David Wägerle

As co-auditor, I took part in planning and conducting the B3S audit at the KRITIS hospital, including reviewing documents (ISMS according to ISO 27001/B3S, security concepts, risk analyses), preparing and conducting interviews with departments, and inspecting clinical and IT-relevant areas.

I independently evaluated assigned control areas (e.g. information security organization, emergency and continuity management, technical and organizational measures) based on the B3S Medical Care and the legal KRITIS requirements, and formulated findings and recommendations for improvement.

I supported the lead auditor in consolidating the results, preparing the audit report, and deriving measures to improve information and patient security in the hospital.

• Developed a comprehensive information security concept in SAVe 6, taking into account the IT baseline protection BW and applicable NATO guidelines
• Prepared technical annexes for the information security concept, including rights and roles concept, data protection concept, hardening concept, logging and auditing concept, and operation manuals
• Implemented the defined security measures on hardened systems, including configuring operating system and application hardening according to specifications
• Designed and implemented a VS-NfD-compliant disk and file encryption solution, following current classified information guidelines (VSA)
• Planned and implemented secure administration concepts based on SINA (Secunet) solutions
• Supported the design of secure network and segmentation concepts for military environments
• Coordinated the security architecture with clients and prepared approvals and security reviews
• Created instructions for operational staff to implement the technical measures on site
• Documented the implementation of the security concept, including providing evidence to meet ZDv A-960/1 and relevant VSA requirements

• Independently led the project from requirements analysis and design through implementation to the go-live of the on-premises MDM solution
• Set up the MDM infrastructure, including installing, configuring, and maintaining SOTI MobiControl on company servers
• Conducted a full asset inventory and analysis of the current scanner fleet as a basis for rollout planning and lifecycle management
• Developed device configurations, profiles, and policies (e.g. Wi-Fi, apps, kiosk mode, security settings, barcode settings) for Android barcode scanners in a production shift environment
• Planned and executed the rollout of the MDM software and configuration to the scanners within an isolated network segment
• Ensured continuous device management (monitoring, updates, troubleshooting, replacement processes) and defined the operational procedures for ongoing operations
• Collaborated closely with production, IT department, and business units on usability requirements, shift models, and fault tolerance
• Documented the system architecture, operating procedures, and administration guides as a basis for handover to operations