IT System Engineer / Senior Service Desk Consultant

In my role as overall project manager and subproject manager in a service transition project for managed services, I was responsible for the following solid, hands-on tasks and used a wide range of modern tools and standards:

• Project and resource planning: Designing, controlling, and monitoring the project plan with MS Project 2016. Defining milestones and KPIs in line with ISO 9000 quality management.
• Quality and service management: Implementing and optimizing service design and transition processes according to ITIL v3 and ISO/IEC 20000. Defining SLAs, monitoring them, and managing escalation processes in ServiceNow.
• IT infrastructure consulting: Designing a hybrid cloud architecture based on MS Azure and Active Directory (AD) using the AGDLP principle. Selecting and rolling out Lenovo servers and virtualizing with CORBOX VMs.
• Asset and license management: Consolidating all CMDB topics in ServiceNow CMDB. Introducing software asset management with the Smart Track tool from USU/Aspera.
• Communication & collaboration: Managing stakeholders and reporting via MS Office 365 (Outlook, Teams, SharePoint) and Confluence. Leading steering committee and specialist group meetings.
• Change and cutover planning: Developing a detailed action plan (cutover plan) including rollback scenarios, documented in Confluence. Test management and tracking handover tests with XRAY for Jira.
• Mobile device management & security: Implementing EMM strategies with Intune and MobileIron. Hardening endpoints, patch management, and policy enforcement via Ivanti.
• Process and tool integration: Automating and orchestrating ITSM processes in ServiceNow and Jira Service Management. Managing interfaces between Office tools, CMDB, and MDM.
• Documentation, compliance & training: Creating standardized templates, runbooks, and manuals in SharePoint. Ensuring compliance with ISO 9000, ISO/IEC 20000, SLAs, and internal governance requirements. Knowledge transfer and training of the 2nd/3rd level support team.
• This holistic, tool-supported approach ensured both service transition and long-term operational stability and compliance at the highest level.
• Technologies: MS Project 2016, ISO 9000, Cloud / Active Directory (AD)/ AGDLP, ISO/IEC 20000, Lenovo, ITIL v3, MS Azure, MS Office 365, MS Outlook, MS Teams, MDM (Intune), SharePoint, Confluence, SLA, CORBOX VMs, service design, service transition, processes, CMDB topics, license management, license management with the Smart Track tool from USU/Aspera, Ivanti, XRAY from Jira, MobileIron, ServiceNow

As part of a strategic mandate to develop IT infrastructure management holistically, I was responsible for the following solid, hands-on services:

• IT infrastructure consulting and governance: Providing technical and methodological guidance for realigning infrastructure management. This included defining policies, KPIs, and metrics for continuous performance and cost control.
• Current state analysis and target concept: Systematically capturing the existing infrastructure topology, OS and storage versions, and virtualization platforms. Using gap analysis and benchmarking, I developed a detailed target vision covering performance, security, and compliance requirements.
• System engineering for cloud & on-premises: Implementing and operating Windows Server clusters (2016/2019), SAN and NAS storage systems (NetApp, EMC), and virtualization environments (VMware vSphere, Microsoft Hyper-V). Automating deployments and configuration management with Ansible and PowerShell DSC.
• Network transformation and IPv6 migration: Designing, planning, and executing the switch from layer-2 switching and layer-3 routing from IPv4 to IPv6. Creating a cutover and rollback plan that considered dual-stack architectures, 6to4 tunneling, and NAT64/DNS64 translation methods for seamless protocol coexistence.
• Interface and requirements management: Acting as intermediary between departments, central IT teams, and external service providers. Applying agile methods (Scrum/Kanban) in requirements engineering, with documentation in Jira and Confluence.
• Agile ITSM and project management: Introducing iterative project workflows in Jira Service Management, including sprint planning and retrospective reviews. Coordinating change advisory board meetings following ITIL v3 & v4 to ensure quick decision-making.
• Digital workplace planning: Defining and reviewing requirements for a modern digital workplace: automated Baramundi unattended installations, support strategies for Skype for Business and Microsoft Teams in parallel operation, and self-service portals to ease end-user support.
• Quality assurance and documentation: Defining test and review scenarios in the quality assurance manual. Continuously monitoring process quality through audits and KPI reports, with automated tracking in ServiceNow.
• Technical concept development for data centers: Creating detailed process and network blueprints for both on-premises data centers and Azure Entra ID-based cloud environments. Including dual-stacking at layer 2/3 and failover and high-availability architectures.
• Service process optimization and emergency management: Adjusting existing incident, change, and problem management processes. Creating runbooks and playbooks for business continuity. Conducting table-top exercises and training for 2nd/3rd-level support teams.
• 2nd & 3rd level support and CAB membership: Managing incident, change, and problem tickets in infrastructure and CMS/CMDB. Actively participating in the Change Advisory Board (ITIL v3 & v4) to approve complex infrastructure changes.
• Project management & IT infrastructure analysis: Designing and managing the overall project using PRINCE2/Scrum, including setting up extensive infrastructure assessments (servers, storage, network) with discovery tools and performance monitoring.
• Operational IT service management: Establishing and running cloud- and on-premises-based ITSM processes according to ITIL v3/v4. Coordinating daily operations, monitoring SLAs, and handling escalations through Jira Service Management.
• Strategy consulting & data center architecture: Developing a data center strategy, defining target designs, and mapping all relevant assets in the CMDB (e.g., FNT Command, ServiceNow CMDB) for full transparency and lifecycle governance.
• Mobile device management & enterprise mobility: Planning and implementing EMM profiles with Samsung Knox Mobile Enrollment (Android Enterprise) and Esper MDM. Configuring and administering Ivanti/Magenta Admin for device-based policy enforcement and compliance.
• Exchange migration on-premises → Microsoft 365: Creating and executing a detailed cutover plan to migrate Exchange Server on-premises to Microsoft 365 Exchange Online. Migrating mailboxes, public folders, and archives while ensuring data integrity.
• Managed service provider (MSP) profile management: Defining and managing MSP service profiles, configuring them in central management portals for automated service delivery.
• Security and email protection: Integrating and operating Proofpoint for email security, threat intelligence, and advanced threat protection.
• Microsoft 365 suite administration: Managing users and licenses in the Microsoft 365 admin center, handling Exchange, SharePoint, and OneDrive policies, configuring security features (MFA, Conditional Access), monitoring and reporting via Microsoft 365 Compliance Center.
• Microsoft Exchange Admin Center: Managing mailboxes, distribution and resource groups, security settings, and monitoring and reporting on the Exchange infrastructure.
• Microsoft Teams & Skype for Business administration: Migrating from Skype for Business on-premises to Microsoft Teams, managing users and policies in the Teams admin center, app management, and real-time monitoring of presence and messaging services.
• Identity & access management: Administering Azure Entra ID, Active Directory, ADFS farms, and FSMO roles in the data center; implementing conditional access policies and privileged identity management (PIM).
• Power Platform governance: Configuring and monitoring in the Power Platform admin center, governance models for Power Apps, Power Automate, and Dataverse.
• Endpoint management with Baramundi Management Suite: Unattended installations and software deployment, patch management, mobile device management (MDM), license management, reporting, and monitoring.
• Help line ITSM/CSM: 2nd/3rd level support for incident, change, and problem management (with an active role in the Change Advisory Board according to ITIL v3 & v4), knowledge management, and ongoing analysis and reporting for service optimization.
• Technologies: Entra-ID (Azure), Cisco, Cloud, Baramundi, firewall, HP, ITIL v3 & v4 CAB, MS Office 2016, MS Outlook, MS Teams, requirements engineering, Ivanti (MDM tool), Active Directory (AD)/AGDLP, PSI Penta (ERP system), SharePoint, Selektron (warehouse management system), Skype for Business & Teams, Dynamic Forms Workflow (workflow & information system), Microsoft Dynamics CRM (CRM system for sales and customer service), CMDB, KeyTech14 DMS (DMS system), Cisco IOS, Juniper JunOS, MikroTik, FRRouting (FRR), EDR, SIEM, MS-TIER, NESSUS, Azure security, SharePoint 2016, AGIL ITIL v3, M365/AZURE (Exchange, Teams, AAD, all M365 services), SQL Server 2016, VPN – FortiClient SAML

As part of a strategic mandate to comprehensively optimize the data center and cloud architecture, I delivered the following services:

• Business and requirements analysis: Conducted a detailed business impact analysis and facilitated workshops with stakeholders to gather functional and non-functional requirements for the data center. I used requirements engineering methods (use case modeling, MoSCoW prioritization) and tools like Jira and Confluence.
• Evaluation and optimization of cloud services (IaaS, PaaS, SaaS): Analyzed existing cloud offerings using AWS CloudWatch, Azure Monitor, and Google Cloud Operations to determine capacity needs, scalability, security requirements, and budget constraints. Defined a target blueprint for right-sizing resources and introduced automation recommendations via CloudHealth.
• Physical infrastructure analysis and DCIM design: Assessed server rooms, network topologies, storage layers (SAN/NAS), cooling and power systems, and physical security measures (access control, CCTV). Employed DCIM solutions like Schneider Electric StruxureWare and Nlyte to identify optimization potential in PUE (Power Usage Effectiveness) and rack utilization.
• Integrity verification of virtualization and automation technologies: Verified requirements for VMware vSphere, Microsoft Hyper-V, and Proxmox environments, and evaluated infrastructure as code approaches using Terraform and Ansible to ensure consistency and repeatability of deployments.
• Network design and high-availability architecture: Designed and expanded a resilient LAN/WAN framework based on Cisco Nexus, Juniper MX, and HPE Aruba. Implemented redundancy and failover mechanisms (VRRP, OSPF multihoming, BGP redundancy) and load balancing with F5 BIG-IP to improve latency and throughput metrics.
• Security analysis and BSI compliance: Reviewed and updated the security concept according to BSI standards (IT baseline protection), including physical safeguards, role-based access control (RBAC), data encryption (AES-256), threat detection (IDS/IPS with Snort/Suricata), and identity and access management (Azure AD PIM, Okta). Developed and implemented security policies aligned with ISO 27001.
• Operations and maintenance procedures: Created a comprehensive framework for patch management (WSUS, Red Hat Satellite), backup and recovery (Veeam, Commvault), performance monitoring (Zabbix, Prometheus with Grafana), and capacity planning. Set up automated escalation and reporting workflows via ServiceNow and Jira Service Management.
• Training, emergency and crisis management: Designed and delivered training for the service team on incident and problem management, failover scenarios, and business continuity plans (ISO 22301). Developed playbooks, runbooks, and conducted table-top exercises to ensure smooth recovery processes.
• Scaling and growth planning: Documented modular architecture blueprints for future growth, including micro-segmentation approaches and SD-WAN strategy. Recommended flexible resource pools (Kubernetes, Docker Swarm) for on-demand scaling.
• Continuous service and infrastructure improvement (CSI): Introduced a CSI framework based on ITIL v3 for incident, change (including CAB), and problem management. Established a cycle of metrics monitoring, lessons learned workshops, and targeted optimization measures to sustainably improve efficiency, performance, and reliability.
• Technologies: BSI, critical infrastructures

As part of a migration and outsourcing project in the IT infrastructure area, I took on the following in-depth and practical tasks:

• IT infrastructure analysis for migration preparation: Systematically collected and assessed existing hardware and network components (servers, storage, virtualization layers). Used monitoring and discovery tools (e.g., Nagios, Zabbix, CMDB Scanner) to inventory and establish a performance baseline.
• Restructuring and consolidation of the CMS/CMDB landscape: Conceptual redesign of all configuration management databases, considering hybrid data center architectures (on-premises & cloud). Harmonized data schemas and attribute models in an ITIL-compliant CMDB (e.g., BMC Atrium CMDB, ServiceNow CMDB).
• As-is analysis of all CMS databases including interfaces: Documented and classified existing CMDB instances and their integration points (e.g., REST APIs, SQL views). Created a quality assurance guide to define data quality metrics (completeness, consistency, timeliness).
• Identification of optimization potential in service management: Benchmarked processes against ITIL v3 best practices and derived concrete fields for improvement. Facilitated workshops with the Change Advisory Board (CAB) to prioritize process enhancements.
• Stakeholder management and communication control: Closely coordinated with top management, specialist departments, and external service providers. Provided regular status reports and executive briefings to ensure transparency and minimize risks.
• Planning and (partial) automation of IT processes: Developed ETL-based staging area pipelines for data migration and harmonization. Implemented automation workflows using tools like Ansible, PowerShell DSC, and Talend Open Studio.
• Analysis and optimization of the incident management tool (BMC Remedy): Captured and modeled all incident and problem workflows. Documented APIs and connectors (LDAP, SNMP, SMTP) and automated minor routine tasks. Provided technical recommendations to improve first call resolution and reduce MTTR.
• This holistic approach laid the groundwork for a smooth software migration and achieved significant efficiency gains in ongoing IT operations.
• Technologies: FNT Command ver. 9.8.1, AGIL Operations ver. 7.0.94, RANCID (Really Awesome New Cisco config Differ), Confluence by Atlassian ver. 7.3.3, BMC Atrium CMDB ver. 18.08, BMC, SAN & NAS Archive, Service Management Remedy ver. 7.4.3, SharePoint 2016, AGIL ITIL, ServiceNow London, UC4 ver. 11 & 12, FNT Staging Area ver. 4.5 & 5.0, Nintex Workflow 2013, Cisco Jabber ver. 11.9.3 (installation, configuration) build 60004, Skype for Business 2016 (installation, configuration) (16.0.4978.1000), Outlook 2016, Microsoft SQL Server 2016, Oracle SQL Developer ver. 4.0.0, MS Office 365, Jira ver. 7.0.5

In my mandate with our client, I was responsible for the following services, achieving measurable increases in transparency, quality, and efficiency across the service lifecycle:

• Governance and operation of service asset and configuration management (SACM): I designed and managed the central administration of SACM according to ITIL v3 (2011 revision). This involved a configuration management system (CMS) combined with a configuration management database (CMDB), implemented via FNT Command.
• Comprehensive CMDB data quality: I ensured continuous identification, control, persistence, and the correctness and completeness of all technical configuration items, including service and infrastructure relationships and organizational metadata in on-premises and cloud data centers.
• Process analysis and ITIL optimization: Through systematic reviews, I evaluated existing configuration and change processes, identified optimization potentials, and adjusted workflows to ITIL v3 best practices to close governance gaps and consistently meet SLA targets.
• Service transition and configuration control: During service transition, I distinguished outsourcing status and business requirements (configuration identification) across the entire data center infrastructure for outsourced customers and implemented these in the CMS/CMDB module for effective configuration control.
• Verification, audit, and quality assurance: At the end of the project phase, I conducted comprehensive configuration verifications and audits, established QA reports, and continuously monitored data quality. The result was a significantly reduced error rate in infrastructure changes.
• Service operation and continual service improvement (CSI): By introducing optimized service operation processes, I supported change and problem management with accurate CMDB data. This allowed the CSI program to be sustainably anchored according to the company's overarching service strategy.
• Network design and documentation: I developed technical concepts, design specifications, and process documentation for the performance network (OPN) and all LAN, WAN, MPLS, VPLS, CWDM, and DWDM infrastructures, integrating them into the CMDB via FNT Command.
• Tenant-specific transparency in security incidents: Thanks to the networked CMDB, we could perform tenant-specific impact analyses in real time and quickly identify affected customers during security incidents.
• Data provider for operational processes: The CMS served as a reliable data source for change and problem management: stakeholders were informed precisely, tickets were created automatically, and asset quality was documented and communicated through QA reports.
• Technologies: FNT Command ver. 9.8.1 & 10, SharePoint 2013, ServiceNow London, staging area ver. 5.5 & 5.0, Skype for Business 2016 (16.0.4978.1000), Outlook 2010, Microsoft SQL Server 2010, Oracle SQL Server & Developer ver. 4.0.0, MS Office Pro & 365, 2010-16 and more.

• Topics:
• Project management according to PRINCE2®, ITIL® 2011, MS Project, SCRUM, SAP Business Suite, SAP CO
• Data protection in project management
• Communication for managers
• Certifications:
• PRINCE2® Foundation & Practitioner, ITIL® 2011 Foundation, SCRUM, SAP Business Suite, SAP CO (AC040)
• Technologies: ITIL, PRINCE2, project management, SAP, SAP CO, SCRUM

As part of a company-wide transformation project to strategically realign the IT infrastructure, I took responsibility for key areas within the department and coordination with other departments and external service providers.

• Strategic project responsibility: Leading role in IT strategy, including the design and implementation of strategic IT vision for both data centers.
• Consulting and project planning: Advising at management and department level on planning and executing complex migration and rollout projects, including technical, organizational, and business considerations.
• Infrastructure and feasibility analysis: Conducting a comprehensive analysis of the existing IT landscape. Developing a feasibility study to identify technical, organizational, and business success factors. Special focus on integrating NetApp backup solutions.
• Project management: Overall responsibility for project budget and controlling project execution with decision-making authority according to defined governance structures. Applying methods such as PRINCE2, PMI, or similar standards.
• Introduction of controlling metrics: Developing and implementing a KPI system to manage and measure the success of the IT department.
• Quality management for end-user workstations: Defining and implementing quality improvement measures, including standardizing and optimizing workstation architecture.
• Collaboration with external service providers: Technical management and coordination of external partners and ensuring quality of service delivery.
• System and integration testing: Actively participating in planning, executing, and evaluating test runs for system deployments and migrations.
• IT rollouts: Supporting and operationally executing the deployment of new systems and services.
• Data center infrastructure consolidation: Merging and standardizing existing data center solutions, considering high availability, disaster recovery, and scalability.
• Leadership and communication: Strong customer focus, communication skills, and consulting and leadership abilities at specialist and management levels.
• Requirements management: Gathering, analyzing, and prioritizing software, hardware, and infrastructure requirements in close coordination with departments.
• Trainer activities: Conducting internal training sessions on new technologies, processes, and security requirements.
• Service level agreements: Defining, aligning, and implementing SLAs for mission-critical services.
• Process optimization: Adjusting and optimizing IT service management processes according to ITIL and redesigning data center processes.
• IT security: Significantly raising the security level by introducing improved encryption technologies and security policies.
• Service and escalation management: Managing support processes at 2nd and 3rd level, including escalation management and user support.
• Remote support tools: Implementing Microsoft Remote Help Assistant for more efficient remote maintenance.
• Communication tools and platforms: Replacing outdated systems by migrating from WebEx, Skype for Business (legacy), SameTime, NetViewer (Cisco), and Polycom HDX. Introducing ARKADIN as the global conferencing tool.
• VPN / SRA (Secure Remote Access): Implementing a new VPN solution for secure remote access outside the main site.
• New communication platform: Introducing Skype for Business On-Premise as the company-wide standard for audio/video conferencing. This included deploying front-end servers, edge servers, backend databases, and monitoring components. Integration into the Office 2010 suite.
• Efficiency gains through system consolidation: Merging and replacing five existing communication platforms led to sustainable efficiency improvements and reduced support effort.
• IT security and asset management: Further developing and maintaining security policies and asset management according to ISO/IEC 27001.
• IAM development: Working in the development team for a new identity & access management (IAM) tool, aiming to meet modern role and permission model requirements.
• Project "Identify Management": Designing a group-based role model based on DirX (IAM solution) and contributing to its implementation.
• Rollout & migration: Planning and executing rollouts and migrations of Microsoft-based operating systems and performing requirements management in collaboration with the supply chain management team.
• Technologies: Access, Cisco, Citrix, cloud, CRM, Skype for Business, HP, Dell, Jenkins, Linux, Lotus Notes & Archive, MS Project, NetApp, project management, R, S/MIME, SAP, security, VMware, VPN, Windows, Active Directory (AD)/AGDLP, SAN & NAS archivers, MO disk & tape archives, flash storage archives

• Set up support in central IT
• Sub-project manager for the client migration from Novell to Windows
• Technologies: Windows