Manager-Profile

 

                         Jόrgen Grimmer

                                  

PERSONAL DATA        

 

Born 1959 in Miltenberg/Germany

Married, one child

Nationality:  German

Available  :   April 15th 2020 (full time)       

 

 

SPECIFIC KNOWLEDGE & EXPERIENCE

 

 

·        Project and Program Management (PMI/Prince2/SCRUM) e.g. in migration and transition projects as well as in IT outsourcing projects and Data Centre Management tasks

·        IT security project management (Cyber Security, SIEM, CERT, CDC, SOC, SOAR, Cryptography and Encryption Technology - digital certificates/PKI)

·        BCM-Manager (Business Continuity Manager), BCP-Manager (Business Continuity Planning, BIA (Business Impact Analysis Manager)

·        Technical project, test and release management

·        Application management

·        Vendor management / Provider control

·        Service management & Service delivery management

·        PMO, Senior-PMO, PMO-Team-Lead (also on a global scale/virtual)

 

· Industry expertise in aviation through IT outsourcing at Lufthansa Systems as a

  former IT-Manager of Commerzbank AG (Investment-Banking IT)

· Staff and budget responsibility for projects, teams, departments in areas  

  between 5 and greater than 80 employees, for example as head of IT at ABN

  AMRO Bank, Commerzbank - Global Head of Investment-Banking-IT (eSVP –

  executive Senior Vice President/Managing Director), Lead of worldwide Data-

  Centre-Processing at Commerzbank  AG in Investment-Banking

· Various successful project management tasks: for example at SAP AG,

  Lufthansa Systems AG, Lufthansa AG, Deutsche Bank AG, BHF-Bank AG,

  Deutsche Leasing AG or (public sector) HZD – Central Data Processing Centre 

  Hesse, LDI Mainz - Central Data Processing Centre of Rhineland Pfalz

· Usage of virtual international environments (e.g. Deutsche Bank AG, SAP

  AG, Lufthansa Systems etc. - project language always German and English):

 

· Number of subordinated (internal/external) staff members between 5 – 80

· personality with presence - since 2002 successful Interim Executive

· available on short-term basis

· place of residence: Niedernberg/Rhine-Main-Area   

 

 

 

 

 

 

 

 

 

 

PROFESSIONAL EXPERIENCE

 

09/2019 – 12/2019 Airline, Passenger / Transportation

 

Position: Interim Manager (several NDA`s to be observed)

 

Fulfillment of tasks as an interim manager up to the internal occupation of the jobs and training of the employees - successive knowledge transfer during the introduction phase.

 

Definition: SOC onboarding process and SOC onboarding phases for subsidiaries:

• Setup and Initialization (ICD - Interface Control Document)

• SOC (Security Operations Center) Monitoring & Triage Onboarding (Detailed 

   Assessments, Basic Infrastructure Setup, Content Engineering and Content 

   Enrichment)

• Service Onboarding (Core Services, IT Security Testing, Additional Services)

   for subsidiaries.

 

Workshop / Assessment setup, planning and implementation (interviews with questionnaires) with subsidiaries on topics like:

• IT Operations Details and Overview

• Technical Design Deep Dive

• IT Managing Processes Overview (ITIL, ITSM)

• IT security use cases (Standard Use Case Library and individual Use Cases)

 

Adviser function in the field of:

• SIEM Operation (Security Information & Event Management) as well as the

• CERT Setup (Computer Emergency Response Team) and the

• SOAR Tool Selection (Security Orchestration, Automation & Response) as well    

   as PoC-Accompaniment (PoC = Prove of Concept)

 

Process consulting in areas such as:

• Threat intelligence

• Hunting

• Penetration Testing

• Red / Blue Teaming

• Use Case Development

• Run-book creation/update

• Content Management and Content Enrichment

 

Securing Periodic Status Reporting (Kanban) - Project Progress Control.

 

 

07/2018 – 08/2019 (Public Sector)

 

Position: Project Manager (several NDA`s to be observed)

 

·        Project Manager – preparation and execution and validation of PoC & PoV for document management tools – preparation of decision templates - after decision for a document management tool - main focus DMS/Electronic Files, optimization scan processes, implementation & administration of SOP`s for the client)

·        Project Manager/Advisor for CMS and DMS system selection process (PoC, PoV), workflow definition, Advisor for WCMS (Web Content Management Systems)

·        Project Manager migration projects - coordination of work packages as well as coordination with the subject area

·        Project Manager & Coach – digitization and optimization of paper-based data/documents with different sizes and different document quality

·        EU-DSGVO (Implementation and management of deletion scenarios)

·        PMO/Senior-PMO tasks - support project and program management, project planning and coordination, project plan administration & compliance, monitoring of project schedules, milestone control, resource availability, budget planning & control, project documentation, work package definition, moderation of workshops & project meetings, departmental coordination, stakeholder communication, escalation handling, pendency planning/monitoring (to-do) Lists), regular status reporting and presentation (slide preparation) for the steering committees and to decision maker level (decision support) etc.), organization and preparation of steering committee meetings – preparation and quality check of regular project status reporting

·        Test & introduction/ of high-performance record management

·        Project Manager for tasks like indexing, quality assurance, findability/readability and reproduction control of digital documents

·        Project Manager regarding project duration and project costs - collection of quantity structures (e.g. scan time expenditure, static, dynamic documents, time/resource costing for project implementation in production mode)

·        Provider and Service Management – leading negotiations regarding service and communication management (involved parties: service providers, IT department, user departments, stake-holders)

·        Role as senior advisor/coach on questions such as test design, test management/documentation and phased project execution (with the possibility of parallelizing of work streams) – target: cost reduction

·        Advisor IAM tool selection (market study, project support preliminary study, setup PoC, PoV), execution Audit of existing IAM-Solution in connection with license cost reduction

·        Advisor/coach regarding the data centre of the customer – proposal: hardware platform for the DMS system (set up system & application management as well as maintenance)

·        Advisor on data centre rebuilding, infrastructure and data centre consolidation issues

·        Support/Coach for Data Centre Management – strong focus on IT-Asset-Management-Handling and selection/validation of ITSM tools (e.g. FNT) as well as BCM – Business Continuity Management, BCP – Business Continuity Planning, BIA – Business Impact Analysis etc.), control of the observance of ISO standards like: ISO 22301 (Business Continuity Management System), ISO 27001-4, ISO 27031 (Business Continuity), ISO 38500 (IT-Governance), ISO 27019 (Power Supply), ISO 27032 (Guidelines for Cybersecurity), ISO EN 50600 (since 2016) Data Centre Planning/-Certification, EU-DSGVO/GDPR

·        Accompaniment/coaching in the area of feasibility of outsourcing/out-tasking planning

       

 

11/2015 – 06/2018 (Deutsche Bank AG)

 

Position: Project Manager and Senior-PMO (several NDA`s to be observed)

 

·        Project Management Cyber/IT-Security (PMI/agile/ SCRUM)

·        Support of project and program management

·        Senior-PMO in migration and transition projects - preparation of decision templates, coordination of work packages as well as coordination with  subject matter experts (SME’s) and vendors (offshore – India)

·        Coach for migration/transition and digitization as well as IT Risk Classifications (risks and issues)

·        Senior-PMO – preparation, execution and documentation of regular project management meetings (as well as check of work-lists (to-do’s), project progress, project costs, resources,  milestones, project documentation and compliance)

·        Ongoing monitoring/administration of project plans as well as project risks and issues in Clarity on project and program level - ongoing monitoring of project schedules, resource availability and project costs

·        Organization and preparation of steering committee meetings as well as regular project status reporting, slides preparation (stakeholder communication)

·        Preparation and execution of IT risk & vulnerability assessments within projects (support of project and program management)

·        Senior-PMO, PKI – preparation and execution of reviews of the Public Key Infrastructure – operating procedure manuals - ensuring proper documen-tation, HSM (High Security Modules) handling, Key management support)

·        Senior-PMO in the area of digital certificate management, smart card handling and file system encryption

·        Fulfilment of Senior-PMO tasks like support steering of projects, work package composition, gap and risk identification, documentation as well as closings

·        Project Management in the area of global cryptography solutions of the consulted client (SDLC (system/software development life cycle), engineering, development, test management, acceptance by subject areas/departments, release management and deployment)

·        Senior-Advisor in the area of Governance & Control as well as Compliance

·        Preparation and execution of process reviews in the area of Provider-/Service-Management, Release Management/Deployment, Application Management, Requirements-/Scope-/Demand Management

·        Senior-PMO in the area of (offshore and nearshore) Outsourcing/ Outtasking of Incident Management Team (e.g. India)

·        Senior-PMO regulatory banking requirements in Germany (§ 44 Bafin, § 25a/b KWG (German Banking Act), BAIT, MaRisk, Business Continuity, control of the observance of ISO standards like: ISO 22301 (Business Continuity Management System), ISO 27001-4, ISO 27031 (Business Continuity), ISO 38500 (IT-Governance), ISO 27019 (Power Supply), ISO 27032 (Guidelines for Cybersecurity), ISO EN 50600 (since 2016) Data Centre Planning/-Certification,  EU-DSGVO/GDPR

      

 

  

 

10/2013 – 10/2015 (SAP AG)

 

Position: Senior Managing Consultant (Program Manager) strategic advisory function on board member level (SAP USA/Canada) (several NDA΄s to be observed)

 

·        Strategic advisory function on board-member-level regarding SIEM, CERT, CDC, SOC, SOAR (Cyber-Security)

·        Review of degree of fulfilment of regulatory requirements of outsourcing service providers like SAP in the area of regulatory banking requirements in Germany (e.g. BAIT, NIST-Framework, § 44 BaFin, § 25a/b KWG (German Banking Act), BSI-Audits (Federal Office for Security in Information Technology), MaRisk AT8/AT9, IDW PS951/980)

·        IT Risk Classification Advisor (KYC (Know your Customer), CDD (Customer due Diligence)  and AML (Anti Money Laundering)

·        Senior advisor in the area of optimization of strategic event management  regarding BIA, BCP, BCM-Tests (Business Continuity Management as well as Governance & Control & Compliance & Vulnerability Management)

·        Preparation/execution and documentation of ITSCM- and BCM- & Disaster Recovery Tests of complex IT-Landscapes, IT-Security-Gap-Audits and -Analysis, usage of virtual international environments (stakeholder and steering committee communication worldwide)

·        BCM project manager with special focus to RCL (Recovery of Complex IT-Landscapes) – very high critical systems as well as process review/optimization of disaster recovery strategies/plans in Data Centres (security level Tier 4 and Tier 4 plus)

·        Project Management in the area of Big-Data-Analysis (IBM QRadar) regarding vulnerability and intrusion detection

·        Preparation and execution of SIEM–Tool: Splunk (Log file collection, implementation of Splunk agents, indexer, forwarder on premises (Big-Data-Analysis)

·        Project manager in the area of Data Centre, Facility Security & Operations-Management

·        Review possibilities for cost reductions and optimization of document management (DMS/Electronical Files) & Archiving Solutions of SAP (from the perspective of SAP customers)

·        CMS Advisor – setup audit regarding handling of online text processing, dynamic integration of hyperlinks, computer graphics, usage of skins for responsive web design etc.

·        Project manager IT-/Cyber-Security (preparation/execution of risk assess-ment, vulnerability investigations)

·        Process consulting in areas such as: Threat intelligence, Hunting, Penetration Testing, Red / Blue Teaming, Use Case Development, Runbook Creation/Update, Content Management and Content Enrichment

·        Preparation and execution of IT-Security- and IT-Risk-Audits as well as SIEM-Analysis/-Onboarding reviews (real time and forensic)

·        ISMS-System-Advisor

·        Preparation and execution review PKI-Infrastructure, smart card usage, file system encryption

·        Project Manager Cyber-Security - appraisal of the given and required cyber security standards, development of IT-Security-Templates (interviews with system owners, system-application manager, backup-team, software development management

·        IT-Audit/Optimization of IT-Compliance (according laws, regulations, standards)

·        Review/Optimization Service Management (ITIL), and Requirements Management

·        Requirements Management (focus BCM) – audit of fulfilment/gaps regarding the usage of ISO-Standards in application: ISO 9001 (Quality Management), ISO 14000 (Environmental Protection Management), ISO 22301 (specifies requirements to plan, establish, implement, operate, monitor, review, maintain and continually improve a documented management system to protect against, reduce the likelihood of occurrence, prepare for, respond to, and recover from disruptive incidents when they arise) ISO 27001 – 4 (ISO 27001 - Information Security Management System, ISO 27002 - Code of practice for information security controls, ISO 27003 - Security techniques — Information security management systems — Guidance and Security techniques, ISO 27004 - Information security management - monitoring, measurement, analysis and evaluation) and ISO 27031 (Guidelines for information and communication technology readiness for business continuity), ISO 27032 (provides guidance for improving the state of cyber security, drawing out the unique aspects of that activity and its dependencies on other security domains, in particular: information security, network security, internet security, and critical information infrastructure protection (CIIP), ISO EN 50600 Data Centre Planning/-Certification (preliminary stage of the standard)

 

01/2013 – 09/2013 (BHF Bank – was later sold to a French investor)

 

Position: Senior Managing Consultant/Project Manager (NDA’s to be observed)

 

·        Strategic advisory function - IT strategy consulting - creation of increased transparency in the area of cost management, project implementation, provider control (multi-vendor strategy), software development, test procedures and testing efforts, etc. as the Deutsche Bank subsidiary is to be sold to a French investor (decision preparation information for the Managing Board)

·        Project Manager migration and transition project - preparation of decision templates, coordination of work packages as well as coordination with the subject area

·        Provider-/Vendor Management

·        Conduction IT-/Cyber Security and IAM/PAM reviews (SSO – Single Sign on)

·        Senior Advisor risk assessments (regarding OSPs (Outsourcing Service Providers/multi-vendor strategy (ATOS/T-Systems)

·        Consulting in the area KYC (Know your Customer), CDD (Customer due Diligence) and AML (Anti Money Laundering) 

·        § 44 BaFin (software development – separation development – production)

·        Preparation and execution/validation of ITSM tools (e.g. FNT, Matrix42)

·        Project- and Risk Management regarding BCM/Disaster Recovery Ability (§ 25a/b KWG, MaRisk AT8/AT8, IDW PS951/980)

·        Set up BIA (Business Impact Analysis), BCP - (Business Continuity Plan-ning), BCM (Business Continuity Management)  

·        Set up Quality Management

·        Advisor regarding CISA, CISM

·        CMS Advisor – setup audit regarding handling of online text processing, dynamic integration of hyperlinks, computer graphics, usage of skins for responsive web design etc.

·        Improvement of Test-Management/-Design/-Automation (HP ALM)

·        Planning, execution and validation of IT-Security-Audits

·        Conduction SIEM-Analysis and Onboarding processes (IBM QRadar)

·        Advisor for real time and forensic Big-Data-Analysis (IBM QRadar, Splunk in a multi-vendor environment with ATOS/T-Systems)

·        ISMS-System-Advisor/-Analysis-/Design and Implementation-Support

·        Advisor regarding document management (DMS/Electronical Files) & Archiving Solutions (tools selection – conducting PoC- and PoV-Processes)

·        Process Reviews and Optimization (e. g. review, validation and optimization of OTC and Securities Lending processes  

·        Source code-Analysis (COBOL) together with providers from India (Offshore)

·        Management/handling of IT-Outsourcing Providers

·        Vulnerability Management

·        Incident Management etc. at a bank (affiliated company of Deutsche Bank AG)

·        Project Management (PRINCE2/SCRUM)

·        Service Management (ITIL, COBIT)

·        Requirements Management (focus BCM) – audit/validation of fulfilment and to identify gaps regarding the usage of ISO-Standards in application: ISO 9001 (Quality Management), ISO 14000 (Environmental Protection Manage-ment), ISO 22301 (specifies requirements to plan, establish, implement, operate, monitor, review, maintain and continually improve a documented management system to protect against, reduce the likelihood of occurrence, prepare for, respond to, and recover from disruptive incidents when they arise) ISO 27001 – 4 (ISO 27001 - Information Security Management System, ISO 27002 - Code of practice for information security controls, ISO 27003 - Security techniques — Information security management systems — Guidance and Security techniques, ISO 27004 - Information security management - monitoring, measurement, analysis and evaluation) and ISO 27019 (Power Supply), ISO 27031 (Guidelines for information and communication technology readiness for business continuity), ISO 27032 (provides guidance for improving the state of cyber security, drawing out the unique aspects of that activity and its dependencies on other security domains, in particular: information security, network security, internet security, and critical information infrastructure protection (CIIP), ISO EN 50600 Data Centre Planning/-Certification (preliminary stage of the standard)

 

 

 

 

 

 

09/2012 – 12/2012 (Public Sector)

 

Position: Interim Project Manager (several NDA`s to be observed)

 

·        Strategic advisory function

·        Preparation IT-Security Audits

·        Supervision of IT-/Cyber-Security-Audits (e.g. review of PKI-Infrastructure, Big-Data-Analysis, smart card usage, file system encryption)

·        Optimization/validation of IT-Compliance in application (according laws, regulations, standards)

·        Preparation and execution of IAM/PAM reviews

·        Market study IAM solutions/systems

·        Senior Advisor for IT-/Cyber-Security

·        Project set up for risk management (risk assessment, quality manage-ment)

·        Advisor in the area of CISA (Certified Information Systems Audits) and CISM (Certified Information Security Management)

·        Advisor for the validation of vulnerability management processes in application

·        Management task: ensuring the setup of transfer and integration (parallelizing of work streams) of 200 items/specifications into an existing and already outsourced service delivery and risk management infrastructure in compliance with country-specific features (database relocation, quality assurance of existing SLAs)

·        Usage of virtual environments (stakeholder and steering committee communication).

 

04/2012- 08/2012 (Public Sector)

 

Position:  Interim Data Centre Manager (several NDA`s to be observed)

 

·        Strategic advisory function

·        Management of daily IT operations (online/batch)

·        Procurement and purchasing management

·        Optimization of sourcing management in application

·        Review/Optimization of Provider Management in application

·        Setup review P2P process (Procure to Pay)

·        Setup execution of PoC/PoV for handling of electronic payment transactions (process analysis/advantage/disadvantage) in the public sektor

·        Senior Advisor for IT-Controlling/cost management, project progress controls

·        Advisor for RFP-Handling (Tendering – country-/Europe-wide tender management)

·        Advisor for test-management/-design/-automation

·        Service delivery management

·        Setup optimization process for process management (ARIS ITIL-process optimization, streamlining and automation)

·        Advisor vulnerability management (process investigation and validation)

·        Project Management (PRINCE2 & SCRUM)

·        Advisor for document management solutions (DMS/Electronical Files) & support in the area of the optimization of archiving solutions,

·        Operating team management – ensuring a reliable 24/7-hour operation mode

·        Senior advisor in the area of BCM - business continuity management and disaster recovery tests  

·        Conduct audit to validate fulfilments and to identify gaps regarding the usage of ISO-Standards in application like ISO 9001 (Quality Management) ISO 14000 (Environmental Protection Management), ISO 20000 (IT Service Management – ITSM), ISO 27001 – 4 (ISO 27001 - Information Security Management System, ISO 27002 - Code of practice for information security controls, ISO 27003 - Security techniques — Information security management systems — Guidance and Security techniques, ISO 27004 - Information security management - monitoring, measurement, analysis and evaluation) and ISO 27031 (guidelines for information and communication technology readiness for business continuity - BIA, BCP, BCM), ISO EN 50600 Data Centre Planning/-Certification (preliminary stage of the standard)

 

 

09/2011– 03/2012 (Public Sector)

 

Position: Interim Manager - Deputy Head of Data Centre (several NDA`s to be observed)

 

·        Strategic advisory function

·        Management of daily IT operations (online/ batch)

·        DMS and CMS Advisor (workflow review, handling optimization)

·        Advisor in the area of software development management (C++, Java, COBOL) and SDLC (systems/software development life cycle)

·        Conduction source code analysis processes (COBOL - Mainframe) 

·        Advisor for Data-Ware-House handling

·        Optimization of procurement and purchasing management processes

·        Setup PoC of execution of electronic payment transactions (process analysis) in the public sector

·        Provider control and provider-/vendor management process reviews

·        Optimization of IT controlling and project fulfilment

·        Support in the area RFP-Handling (Tendering – country and European wide Tendering (“Ausschreibungs-Management”)

·        Advisor for contract management questions as well as IT asset management

·        Advisor for Data Centre Coupling (wired as well as radio relay)

·        Optimization of  performance measurement

·        Optimization of test management, test design and test automation

·        Support in the area of outsourcing and transition management

·        Service delivery management process optimization

·        Review access control methods in application (IAM, biometric identification, security gates)

·        Optimization of incident management handling (Tool: JIRA)

·        Optimization in the area of document management - digitization and optimization of paper-based data/documents with different sizes and different document quality

·        Test and introduction/ of high-performance record management

·        Project Manager for tasks like indexing, quality assurance, findability/ readability and reproduction control of digital documents

·        Advisor for change management processes (maintenance planning, refresh action (hard-/software) as well as capacity-management

·        Operating team management – ensuring a reliable 24/7-hour operation model, development of a process model to reduce on-call high-availability

·        ITSCM-Advisor (IT Service Continuity Management)

·        Advisor for agile methods (SCRUM coach)

·        Advisor for IT-Audits and Optimizations of IT-Compliance (according laws, regulations, standards)

·        Project Management (PRINCE2/SCRUM)

·        Service Management (ITIL, COBIT)

·        Setup preparation, execution and/or supervision and validation of IT-Security-Audits (e.g. review of PKI-Infrastructures, smart card usage, file system encryption)

·        Setup vulnerability management process

·        Setup big-data-analysis process (Symantec)

·        Senior advisor in the area of BIA, BCP and BCM - Business Continuity Management and Disaster Recovery Tests/Procedures  

·        Conduct audit to validate fulfilments and to identify gaps regarding the usage of ISO-Standards in application like ISO 14000 (Environmental Protection Management), ISO 20000 (IT Service Management – ITSM), ISO 27001 – 4 (ISO 27001 - Information Security Management System, ISO 27002 - Code of practice for information security controls, ISO 27003 - Security techniques — Information security management systems — Guidance and Security techniques, ISO 27004 - Information security management - monitoring, measurement, analysis and evaluation) and and ISO 27031 (guidelines for information and communication technology readiness for business continuity), ISO EN 50600 Data Centre Planning/-Certification (preliminary stage of the standard)

 

IT-Environment: SUN/UNIX, Solaris, HP/UX, IBM/AIX, OS/400, Windows (Windows Server 2003, 2008, XP, Vista etc.), MS-Office, Sharepoint, Lotus Notes, Java, Linux, Oracle, SQL, Data-Ware-House (DWH), PRINCE2, ITIL (ISO 20000), CMMI, CobiT, ISO 14000, ISO 20000, ISO 27000, NIST, Six Sigma, SAP (modules: CO, FI, HR, MM, QM, SD, RE, DART), Remedy, VLAN980, FNT (Data Centre Cockpit), Clarity(CA), ARIS, (Server, Storage etc.), Cloud-Applications, VMware, Windows Server, ISO/IEC 27001/27002, HP-Quality-Centre, Software Development Management – SCRUM-Coach (C++, Java, COBOL)

 

 

10/2010 – 08/2011 (Outsourcing Service Provider)

 

Position: Interim Manager / Project/Program Manager / Senior-PMO (Program Level) (Customers of the client: International Banks in Germany) (several NDA`s to be observed).

 

Outsourcing-Service-Provider – Offer-Management in the area of Data Centre

Outsourcing (Mainframe, SAP Production) for International Banks in Germany,

Management of Workshops with Outsourcing Customers (Boardmembers/ Stakeholders of Banking Institutions regarding § 25a/b KWG, MaRisk AT8/AT9, IDW PS951/980), Conducting DMS-Projects, IT-Business-Case-Audits, Restruc-turing/Reorganization of IT-Projects, Software Development Management (C++, Java, COBOL), Source Code Analysis (COBOL), Data-Ware-House Handling

 

• Strategic advisory function

• Management of subordinated Staff-Members

• Management of the reduction of IT-Production Risks

• Management of complex IT infrastructure environments and projects

• Project Manager migration and transition projects - preparation of decision

   templates, coordination of work packages as well as coordination with the 

   subject area 

• M&A-Management (transfer of operations as well as staff)

• Review and evaluation of current Disaster Recovery Ability of

   international/global acting companies

• Rollout Management

• Optimization of processes (according BSI, PS951, SOX etc.) and strong

   process orientation

• IT-Audit/Optimization of IT-Compliance (according laws, regulations, standards)

• Adaption of workflows and processes (according ITIL, CMMI, ISO2700x, NIST-

   Framework, Six Sigma, CISA, CISM)

• process review and optimization (e. g. review, validation and optimization of 

  OTC (over the counter trading – derivate and securities lending processes)

• RFP-Handling (request for proposal - tendering - “Ausschreibungs-Manage-

  ment”)

• Project Management (according PRINCE2)

• Preparation and presentation of status reports for Board Members, CIO, CEO

• Conducting gap-analysis in the area of the IT-Infrastructure and Data Centre

   Processing as well as BIA - Business Impact Analysis, BCP – Business

   Continuity Planning and BCM Business Continuity Management and Readiness

• Cost management and cost reduction (procurement management)

• Electronic payment transactions (process analysis),

• Provider Management (negotiations, commercial orientation)

• Stakeholder Management, escalation and conflict resolution

• IT-Business-Case-Audits

• Restructuring/Reorganization of IT-Projects

• Home-Office: QA and review of Data Centre Documentation and Manuals

  (completeness, actuality, applicability)

• usage of virtual international environments (project-, stakeholder- and steering

  committee communication)

 

IT-Environment: SUN/UNIX, Solaris, HP/UX, IBM/AIX, IBM/z/OS parallel sysplex, C++, Java, COBOL, Unisys, Windows, MS-Office, Sharepoint, Lotus Notes, Clarity(CA), Java, Linux, Oracle, SQL, Data-Ware-House (DWH), Web-Architectures, PMI/PRINCE2, ITIL, CMMI, COBIT, ISO2700x, NIST, Six Sigma.

 

 

04/2010 – 09/2010 (DWP-Bank Frankfurt - special bank for securities operations)

 

Position: Interim Project Manager (Coach) (several NDA`s to be observed)

 

Bank Institution (acting as an Outsourcing Service Provider for other banking institutions)

 

• Quality-Assurance - SLA-, License-, Contract- and Vendor- Management

• Assurance of the Compliance-Conformity of Business Processes (review) and

   associated User-Documentation (review)

• Conduction and Execution of MMS (Multi Moment Studies)

• Process and Capacity-Analysis, Review of IT-Costs and evaluation of potential

   Cost Savings

• Electronic payment transactions (process analysis and optimization)

• Identification and/or review of outsourcing- and out tasking possibilities

• M&A-Management (transfer of operations as well as staff)

• IT Infrastructure and Architecture as well as Strategy

• IT Security

• Audit/Optimization of IT-Compliance (according laws, regulations, standards)

• IT risk assessment assignments, definition of assessment scope(s),

   preparation and execution of risk assessment workshops, IT risk

   identification, IT risk validation, development of IT risk mitigation action

   plans with temporary IT risk acceptance, IT risk documentation, conduction

   of timely IT risk (issue) resolutions, preparation of periodical IT risk status

   reports and management reporting

• Voice, Data and Audio-Visual Infrastructure and Networks of the Investment

   Bank

• QA of Data Centre Documentation and manuals prior to IT auditing exercises as 

   well as governance and control and compliance investigations

 

IT-Environment: SUN/UNIX, Solaris, AIX, z/OS parallel sysplex, COBOL, Windows, Java, Linux, Oracle, SQL, MS-Office, SharePoint, Lotus Notes, Clarity(CA), Data-Ware-House (DWH), Web-Architectures, PMI/PRINCE2, ITIL, CMMI, COBIT, ISO2700x, NIST.

 

 

07/2009 – 03/2010 (Outsourcing Service Provider)

 

Position: Senior Project Manager (several NDA`s to be observed)

 

(Main-Customers of the client: International Banks with locations in Germany) Outsourcing-Service-Provider – Offer-Management in the area of Data Centre Outsourcing (Mainframe, SAP Production) for International Banks in Germany, Management of Workshops with Outsourcing Customers (Board Members of Banking Institutions), Conducting DMS-Projects, IT-Business-Case-Audits, Restructuring/Reorganization of IT-Projects, Sourcing Management.

 

 

• Strategic advisory function

• Management of subordinated Staff-Members

• Management of the reduction of IT-Production Risks

• Management of complex IT infrastructure environments and projects

• Management of Software-Development-Tasks (e.g. source code analysis in 

   COBOL)

• M&A-Management (transfer of operations as well as staff)

• Review and evaluation of current Disaster Recovery Ability of

   international/global acting companies

• Roll-out Management

• Incident-, change- and capacity-management (Data Centre)

• Conducting gap-analysis in the area of the IT-Infrastructure and Data Centre

   Processing

• Optimization of processes (according BSI, PS951, SOX etc.) and strong

   process orientation

• Audit/Optimization of IT-Compliance (according laws, regulations, standards)

• Adaption of workflows and processes (according ITIL, CMMI, Six Sigma)

• Electronic payment transactions (process analysis and optimization)

• RFP-Handling (Tendering - “Ausschreibungs-Management”)

• Project Management (according PRINCE2)

• Preparation and presentation of status reports for Board Members, CIO, CEO

• Cost management and cost reduction

• Provider Management (negotiations, commercial orientation – SOW (statement

  of work – fix price projects) – Claim Management)

• Stakeholder Management, escalation and conflict resolution

• IT-Business-Case-Audits (SWOT-Analysis)

• Restructuring/Reorganization of IT-Projects

• Support in the area of M&A-Management (transfer/integration of operations

   as well as staff)

• IT Infrastructure and Architecture as well as IT Strategy

• IT Security Advisor

• IT risk assessment assignments, definition of assessment scope(s),

   preparation and execution of risk assessment workshops, IT risk

   identification, IT risk validation, development of IT risk mitigation action

   plans with temporary IT risk acceptance, IT risk documentation, conduction

   of timely IT risk (issue) resolutions, preparation of periodical IT risk status

   reports and management reporting according § 25a/b KWG, MaRisk AT8/AT9,

   IDW PS951/980

• Voice, Data and Audio-Visual Infrastructure and Networks of several

   customers (International Banks)

 

IT-Environment: SUN/UNIX, Solaris, HP/UX, IBM/AIX, IBM/z/OS Parallel Sysplex, C++, Java, COBOL, Unisys, Windows, MS-Office, SharePoint, Lotus Notes, Clarity(CA), Java, Linux, Oracle, SQL, Data-Ware-House (DWH), Web-Architectures, PMI/PRINCE2, ITIL, CMMI, COBIT, ISO2700x, NIST, Six Sigma.

 

 

01/2009 – 06/2009 (International Outsourcing-Service-Provider Logistics/Transport/Air-Cargo/Lufthansa-Systems).

 

Position: Project Manager &  Senior Advisor IT-Strategy & Compliance  (several NDA`s to be observed)

 

• Management of the reduction of IT-Production Risks

• Review and evaluation of the current Disaster Recovery Ability of the ”global

   acting“ Company

• Optimization of processes (according BSI, PS951, SOX etc.)

• Optimization of IT-Compliance (according laws, regulations, standards)

• Adaption of workflows and processes (according ITIL, CMMI, Six Sigma)

• RFP-Handling (Tendering - “Ausschreibungs-Management”)

• Project Management (PRINCE2)

• Review/Optimization of rollout management procedures

• Conducting gap-analysis in the area of the IT-Infrastructure and Data Centre

   Processing

• Review and rating of existing contractual documents, SLA΄s (Service Level

  Agreements) with outsourcing service customers

• Conducting of the review/analysis of the current IT-Infrastructure as well as

   management of the graphical documentation (ARIS)

• Review of the current IT Infrastructure and Architecture as well as Strategy

• Review of the current IT Security Plan

• Audit/Optimization of IT-Compliance (according laws, regulations, standards)

• Conduction of IT risk assessment assignments, definition of assessment

   scope(s), preparation and execution of risk assessment workshops, IT risk

   identification, IT risk validation, development of IT risk mitigation action

   plans with temporary IT risk acceptance, IT risk documentation, conduction

   of timely IT risk (issue) resolutions, preparation of periodical IT risk status

   reports and management reporting

• Voice, Data and Audio-Visual Infrastructure and Networks of Lufthansa as

   well as several outsourcing customers

• Review and test of the existing IT-Infrastructure to prove the given HA (High

   Availability)

• Preparation of proposals in order to move/migrate parts of the existing IT-

   Infrastructure to other DR-compliant (Disaster Recovery) locations

• Usage of virtual international environments (project-, stakeholder- and steering

  committee communication)

 

IT-Environment: SUN/UNIX, Solaris, HP/UX, IBM/AIX, IBM/z/OS parallel sysplex, COBOL, Unisys, Windows, MS-Office, Sharepoint, Lotus Notes, Clarity(CA), Java, Linux, Oracle, SQL, Data-Ware-House (DWH), Web-Architectures, PMI/PRINCE2, ITIL, CMMI, COBIT, ISO2700x, NIST, Six Sigma

 

 

08/2005 – 12/2008 (Consulting Company, Deutsche Bank AG)

 

 

Position: Senior Project Manager (several NDA`s to be observed)

 

·        Strategic advisory function

·        Facility- & Operations-Manager

·        Senior PMO & PMO-Coach in the area Global Production Support

·        Senior Advisor IT-Strategy & Compliance

·        Senior Advisor regarding BIA - Business Impact Analysis, BCP – Business

          Continuity Planning and BCM Business Continuity Management and Readi-

          ness (from the perspective of the outsourcing customer to the outsourcing

          service provider IBM

·        Handling/ Management of critical and “super-critical” Applications of a global basis (First-, Second-, Third-Level-Support)

·        Application-, Software-Development-Management

·        Release-, Test-Management/-Design/-Automation & Deployment)

·        Vulnerability Management

·        IT-Business-Case-Audits

·        Restructuring/Reorganization of IT-Projects

·        Sourcing Management

·        Advisor for usage/use cases of virtual international environments (project-, stakeholder- and steering committee communication).

 

 

 

 

 

 

ADDITIONAL SKILLS / EXPERIENCES

 

 

1985 – today

 

• Several courses in data processing/organization, controlling & project

   controlling, IT-Security, governance & control as well as compliance

• selection of staff combined with management, assessment and support;

• company management & management techniques

• Overseas experience (Bahrain, Netherlands, UK, USA, France, South Africa)

 

 

 

 

 

1987 – today

 

Book author for subjects related to data processing/organization, management of

human resources and quality assurance (ISO 9000), ISO 50600 (Data Centre Planning), Governance & Control, Compliance, BDSG, EU-DSGVO (Implementation of deletion scenarios), IT Security (WEB-Security, Cyber-Security, SIEM, CDC, SOC, CERT, Network-Security, PKI/MPKI-Usage, Certificate Handling etc.), IAM/PAM Single Sign on, IT Strategy, IT Risk Identification & -Management (IT Outsourcing) e.g. § 25a/b KWG, MaRisk AT(/AT9, IDW PS951/PS980), PMO-Services, IT Outsourcing (On-/Offboarding Outsorcing Service Provider), Vulnerability-Management, Big-Data-Analysis (Splunk), Data-Ware-House-Handling, Software-Development and Testing, Data Centre Management (with Cloud Computing), SLA/OLA Management, Negotiation and Administration, M&A Transactions (Transfer of Operation), Network Management and Analysis, Risk-Classifications regarding KYC (Know your Customer), CDD (Customer due Diligence), AML (Anti Money Laundering), validation of IT-Asset-Management-Solutions and ITSM Systems (e.g. FNT, Matrix 42)

 

 

Industry experience/knowledge

 

·        Banking - major/special banks, investment banks/companies, financial services sector

·        Leasing companies

·        Automotive companies

·        Airlines – Avionics

·        Consulting companies

·        Fund companies

·        Logistics

·        OSPs (extensive knowhow in the area) Outsourcing Service Providers (like IBM, Atos, T-Systems, Fujitsu, SCS, HCL Technologies (offshore – India, TATA consultancy services (offshore – India)

·        Public sector (authorities, state computing centres)

·        Software manufacturers (e.g. SAP)

·        Telecommunications companies

 

 

LANGUAGES:

 

fluent in English, German mother tongue