Company-wide optimization of database activity monitoring using AI-based analytical methods. Development and implementation of a manual database change review framework to strengthen governance, compliance, and operational security. Creation of DPIAs for AI-based security systems.

Complete establishment of a company-wide Information Security Management System. Gap analysis and structured risk assessment with derivable controls. Creation of audit-proof ISMS documentation (policies, processes, statement of applicability, KPIs). Setup of internal audit and compliance framework for certification readiness.

Conducted proof of concept for company-wide XDR solution (Crowdstrike) with integration of firewall, proxy, WAF, and endpoint data (ZScaler). Documentation of compliance, data protection, and AI usage criteria. Development of target operating model including roles, responsibilities, and approval processes.

Time-critical replacement of existing NSPM solution and new implementation based on open-source Cactus Firewall Orchestrator platform. Management of complex vendor escalations with legal and procurement departments. Complete integration into ServiceNow. Management of EU-wide procurement process.

Managed the DORA readiness preparation by identifying all relevant requirements and ensuring ISMS- and DORA-compliant implementation within the existing process landscape. Additionally, coordinated the preparation for BaFin audits (§44 KWG), which included comprehensive evidence management and resulted in a reduction of regulatory findings by over 90%.

Setup of software-defined network based on Cisco ACI. Implementation of network automation (Ansible & CI/CD pipeline). Interim management of 20-person specialist team following departure of internal project management. Complete integration into change & release management framework.

Development of multiple Splunk applications: self-service portal for firewall rules for display and recertification, data analytics solution for firewall ruleset optimization. Requirements engineering with business units. Integration into service operation framework.

Complete automation of firewall rule request process using RPA and ServiceNow flows. Optimization of incident & request fulfillment through intelligent workflow automation. Measurable reduction of manual processing steps by over 75%.

Preparation and execution of semi-annual network security rule recertification (CheckPoint & Fortinet). Reconciliation with IAM orders to ensure policy compliance. Establishment of structured change approval framework.

Conducted ITSM workshops with IT management. Gap analysis and design of BaFin/BAIT-compliant ITSM process landscape. Process modeling in Camunda and Visio. Development of rollout roadmap and introduction of KPI-based process reviews as part of continual service improvement.

Analysis of CMDB architecture with focus on regulatory requirements (MaRisk, BAIT, EBA). Development and rollout of lifecycle management process for application onboarding, recertification, and decommissioning. Development of methodology for identification of critical functions according to EBA guidelines.

Planning and implementation of two-stage firewall integration (dual-vendor principle) for strategic partner companies. Coordination of extensive testing phases with business units and partners. Clearance of BaFin findings. Design and development of tool-based recertification processes (JobRouter) for PKI lifecycle management.

Preparation and execution of EU-wide NSPM procurement (RfP). Market analysis and management of proof-of-concepts with leading vendors (Tufin, FireMon, Algosec). Contract negotiations in coordination with legal, procurement, and procurement authorities. Management of implementation including worldwide escalation management.

Project recovery: time-critical implementation of 24 ITIL processes in IT outsourcing context. Creation of ITIL process manuals including process modeling. Implementation of ITSM tool TOPdesk. Establishment of ISO/IEC 20000 and PCI-DSS compliance. Setup of governance structures and service desk. Successful audit approvals.

Development and coordination of application security concept in collaboration with IT security and corporate security. Coordination of release process for central application installation. Management of standard rollout for 8,000 workstations. KPI-based success tracking. Adaptation of ITSM support processes and integration into ServiceNow.

Management of IT audit office as central interface between IT, internal audit, and external auditors. Coordination of all audit inquiries and execution of auditor interviews. Quality assurance of documentation. Support of internal and external audits. Processing and clearance of regulatory findings.

Coordination, planning, and management of complex mass data provisioning as part of US regulatory monitoring.

Application responsibility for multiple compliance solutions (Anti Money Laundering, Know Your Customer, Watch List Filtering, NICE Actimize). Product lifecycle management. Problem, risk, and escalation management. Initiation and closure of service level agreements (SLA/OLA). Vendor and license management.

Planning of migration of 1,500 applications for new Windows platforms (application readiness). Management of engineering and packaging team. License validation of 900 commercial products including license management consulting and coordination with strategic suppliers. Design of test and defect management process.

Analysis and maturity assessment of existing workplace processes according to ITIL and COBIT. Requirements gathering from business units. Development of new workplace strategy and target alignment with IT management. Participation in procurement process for future workplace providers: RFI/RFP creation, design of service levels for ITIL operational processes and transition phase.

Development of KPI framework and SLA reporting system for provider management following bank merger. Setup of service management reporting system for senior IT management: aggregation and consolidation of incidents/service requests from multiple ticketing systems. Creation of transparency and management capabilities. Handover to line organization including training.

Interim management of second-level support team focusing on integration processes: brand, file, and email migration (over 60,000 mailboxes to Exchange 2007). Design and coordination of support processes. Setup of problem management to increase first-contact resolution rate. Evaluation and optimization of ITSM processes (ITIL, CMMI for Services, COBIT).

Design and implementation of ITIL v3 processes (incident, change, release, service level management, supplier management). Training of process owners and handover. Management of two migration projects for replacement of obsolete IT infrastructure. Setup of internal shared service provider: creation of service portfolio and catalogs, offers, billing models, service contracts. Execution of service improvement program.

Design and implementation of service asset and configuration management process including sub-processes. Requirements gathering via management interviews. Creation of configuration management roadmap. Development of Java tool for impact analysis between IT infrastructure components. Management of global developer team. Development of reporting solution (Eclipse BIRT). Consulting and coaching of process owners.

Setup of business process management and process monitoring. Coordination and implementation of ITIL processes (change, release, configuration management). Development and mapping of processes to ITSM tool. Setup of configuration management database (CMDB).

Large-scale rollout of wireless LAN infrastructure across 330 locations.