Driving and supporting regulatory audits within asset management & financial institutes related to BAIT & KAIT around IT Outsourcings, digital asset IPOs and regulatory permissions.
1 Jahr 4 Monate
2022-08 - 2023-11
Security Consulting & Implementation
Asset Manager
Asset Manager
Security Consulting & Implementation of regulatory controls for global Transition project (cloud).
1 Jahr 7 Monate
2021-01 - 2022-07
Definition and Setup of 1st LoD
Asset Manager
Asset Manager
Definition and Setup of 1st LoD (CISO) and 2nd LoD organisation aligned to different Standards (ISO 2700x, NIST) and regulatory requirements for asset managers (KAIT/ BAIT, ESMA, etc), related to cloud outsourcing and digital asset management.
Bank
1 Jahr 1 Monat
2019-12 - 2020-12
regulated environment due to loss of internal CISO
Asset Manager, Senior Information Security Team Lead
Asset Manager, Senior Information Security Team Lead
Interim Team Lead (CISO) team size 20 colleagues regulated environment due to loss of internal CISO.
1 Jahr 1 Monat
2018-12 - 2019-12
ISMS Implementation
Asset Manager, Senior Information Security ISMS Implementation
Asset Manager, Senior Information Security ISMS Implementation
Implementation of an ISO 2700x ISMS and Setup 3LoD structure aligned to regulatory requirements. Both firms (Düsseldorf & Munich) within a global group havebeen certified for ISO27001
Bank
3 Jahre 11 Monate
2015-01 - 2018-11
Providing Service
Asset Manager, External Manager
Asset Manager, External Manager
Providing Service as external Information Security Manager for different German Asset Managers/ Financial Institutes
3 Jahre 7 Monate
2015-02 - 2018-08
Leading Global Information Security Risk & Compliance Assessments
Senior Information Security Advisor
Senior Information Security Advisor
Leading Global Information Security Risk & Compliance Assessments (aligned to ISO 27001 & different regulatory requirements) on different Implementation, Outsourcing & IPO/ M&A Projects.
Advising on Information Security Remediation approaches.
Bank
5 Monate
2014-10 - 2015-02
Global Information Security Support for a new eDiscovery organisation
Creation of Security Concepts along Bank Security Standards; SPOC for CISO & DPO requests and Security Management for operational Teams in their build-up phase
Bank
1 Jahr 5 Monate
2013-06 - 2014-10
Global Program for CISO Access Management
Program management for a new global application to automatically revoke primary and secondary accesses within regulatory timeframes
Bank
2 Jahre
2011-06 - 2013-05
Global IT Security Problem Management
Global IT Security Problem Management/ IT Security Assessments Central Contact for Security Problem Resolution & IT Security Process Improvements.
Consulting of internal projects to resolve existing IT Security Problems and Audit Contact.
Bank
5 Monate
2011-01 - 2011-05
Execution of Risk Driven Assessments (Audits)
Operational Risk Management Risk Assessor
Operational Risk Management Risk Assessor
Execution of Risk Driven Assessments (Audits)
Bank
5 Monate
2010-08 - 2010-12
Interim CISO and execution of internal IT Audits
Interim IT Security Lead and Auditor
Interim IT Security Lead and Auditor
Interim CISO and execution of internal IT Audits
Bank
1 Jahr 6 Monate
2009-03 - 2010-08
Global IT Risk and Audit Coordination
Central contact person in the area of infrastructure for internal, external and regulatory audits and queries, execution of internal IT security and risk evaluations
Project management in the area of IT security and risk management.
Provision of support during the development of action plans for minimising and managing risk.
Bank
1 Jahr 7 Monate
2007-08 - 2009-02
HERKULES public-private partnership project
Project Manager, & external CISO
Project Manager, & external CISO
Project manager & external CISO of a main division in the HERKULES public-private partnership project, responsible for a Germany-wide client rollout, interim manager of data centre?s operation, consolidation and relocation, interim department manager, support of several projects involving the analysis and planning of high security infrastructures for authorities.
Industry/Authorities
6 Monate
2007-03 - 2007-08
Global outsourcing rollout coordination
Global outsourcing rollout coordination CISO
Global outsourcing rollout coordination CISO
Global outsourcing rollout coordination CISO (Chief Information Security Officer) and CITRM (Chief information technology risk manager); Management of the external provider in IT security matters.
Coordination of common security policies and monitoring of compliance with these.
Industry
3 Monate
2007-01 - 2007-03
Conception and development
Conception and development of a risk-based reporting and license management structure in the field of infrastructure, for a county authority.
Authorities
Further projects on request
Aus- und Weiterbildung
Aus- und Weiterbildung
Education:
Master of Business Administration
Diploma in Business Administration (Tech. College)
Diploma in Computer Science (Tech. College)
Training:
CISA
CISM
CEH
SSCP
ITIL Foundation
CISSP
ISO 27001 Lead Auditor
ISO 27001 Lead Implementer
PMI
IT Security Officer, German Airforce (qualified for NATO Top Secret)
Einsatzorte
Einsatzorte
Frankfurt am Main (+50km)
Deutschland
möglich
Projekte
Projekte
4 Jahre 6 Monate
2020-01 - heute
Driving and supporting regulatory audits
Regulator
Regulator
Parttime.
Driving and supporting regulatory audits within asset management & financial institutes related to BAIT & KAIT around IT Outsourcings, digital asset IPOs and regulatory permissions.
1 Jahr 4 Monate
2022-08 - 2023-11
Security Consulting & Implementation
Asset Manager
Asset Manager
Security Consulting & Implementation of regulatory controls for global Transition project (cloud).
1 Jahr 7 Monate
2021-01 - 2022-07
Definition and Setup of 1st LoD
Asset Manager
Asset Manager
Definition and Setup of 1st LoD (CISO) and 2nd LoD organisation aligned to different Standards (ISO 2700x, NIST) and regulatory requirements for asset managers (KAIT/ BAIT, ESMA, etc), related to cloud outsourcing and digital asset management.
Bank
1 Jahr 1 Monat
2019-12 - 2020-12
regulated environment due to loss of internal CISO
Asset Manager, Senior Information Security Team Lead
Asset Manager, Senior Information Security Team Lead
Interim Team Lead (CISO) team size 20 colleagues regulated environment due to loss of internal CISO.
1 Jahr 1 Monat
2018-12 - 2019-12
ISMS Implementation
Asset Manager, Senior Information Security ISMS Implementation
Asset Manager, Senior Information Security ISMS Implementation
Implementation of an ISO 2700x ISMS and Setup 3LoD structure aligned to regulatory requirements. Both firms (Düsseldorf & Munich) within a global group havebeen certified for ISO27001
Bank
3 Jahre 11 Monate
2015-01 - 2018-11
Providing Service
Asset Manager, External Manager
Asset Manager, External Manager
Providing Service as external Information Security Manager for different German Asset Managers/ Financial Institutes
3 Jahre 7 Monate
2015-02 - 2018-08
Leading Global Information Security Risk & Compliance Assessments
Senior Information Security Advisor
Senior Information Security Advisor
Leading Global Information Security Risk & Compliance Assessments (aligned to ISO 27001 & different regulatory requirements) on different Implementation, Outsourcing & IPO/ M&A Projects.
Advising on Information Security Remediation approaches.
Bank
5 Monate
2014-10 - 2015-02
Global Information Security Support for a new eDiscovery organisation
Creation of Security Concepts along Bank Security Standards; SPOC for CISO & DPO requests and Security Management for operational Teams in their build-up phase
Bank
1 Jahr 5 Monate
2013-06 - 2014-10
Global Program for CISO Access Management
Program management for a new global application to automatically revoke primary and secondary accesses within regulatory timeframes
Bank
2 Jahre
2011-06 - 2013-05
Global IT Security Problem Management
Global IT Security Problem Management/ IT Security Assessments Central Contact for Security Problem Resolution & IT Security Process Improvements.
Consulting of internal projects to resolve existing IT Security Problems and Audit Contact.
Bank
5 Monate
2011-01 - 2011-05
Execution of Risk Driven Assessments (Audits)
Operational Risk Management Risk Assessor
Operational Risk Management Risk Assessor
Execution of Risk Driven Assessments (Audits)
Bank
5 Monate
2010-08 - 2010-12
Interim CISO and execution of internal IT Audits
Interim IT Security Lead and Auditor
Interim IT Security Lead and Auditor
Interim CISO and execution of internal IT Audits
Bank
1 Jahr 6 Monate
2009-03 - 2010-08
Global IT Risk and Audit Coordination
Central contact person in the area of infrastructure for internal, external and regulatory audits and queries, execution of internal IT security and risk evaluations
Project management in the area of IT security and risk management.
Provision of support during the development of action plans for minimising and managing risk.
Bank
1 Jahr 7 Monate
2007-08 - 2009-02
HERKULES public-private partnership project
Project Manager, & external CISO
Project Manager, & external CISO
Project manager & external CISO of a main division in the HERKULES public-private partnership project, responsible for a Germany-wide client rollout, interim manager of data centre?s operation, consolidation and relocation, interim department manager, support of several projects involving the analysis and planning of high security infrastructures for authorities.
Industry/Authorities
6 Monate
2007-03 - 2007-08
Global outsourcing rollout coordination
Global outsourcing rollout coordination CISO
Global outsourcing rollout coordination CISO
Global outsourcing rollout coordination CISO (Chief Information Security Officer) and CITRM (Chief information technology risk manager); Management of the external provider in IT security matters.
Coordination of common security policies and monitoring of compliance with these.
Industry
3 Monate
2007-01 - 2007-03
Conception and development
Conception and development of a risk-based reporting and license management structure in the field of infrastructure, for a county authority.
Authorities
Further projects on request
Aus- und Weiterbildung
Aus- und Weiterbildung
Education:
Master of Business Administration
Diploma in Business Administration (Tech. College)
Diploma in Computer Science (Tech. College)
Training:
CISA
CISM
CEH
SSCP
ITIL Foundation
CISSP
ISO 27001 Lead Auditor
ISO 27001 Lead Implementer
PMI
IT Security Officer, German Airforce (qualified for NATO Top Secret)
Vertrauen Sie auf Randstad
Im Bereich Freelancing
Im Bereich Arbeitnehmerüberlassung / Personalvermittlung