - 2010-12

Interim CISO and execution of internal IT Audits

Interim IT Security Lead and Auditor
Interim IT Security Lead and Auditor
  • Interim CISO and execution of internal IT Audits
Bank
1 Jahr 6 Monate
2009-03 - 2010-08

Global IT Risk and Audit Coordination

  • Central contact person in the area of infrastructure for internal, external and regulatory audits and queries, execution of internal IT security and risk evaluations
  • Project management in the area of IT security and risk management. 
  • Provision of support during the development of action plans for minimising and managing risk.
Bank
1 Jahr 7 Monate
2007-08 - 2009-02

HERKULES public-private partnership project

Project Manager, & external CISO
Project Manager, & external CISO
  • Project manager & external CISO of a main division in the HERKULES public-private partnership project, responsible for a Germany-wide client rollout, interim manager of data centre?s operation, consolidation and relocation, interim department manager, support of several projects involving the analysis and planning of high security infrastructures for authorities.
Industry/Authorities
6 Monate
2007-03 - 2007-08

Global outsourcing rollout coordination

Global outsourcing rollout coordination CISO
Global outsourcing rollout coordination CISO
  • Global outsourcing rollout coordination CISO (Chief Information Security Officer) and CITRM (Chief information technology risk manager); Management of the external provider in IT security matters. 
  • Coordination of common security policies and monitoring of compliance with these.
Industry
3 Monate
2007-01 - 2007-03

Conception and development

  • Conception and development of a risk-based reporting and license management structure in the field of infrastructure, for a county authority.
Authorities

Aus- und Weiterbildung

Aus- und Weiterbildung

Education:

  • Master of Business Administration
  • Diploma in Business Administration (Tech. College)
  • Diploma in Computer Science (Tech. College)


Training:

  • CISA
  • CISM
  • CEH
  • SSCP
  • ITIL Foundation
  • CISSP
  • ISO 27001 Lead Auditor
  • ISO 27001 Lead Implementer
  • PMI
  • IT Security Officer, German Airforce (qualified for NATO Top Secret)

Vertrauen Sie auf GULP

Im Bereich Freelancing
Im Bereich Arbeitnehmerüberlassung / Personalvermittlung

Fragen?

Rufen Sie uns an +49 89 500316-300 oder schreiben Sie uns:

Das GULP Freelancer-Portal

Direktester geht's nicht! Ganz einfach Freelancer finden und direkt Kontakt aufnehmen.