Günther Eufinger

Senior Consultant

Avatar placeholder
Offenbach am Main, Germany

Experience

Jun 2023 - Aug 2025
2 years 3 months

Senior Consultant

ISMS Rollout – Information Security Certification (ISO 27001)

  • Set up and successfully certified the Information Security Management System (ISMS) according to ISO 27001 in seven country organizations (Ghana, India, Bangladesh, Uzbekistan, Serbia, Kosovo, Albania).
  • Fully implemented the ISMS from kickoff to certification, including defining the governance structure and process landscape.
  • Developed and delivered target-group-oriented training and coaching for local leads on information security basics and ISMS operations.
  • Designed and continuously optimized training concepts and content to increase understanding and acceptance.
  • Identified and implemented improvements in processes and tools, including in risk management for international projects.
  • Optimized central ISMS core processes from concept through pilot operation and fine-tuning to global rollout.
  • Enhanced knowledge management as well as tools and methods for the global ISMS team.
  • Led and facilitated cross-functional alignments with key ISMS interfaces.
  • Microsoft Teams, Excel, SharePoint Lists, Power Apps.
Feb 2022 - Jun 2023
1 year 5 months

Project Manager / Business Analyst

Governance & Corporate Security & Information Cyber Security Program

  • Expanded management systems for crisis management and maintaining delivery capability in terms of business continuity.
  • Served as project coordinator in the company-wide cyber security program.
  • Updated mission statements for business units: values, tasks, and guidelines in line with corporate strategy.
  • Revised central policies on corporate security, crisis management, and information security.
  • Conceptualized and technically designed KPI reporting.
  • Designed and facilitated the development of the road map for company-wide ISMS governance in line with TISAX / ISO 27001.
  • Main focus areas: cyber risk assessment, cyber incident and emergency management.
  • Coached project teams for efficient project execution and ensured project results.
  • Project management using agile framework.
  • Microsoft Teams, Excel, SharePoint Lists, Power Apps, Power BI.
Sep 2021 - Dec 2021
4 months

Business Analyst

Financial Accounts Information Act Concept (FKAustG)

  • Business analysis and design to implement the new legal regulation on reporting account information to tax authorities (FKAustG).
  • Validated tasks and objectives.
  • Designed and facilitated management workshops to identify relevant processes and systems.
  • Led the definition of technical requirements.
  • Evaluated technical and operational risks.
  • Process analysis and documentation.
  • Derived solution concepts and recommendations.
  • Prepared the results report.
  • Confluence, MS Office 365.
Mar 2021 - Dec 2021
10 months

Project Manager

IT Implementation of the New Garnishment Protection Accounts Regulation

  • Implemented new legal requirements for garnishment protection accounts on the mainframe host, including integration of self-service devices (banking terminal and digital child terminal).
  • Verified tasks and objectives.
  • Supported business analysis including risk analysis.
  • Defined project organization and milestone planning.
  • Defined IT requirements.
  • Led management workshops to define technical requirements, including risk and security requirements.
  • Approved technical concepts for mainframe infrastructure.
  • Managed budgeting, contracting, and oversaw technical implementation by vendors.
  • Maintained the product backlog for agile program components.
  • Quality assurance & testing: coverage, test strategy, etc.
  • Developed test concept and led execution across all phases to final acceptance.
  • Prepared commissioning, pilot, and rollout.
  • Handled budgeting, project control, and reporting to the steering committee.
  • Used HP ALM for requirements definition, in-house tool for budget and progress reporting, Confluence for defining requirements, use cases, and product backlog.
Jun 2019 - Dec 2020
1 year 7 months

Project Manager

Information and Cyber Security Program

  • Expanded the digital security architecture in IT security, operations technology security (OT security), and information security.
  • Enhanced the Information Security Management System as a coordinating function in close collaboration with the CISO.
  • Supported the Chief Information Security Officer (CISO) as program manager in conceptual and administrative matters.
  • Set project strategy.
  • Defined workstreams and deliverables.
  • Prioritized measures.
  • Planned milestones.
  • Designed and prepared project reports for management.
  • Managed stakeholders and communication.
  • Planned and controlled budget.
  • Approved deliverables from workstreams.
  • Ensured audit-compliant project documentation.
  • Structured project management according to PRINCE.
May 2018 - Feb 2019
10 months

Project Manager

Heraeus Group

  • Expanded corporate data protection to meet GDPR requirements.
  • Expanded the data protection management system for the Heraeus Group and its subsidiaries.
  • Conducted stakeholder analysis.
  • Derived project strategy, roadmap, and project structure.
  • Defined data protection processes: from documenting procedures to handling incidents.
  • Change management: developed and delivered extensive training and awareness measures for over 400 participants.
  • Led management workshops with all business units.
  • Recorded and analyzed existing personal data processing activities.
  • Implemented IT system for data protection management.
  • Conducted business analysis and gathered requirements from stakeholders.
  • Designed processes and defined user stories.
  • Managed the product backlog.
  • Supported development in close collaboration with the Scrum team.
  • Led the project using traditional and agile management methods for the IT solution.
  • Reported to the Steering Committee.
Apr 2016 - Apr 2018
2 years 1 month

Product Owner

lexiCan

  • Designed, developed, and delivered the completely revamped version of the lexiCan Wiki software to over 500 business customers.
  • Analyzed market requirements and competitive landscape.
  • Positioned the product in the market.
  • Defined core requirements.
  • Translated requirements into use cases.
  • Developed use cases into technical concepts.
  • Managed the product backlog.
  • Oversaw UX design processes.
  • Supported development and testing.
  • Supported product launch and market penetration.
  • Established quality assurance for the end customer.
Oct 2014 - Aug 2016
1 year 11 months

Project Manager

Schaeffler AG

  • Expanded and implemented the compliance management system (CMS) group-wide for Schaeffler AG and the Schaeffler Group.
  • Analyzed the entire IT landscape for compliance risks.
  • Supported the Chief Information Security Officer (CISO) as program manager in conceptual and administrative matters.
  • Supported the definition of objectives.
  • Conceptualized and designed the enhanced compliance management system.
  • Developed the first comprehensive and structured compliance risk analysis framework.
  • Conceptualized and planned workshop series to define and prioritize compliance measures.
  • Evaluated inputs for analysis.
  • Set up risk reporting.
  • Conceptualized and implemented the establishment of the Group Compliance Risk Committee (GCRC).
  • Rolled out measures internationally across all regions.
  • Tracked implementation and reporting.
May 2014 - Oct 2014
6 months

Team Lead Central Compliance Services

Deutsche Bank Group

  • Enforced IT governance and audit compliance for all critical business applications of the Deutsche Bank Group.
  • Translated audit requirements into a remediation plan and established the necessary business processes.
  • Managed the central product backlog in HP ALM.
  • Continuously prioritized backlog items.
  • Set up consolidated status reporting from individual Scrum teams.
  • Ran multiple process optimization cycles in the program.
  • Reported to stakeholders and program management.
  • Agile project management.
Sep 2010 - Mar 2014
3 years 7 months

Business Analyst

Deutsche Bank AG

  • Various projects to optimize services and operations for the self-service business of Deutsche Bank AG.
  • Migrated the operations platform and introduced new middleware and operating systems.
  • Set up the business analysis team.
  • Defined the analysis scope based on constraints.
  • Developed the approach and methods for business analysis.
  • Implemented and structured the analysis areas in workshops.
  • Ensured quality through active coordination with Postbank employees.
  • Aligned results with the relevant departments until final approval.
  • Designed the quality assurance concept and rollout approach.
Feb 2010 - Sep 2010
8 months

Project Manager

Deutsche Bank AG

  • Migration of Berliner Bank and processing transactions in payments (direct debits, transfers, checks).
  • Implementation of two new software systems and adjustments in the existing core IT infrastructure of Deutsche Bank AG.
  • Gathering requirements from Berliner Bank's products.
  • Defining requirements for IT and process changes.
  • Leading teams for functional and technical system design.
  • Monitoring low-level design and implementation by the IT service provider.
  • Managing and monitoring test cycles (functional testing, integration testing, UAT).
  • Deploying software products to production.
  • Project reporting and risk management.
  • Facilitating and coordinating between teams and business units.
May 2007 - Dec 2009
2 years 8 months

Project Manager

MasterCard Worldwide

  • Lead project for the takeover of the Lufthansa Miles & More credit card portfolio: importing customer data, designing and producing cards, issuing to over 1 million customers.
  • First introduction of contactless payment technology at POS in Germany.
  • Verifying project goals and milestone planning with eight partner companies.
  • Coordinating project tasks across all involved companies.
  • Publishing regular and ad-hoc reports for senior management.
  • Facilitating coordination meetings and project documentation.
  • Temporarily taking over project leadership for MasterCard.
  • Designing concept for technical basis to systematically capture technical issues in card sales.
  • Defining criteria for systematic evaluation of issues.
  • Coordinating initial analysis and distribution of issues to subsequent units.
  • Tracking and supporting issue resolution.
  • Designing and executing reporting.

Summary

For more than 10 years I have helped projects succeed in security and risk management, and in recent years I have been focusing clearly on information security. I work with international corporate groups as well as public-sector clients.

I bring strong skills in designing policies and service-oriented processes and tools for risk management according to established standards like ISO 27001 and NIST.

My excellent analytical skills and structured communication support me in this. I also have a good sense for what is practical and for the human factor in this task.

I think systemically, act pragmatically, and work well in teams.

Skills

  • Over 10 Years Of Experience In Designing And Implementing Management Systems, Especially Isms And Grc: From Planning To Successful Certification
  • Several Years Of Experience In System Design For Kritis
  • Several Years Of Hands-on Experience With Standards (Iso 27001, Iso 31000, Bsi, Nist, Etc.)
  • Outstanding Skill In User-oriented Design Of Policies, Processes, And Systems And In Coordinating With Related Areas
  • Project Management Pro With Over 20 Years Of Experience, Skilled In Both Agile And Traditional Methods
  • Automation And Integration Of Compliance Requirements Into Processes, Including Strict Supplier Management
  • Extensive Expertise In Performance Measurement (Kpis)
  • Strong Implementation Skills And Teamwork
  • Proven Communication Skills, Especially In Presenting Complex Technical Matters In A Reader-friendly Way For Board Level

Languages

German
Native
English
Advanced

Education

Lorem ipsum dolor sit amet

Diploma in Industrial Engineering · Industrial Engineering

Certifications & licenses

ISO 27001

ITIL Foundation

Scrum Master

Scrum Product Owner

Need a freelancer? Find your match in seconds.
Try FRATCH GPT
More actions

Similar Freelancers

Discover other experts with similar qualifications and experience

Markus Marschollek
Markus Marschollek

Project Manager / Senior Consultant (multiple projects)

View Profile
Björn Bausch
Björn Bausch

Project Manager NIS-2

View Profile
Sandra Klinkenberg
Sandra Klinkenberg

Webinar Leader - Blackout Prevention and Preparation

View Profile
Nikolaus Betzler
Nikolaus Betzler

ICT Risk Management and Information Security

View Profile
Alexander Sänn
Alexander Sänn

Owner and Managing Director

View Profile
Mirko Haucke
Mirko Haucke

Cybersecurity Manager

View Profile
Federico Leefhelm
Federico Leefhelm

ISO – Senior Consultant Quality & Information Security

View Profile
Tobias Greiner
Tobias Greiner

Head of IT D-A-CH (CIO)

View Profile
Stephan Selnerat
Stephan Selnerat

IT-Security Manager

View Profile
Daniel Jüntgen
Daniel Jüntgen

Information Security Consultant

View Profile
Thomas Kupfer
Thomas Kupfer

Consultant/Coach ISO/SAE 21434 / UNECE R-155

View Profile
Oliver Frömel
Oliver Frömel

Senior IT Enterprise Security Architect | Project Bank Migration

View Profile
Frank Joraschkewitz
Frank Joraschkewitz

Lead Project Manager

View Profile
Thomas Ullrich
Thomas Ullrich

Senior Consultant / PM Infrastructure Services & Workplace Migration

View Profile
Achim Klein
Achim Klein

Portfolio Manager, Consultant, Leadership Coach

View Profile
Wilhelm Haupt
Wilhelm Haupt

Project Manager / Senior Consultant

View Profile
Julian Voje
Julian Voje

Project Lead Change the Bank

View Profile
Christian Gebhardt
Christian Gebhardt

Deputy Chief Information Security Officer

View Profile
Christian Decker
Christian Decker

Managing Director and Senior Consultant

View Profile
Alagi Mansaray
Alagi Mansaray

Senior Project Manager S4HANA in the energy sector

View Profile
Friederike Balaz
Friederike Balaz

Information Security Manager

View Profile
Khallad Swaid
Khallad Swaid

Managing Director and Co-Founder

View Profile
Fabian Flock
Fabian Flock

OT Security Champion Europe

View Profile
Stephan Heinsius
Stephan Heinsius

Consultant

View Profile
Hakan Kisa
Hakan Kisa

Senior IT Manager & Project Manager

View Profile
Lucas Löcken
Lucas Löcken

Consultant in Information Security, Data Protection and Business Continuity Management

View Profile
Vladimir Mildenberger
Vladimir Mildenberger

IT & Cybersecurity Project Manager

View Profile
Christian Heutger
Christian Heutger

Lead Auditor

View Profile
Stephan Lewering
Stephan Lewering

Managing Director

View Profile
Dirk Meissner
Dirk Meissner

Project Manager AOS

View Profile