Schlagwörter
Skills
Skills
- Risk Management & Assessments
- Information Security Governance
- Project Coordination
- Information Security Officer
- CISM
- SSCP
- ISO27k1 foundation
- ITIL foundation
- Azure Fundamentals (AZ900)
Projekthistorie
As part of a BaFin Finding the project is directed to complete risk assessments for all critical applications and infrastructure. Due to the time criticality the customer required additional manpower and know-how to achieve the objectives accordingly. I was integrated into the existing team to review completed assessments before submitting them but also to support assessors to fulfill their task of creating the required documentation and to support the team to develop processes and how-to’s to enhance the overall project quality.
Key Qualifications & Responsibilities
- Review risk assessments and discuss the results with asset owners.
- Support asset owner on their task to create documentation and answer the control requirement catalogue.
- Develop and enhance procedures and processes in the coordinating team to improve performance and communication for the project.
Planning, Evaluation, Conception, Testing and Implementation of two separate cloud-based solutions. One solution is targeting an archive storage solution with maximal focus on anonymity and security. The second solution is an active productive environment including mail exchange, storage and IAM for the employees of the costumer.
Key Qualifications & Responsibilities
- Conducting sufficient market analysis to select suitable vendor and provider
- Planning and Conception of the final environment based on the costumer preferences.
- Implementation of the infrastructure including all required software and hardware installation.
- Documentation and Hand-Over to finalize the project.
- Self-Sufficient Project Management
The customer increased its maturity of cyber security a lot over the last years, rolling out new standards and policies for all entities within its scope. As it is now time to ensure the compliance with those standards all entities are required to self-assess the compliance status and our job is to review these assessments and manage the risk register accordingly.
Key Qualifications & Responsibilities
- Working remotely and self-sufficient on reviewing self-risk-assessments.
- Workload management is done by each ISGR review separately. I must balance criticality of assessments, workload and number of assessments with the time available.
- Working with tight schedules and deadlines under high-pressure.
The goal of this project was to provide a fully functional Infrastructure based on Office 365. Due to the size of the costumer MS Azure was not the go to solution. I used the available functionality of Office 365 to provide:
- A simple Sharepoint Page as Information Gateway to employees and contractors.
- A cloud storage with role-base access mode.
- Mailboxes and Certificates
I was part of a team responsible for a new developed Application Connectivity Request System. I was coordinating multiple subprojects, teams, and corresponding stakeholders. As this tool is a huge security gate there was a lot of pressure timewise and content wise. I was responsible for a team working on a subproject which consolidated all common services into one configuration.
Key Qualifications & Responsibilities
- Communication between project teams, clients, and CIO.
- Coordination of different teams with different topics, documentation of meetings, capturing and follow-up of progress and communication of solutions to stakeholders.
- Development of logical solutions to different problems, co-ordination of realization of those solutions.
Our team replaced the Security Information Team in the headquarters of this global concern with more than 80 sub businesses. We took over the implementation of an ISMS to parts of that concern and developed a Information Security Strategy and Program in alignment with the Business Strategy.
I was also responsible for the global implementation of self-assessment tool to capture the information security situation for the whole concern.
Key Qualifications & Responsibilities
- Development of an Information Security Strategy and Program in alignment with the business goals.
- Advising the headquarters on all Information Security relevant topics.
- Supervising the development of a self-assessment tool in Kansas City USA and the global roll-out.
- Coordination of a global Information Security Self-Assessment in alignment with ISO/IEC 27001.
Zertifikate
Reisebereitschaft
Frankfurt Area full-time on-premise possible
Germany partially on-premise possible.