Dirk M. - Senior Program Manager & CISO | IT Transformation, Cybersecurity & GRC Leader

Go to Website

Wissembourg, France

Experience

May 2024 - Dec 2024

8 months

Project Lead

Sulzer GmbH

Lead the DevOps Team.
Acted as bridgehead to BMW for all topics.
Coordinated with development partners in Germany and India.

Achievements:

Established PIC process to reduce tickets and escalations.
Created inter-team communication between five teams in Germany and India.
Increased customer satisfaction index from 2 to 4 on a scale of 5.

Jan 2023 - Dec 2025

3 years

OpsSec2023-2025

BMW Group

Defined security concepts for all relevant applications running on AWS cloud platform.
Connected applications to BMW central SOC/Splunk.
Regular Pen tests, IAST/SAST/DAST application scans.
Ensured compliance with BMW regulations.

Achievements:

Achieved over 95% Security KPI.
Compliance KPI exceeded 90%.

Dec 2022 - Aug 2023

9 months

Interim CISO EMEA

Evident Scientific GmbH

Served as EMEA Interim CISO after Evident Scientific spin-off from Olympus.
Defined PPP framework.
Established an IT-risk register for EMEA.
Accomplished UK Cyber Essentials certification.
Conducted ISO 27001:2022 maturity assessment.

Jan 2022 - Present

4 years

Lorem ipsum dolor sit amet

DCSO GmbH

Conducted Cloud Vendor Assessments (CVA) based on DCSO defined security domains (NIST/ISO).

Achievements:

Successfully completed over 10 assessments in 2022.
Successfully completed over 10 assessments in 2023.

Oct 2021 - Jan 2022

4 months

Lorem ipsum dolor sit amet

Bechtle AG

Conducted ISO 27001:2021 control assessment.
Conducted BSI C5 control assessment.
Defined risk-based technical and organizational measures to improve Cyber Security maturity level and resilience.

Achievements:

Created and presented final report to Board and CISO.

Jan 2020 - Dec 2023

4 years

Head of Information Security Program

Ottobock

Defined Information Security (IS) roadmap till 2025.
Implemented ISMS according to ISO 27001, enriched with NIST-800 and NIST CSF controls.
Set up worldwide IS organization and a 24/7 Incident Response Team.
Conducted Business Impact Analysis and TCM/BCM concepts.
Designed and implemented endpoint protection, data classification, and data loss prevention concepts.

Achievements:

Approved Information Security (IS) strategy and policy.
Published IS and GRC policies.
Established IS awareness concepts and management cockpit with defined KPIs.
Established MDR Security Operation Center and Security Incident Response Team.
Implemented endpoint protection on over 8K endpoints with sentinel monitoring.
Integrated data classification and data loss prevention into business processes.

Jan 2020 - Mar 2021

1 year 3 months

OpsSec2020

BMW Group

Defined and implemented security concepts for OpenShift platform and associated applications hosted in AWS Cloud.
Created Security Operations concept.
Connected platform and applications to BMW central SOC/Splunk.
Conducted regular Pen tests and IAST/SAST scans.

Achievements:

Security concept passed BMW internal Audit without major or medium issues.
Established interface to BMW SOC/Splunk.

Oct 2019 - Mar 2020

6 months

Senior IT Strategy Consultant

Allianz Warranty GmbH

Conducted as-is analysis of existing IT infrastructure and services.
Mapped business processes to IT services.
Evaluated options for future IT strategy and organization.
Proposed and defined IT strategy based on evaluations.

Achievements:

Created as-is documentation and business processes.
Reviewed business impact analysis.
Defined IT strategy and handed over the rollout preparation to IT Manager.

Jul 2019 - Sep 2022

3 years 3 months

Data Privacy Officer

Linkando.com

Conducted GDPR compliance activities and Data Privacy Audits.
Implemented technical and organizational measures.
Carried out general GDPR officer responsibilities.

Achievements:

Implemented Data Privacy Management System.
Created and maintained RPA.
Established DPA with subcontractors and suppliers.

Jan 2018 - Jun 2019

1 year 6 months

AIT Coordinator

Allianz Partners (APAC Region)

Aligned project pillars across Data Centre (DCC), Virtual Client (AVC), Global Mail (GM), AGN Network & AGN security services.
Controlling overall project budgets.
Coordinated execution between projects and local CIOs in APAC.

Achievements:

Successful rollout of AGN, AGN security services, and GM in 2018.
Rollout completion for AVC and DCC in 2019.

Jan 2016 - Dec 2018

3 years

AVC Program Manager

Allianz Technology

Oversaw profit and loss responsibility for AVC program.
Defined rollout plans for Allianz Virtual Client (AVC) to 140K users worldwide.
Led architecture, package factory, engineering, rollout, finance teams, and PMO.
Reported to Allianz SE top management.

Achievements:

Customized AVC solution for 24/7 operation.
Rolled out AVC to over 70K users across Europe and APAC by end of 2018.

Jan 2016 - Dec 2018

3 years

Security Officer

ZfP

Defined and implemented information security concepts based on BSI 100-x and ISO 27xxx.
Created ISMS for over 20 locations/business units.
Conducted audits and follow-ups.

Achievements:

Delivered BSI 100-1/2 and ISO27xxx security concepts.
Developed IT-emergency concepts based on BSI 100-4.
Handover of ISMS to successor by end of tenure.

Jan 2016 - Dec 2016

1 year

Senior Security Consultant (SAP Systems Blueprint)

BMW Group

Developed new SAP IT-Security concept.
Tested pilot production environment.
Planned worldwide rollout and seamlessly handed over to rollout manager.

Achievements:

Created new SAP IT-security blueprint and tested its feasibility.
Defined rollout plan and aligned all necessary stakeholders successfully.

Jan 2016 - Dec 2016

1 year

Project Manager (Re-Design DC Infrastructure)

FWU

Designed new DC concept with regulatory requirements for multiple countries.
Conducted BIA with RTO/RPO.
Controlled project costs, budget, milestones.

Achievements:

Consolidated DC infrastructure from 6 to 2 data centers globally.
Introduced DR concepts and reduced IT costs.

Jan 2015 - Dec 2016

2 years

Cloud Operations Concept

KIVBF

Created new IT organizational concepts based on COBIT 5 framework.
Defined IT operational handbook with process/role descriptions.
Consulted IT architecture for cloud solutions.

Achievements:

Implemented IT organization concept and migrated existing staff.
Defined and implemented cloud operations successfully.

Jan 2014 - Dec 2014

1 year

IT-Governance Policy

BMW SF China

Defined IT Governance policy according to CBRC, PBOC requirements, ISO38500, and COBIT5 standards.
Aligned with BMW AG and BMW Bank.
Prepared presentation for top management.

Achievements:

Submitted and gained approval for IT Governance policy tailored for Chinese market.

Jan 2014 - Dec 2014

1 year

Web-Based Customer System Migration

BMW SF China

Created IT Security concepts for COFIS, integrating CRM and CIC modules.
Conducted risk assessments per ISO 27001.

Achievements:

Security concepts finalized, ITPM reviewed, and prepared system for go-live.

Jan 2014 - Dec 2014

1 year

DLP Concept

TNS Infratest

Created business proposals summarizing security requirements.
Designed information protection/DLP concepts.

Achievements:

Finalized DLP concepts and performed successful PoCs with diverse business cases.
Handover included rollout preparations for operations.

Jan 2013 - Dec 2014

2 years

IT Coordination (Butterfly Project NEV)

BMW AG

Steered BMW JV Butterfly IT project in China.
Managed IT dependency and risk identification.

Achievements:

Successfully aligned IT deliverables for the NEV-focused launch timeline.

Jan 2013 - Dec 2013

1 year

Security Consultant (R&D Center Setup)

Audi China

Held security workshops clarifying requirements.
Provided information security directive/support for protected R&D engagement.

Achievements:

Delivered comprehensive information security frameworks for Audi R&D's secure operations.

Summary

Dirk Meissner is a senior international IT-Executive, Program Manager, Cybersecurity & GRC Leader with more than 25 years of experience delivering large-scale IT transformation, security, compliance, and cloud modernization programs across the automotive, insurance, healthcare, public sector, and technology industries. He combines deep technical expertise with strong governance, risk and compliance knowledge and has led complex global programs with budgets above €20M and distributed teams of more than 70 experts. His core strengths span IT governance, ISO/NIST-based security management, SOC/SIEM strategy, cloud security, IT operations, endpoint security, enterprise workplace transformation, and regulatory compliance (GDPR, DORA, NIS2, KRITIS, C5).

Dirk’s extensive project portfolio includes major strategic initiatives for BMW, Allianz, Volkswagen, Bechtle, Evident Scientific, and large healthcare organizations. As Program Manager for the Allianz Virtual Client (AVC) with 137,000 users and a €20M annual budget, he held full P&L responsibility, drove the global rollout across Europe and APAC, and steered architecture, engineering, operations, PMO, and finance teams while reporting to Allianz SE top management . His ability to manage international multi-stakeholder environments is further reflected in his role as AIT Coordinator for Allianz APAC, ensuring synchronized delivery of DCC, AGN, GM, AVC and network security services across 10,000 users in the region .

In the automotive sector, Dirk has been a long-standing trusted advisor and senior consultant for BMW Group. He supported BMW’s cloud and data-driven services (CarData, FleetData, Catena-X, Conversational AI, HR4ME) as Security Matter Expert, ensuring >95% security KPI compliance and maintaining complete eGRC documentation including threat assessments, pentesting, SAST/DAST/IAST and IAM artefacts . He also developed BMW’s global SAP Security Blueprint, delivered cloud and supplier security concepts, and designed large-scale security and workplace architectures in China.

His leadership in security and GRC extends to auditing and regulatory-driven assessments. For Volkswagen AG, Dirk conducted more than 50 Cloud Vendor Assessments (CVA) based on TISAX and ISO 27001 for DCSO since 2022, ensuring secure onboarding of cloud-based solutions for 350,000 users . For Bechtle Hosting & Operations, he performed full ISO 27001:2021 and BSI C5 maturity assessments and defined resilience-improving measures for the board and CISO .

In the healthcare sector, Dirk led multiple SOC/SIEM and MDR transformation projects for Hospitalvereinigung der Cellitinnen (HDC). He managed the full RfI/RfP process for a new SOC/SIEM service, conducted provider evaluations, delivered a decision matrix and technical concept, and later led the rollout of SentinelOne to 6,000 endpoints across 10+ locations with seamless 24/7 operations integration and SIEM onboarding . He also served as Interim CISO EMEA for Evident Scientific, establishing the regional IT-risk register, SOC KPI reporting, Cyber Essentials certification, and a 27001:2022 maturity assessment post-carve-out .

Dirk’s background includes extensive experience defining IT strategy, restructuring IT organizations, and designing cloud and workplace architectures. For Allianz Warranty, he delivered a complete IT strategy for the 2020–2025 horizon, including infrastructure, service mapping, and target operating model definitions . For KIVBF, he developed the cloud operations concept and COBIT-based organizational structure that now supports more than 3,500 public authorities in Baden-Württemberg .

He has consistently driven transformation programs that combine technology, compliance, and operational excellence. His standardized use of ISO 27001/2, ISO 20000, ISO 31000, ISO 62443, BSI 200-X/100-X, NIST CSF & RMF, COBIT 5/2019, ITIL, and TOGAF ensures high-quality governance and measurable risk reduction. His technology experience spans Microsoft 365, Azure AD, AWS cloud services, Citrix, VMware, SentinelOne, MS Defender, Splunk, SIEM/SOC architectures, DLP/EIP solutions, and enterprise workplace ecosystems.

Beyond his consulting and leadership roles, Dirk serves as VP Finance of ISACA Germany Chapter, leads the Information Security Working Group, and contributes to the EU Advocacy Task Force, strengthening his expertise in regulatory, privacy, and cybersecurity topics .

Dirk’s profile is characterized by a rare blend of strategic vision, hands-on technical depth, and strong stakeholder leadership. Whether as Program Manager, Interim CISO, Senior Security Consultant, or IT Governance Advisor, he delivers robust, compliant, and future-proof solutions for global enterprises facing complex transformation challenges.