Senior Consultant

Expansion of management systems for crisis response and maintaining delivery capability in terms of business continuity. Project coordinator in the company-wide cyber security program.

Combination of agile and traditional approaches.

• Updating the guiding principles of business units: values, tasks, and guidelines in line with the corporate strategy
• Revising central policies for corporate security, crisis management, and information security
• Conceptual and technical design of the KPI reporting
• Concept and facilitation of the roadmap development for company-wide ISMS governance in line with TISAX / ISO 27001
• Main focus areas: cyber risk assessment and cyber incident and emergency management
• Coaching project teams for efficient project execution and ensuring project deliverables
• Project management according to an agile framework

Tools:

• Microsoft Teams, Excel, SharePoint Lists, Power Apps, Power BI

Implementing the new legal requirements for garnishment protection accounts in the Mainframe HOST area, including integration of self-service devices (banking terminal and digital child terminal).

Combination of agile and traditional approaches.

• Verifying the assignment and objectives
• Supporting the technical analysis, including risk analysis
• Defining project organization and milestone planning
• Defining IT requirements
• Leading management workshops to define technical requirements, including risk and security requirements
• Approving technical concepts for mainframe infrastructure
• Budgeting, contracting, and overseeing the technical implementation by vendors
• Managing the product backlog for agile program parts
• Quality assurance & testing: coverage, test strategy, etc.
• Creating the test concept and leading its execution across all phases and final acceptance
• Preparing commissioning, piloting, and rollout
• Budgeting, project control, and reporting to the Steering Committee (SteeCo)

Tools:

• HP ALM for requirement definition
• In-house tool for budget and progress reporting
• Confluence for defining requirements, use cases, and product backlog

Expansion of corporate data protection to meet GDPR requirements. Corresponding expansion of the data protection management system for the Heraeus Group and its subsidiaries.

Agile development for design, development, and implementation of the IT platform; classic methodology in the overall project.

Leading the project for the compliance area under the guidelines and close support of the data protection officer:

• Stakeholder analysis
• Deriving project strategy, roadmap, and project structure
• Defining data protection processes: from documenting procedures to handling incidents
• Change management: developing and delivering comprehensive training and awareness measures for over 400 participants
• Leadership workshops with all business units
• Recording and analyzing existing personal data processing activities

IT system implementation for data protection management:

• Business analysis, gathering requirements from stakeholders
• Process design and defining user stories
• Managing the product backlog
• Overseeing development closely with the Scrum team
• Project management using classic methods and agile management for the IT solution
• Reporting to the Steering Committee

The project covered the company-wide expansion and establishment of the Compliance Management System (CMS) for Schaeffler AG and the Schaeffler Group. This included analyzing the entire IT landscape for compliance risks.

Classic methodology.

Supporting the Chief Information Security Officer (CISO) as program manager in conceptual and administrative matters:

• Assisting with defining objectives
• Designing the extended Compliance Management System
• Developing the approach for a first comprehensive and structured compliance risk analysis
• Designing and planning a series of workshops to define and prioritize compliance measures
• Evaluating inputs for analysis
• Setting up risk reporting
• Planning and implementing the establishment of the Group Compliance Risk Committee (GCRC)
• International rollout of measures across all regions
• Tracking implementation and reporting

Various projects to optimize services and operations for the self-service business of Deutsche Bank AG. This included migrating the operations platform, introducing new middleware and operating systems.

Classic methodology.

• Setting up the business analysis team
• Defining the scope of analysis based on the framework conditions
• Developing the approach and methods for business analysis
• Implementing and structuring analysis areas in workshops
• Ensuring quality through active coordination with Postbank staff
• Aligning results with the involved departments until final approval
• Designing the quality assurance concept and rollout approach

Overall project to take over the largest German credit card portfolio: migration of customer data, design and production of cards, issuance to over 1 million customers. Including the first introduction of contactless payment technology at POS in Germany.

Classic approach for the overall project, agile for resolving quality issues.

• Verifying project goals and definitions
• Leading milestone planning and coordinating with the managers responsible at the eight involved partner companies
• Coordinating project tasks across all participating companies
• Publishing regular and ad-hoc reports for Senior Management
• Facilitating coordination meetings
• Project documentation
• Temporary project leadership for MasterCard
• Concept for the technical basis to systematically capture technical issues in card sales
• Defining criteria for the systematic evaluation of issues
• Coordinating initial analysis and distribution of issues to subsequent units
• Tracking and supporting issue resolution
• Design and execution of reporting