Michael S.
Compliance Consultant
Experience
Sep 2024 - Present
1 yearCologne, Germany
HybridProject Manager
Bank-Verlag
- Set up outsourcing management, procurement department, developed a new strategy, policy and work instructions.
- Set up an information outsourcing register and defined critical functions and service providers.
- Created SLA definitions, KPIs and built service provider management and procurement.
- Conducted external audits and established a conflict of interest register.
- Built due diligence and risk assessments.
- Created the cloud strategy and AI strategy.
- Appointed a data protection coordinator and developed specific data protection strategies.
- Conducted DPIAs, data protection audits, technical and organizational measures (TOM), data processing agreements (DPA), and managed the record of processing activities (RoPA).
- Drafted and reviewed RoPA-DPA.
- Prepared tenders, evaluations, framework agreements, etc., and expanded the strategy pool.
Sep 2024 - Dec 2024
4 months Lorem ipsum dolor sit amet
Stuttgarter Versicherung
- Implemented DORA requirements.
- Created an information register and carried out contract extensions.
- Defined critical functions and service providers.
- Developed strategy, policies and process descriptions for third-party management.
- Implemented third-party management, set up risk assessment and due diligence processes.
- Created role descriptions for third-party managers.
- Reviewed contracts and added minimum contractual content according to DORA.
- Prepared exit planning and exit documentation.
- Managed ICT incidents.
Nov 2023 - May 2024
7 monthsCompliance Consultant
Zurich Insurance Europe AG
- Advised on setting up the largest European property insurer.
- Conducted a gap analysis and prepared a Statement of Findings.
- Created guidelines and policies for VAIT/DORA requirements.
- Identified the information network and created IAM policies.
- Implemented process descriptions, governance and risk management.
- Adjusted contracts for outsourcing and set up risk reporting.
- Mitigated risks and managed IT emergencies with a BCM policy.
- Supported the implementation of Artemeon as a central information register.
- Initially reviewed and audited the outsourcing register and contract database.
- Introduced tools for process mapping in outsourcing management.
Oct 2022 - Oct 2023
1 year 1 monthProject Manager, IAM Architect
Fondsdepotbank
- Implemented an IAM software (ORG by FSP).
- Monitored and managed a project with 10 team members.
- Managed stakeholders at the C-level and developed the implementation strategy.
- Actively implemented IT emergency management, IT outsourcing and contract management.
- Supported the central asset register in ServiceNow.
- Optimized and updated BCM according to DORA requirements.
- Oversaw the technical implementation considering dependencies.
Jan 2022 - Sep 2022
9 monthsBusiness Analyst
ING Diba AG
- Supported the migration to One Identity and data migration from ServiceNow/Ramon to One Identity.
- Set up roles and individual permissions.
- Monitored and established internal control systems.
Dec 2021 - Mar 2022
4 monthsFinancial Statement Auditor
PWC
- Performed audit procedures for financial statements.
- Audited IT strategy, IT governance and operational information security.
- Reviewed identity and access management as well as application development and IT operations.
- Audited outsourcing management of third-party services.
Oct 2021 - Oct 2024
3 years 1 monthBusiness Analyst
FI-TS
- Supported internal control tasks within the ECB program.
- Updated and adapted the Statement of Findings to new processes and requirements.
- Defined and aligned KPI reporting with stakeholders.
- Optimized and documented the authorization process.
- Reviewed and updated the authorization concepts and checked the connected components and their documentation.
- Monitored SoD conflicts and supported new SoD requirements.
- Conducted external audits and special tasks.
- Introduced the Garancy system and integrated ITAB tools (LUY) into authorization management.
- Assisted and prepared audits (WP, §44 KWG, internal audit, PS951, TÜV and data protection audits).
- Implemented findings from the above audits.
Apr 2021 - May 2021
2 monthsProject Manager
Internationale Anwaltskanzlei Hengeler und Müller
- Conducted a feasibility study for implementing an authorization management system.
- Prepared the RfP and decided on an ABAC role model.
Nov 2020 - Mar 2021
5 monthsIT Auditor
PWC
- Performed IT audits at banks in Frankfurt, reviewing IT strategy and governance.
- Reviewed information security management plans and operational security measures.
Jan 2020 - Sep 2021
1 year 9 monthsBusiness Analyst
EEX Leipzig
- Specified and implemented a proprietary IAM solution.
- Adapted authorization concepts and regulatory requirements.
- Applied agile project methods such as Scrum and Kanban.
- Responsible for implementation, secure operation and continuous improvement of IAM services.
- Conducted audits and protective measures.
Dec 2018 - Dec 2019
1 year 1 monthBusiness Analyst/Subproject Manager
LBBW Stuttgart
- Built a new authorization management system with Garancy.
- Created functional concepts, did customizations and prepared corporate roles.
- Specified the 'Joiner, Mover, Leaver' processes.
- Supported recertifications and analyzed directory service data.
- Analyzed and developed implementation concepts for ECB audit findings.
Feb 2018 - Nov 2018
10 monthsIT Architect Treasury
Postbank System Bonn
- Developed a new IT architecture for ALM and issuance.
Mar 2015 - Jan 2018
2 years 11 monthsTeam Lead/Deputy Project Manager
DZBANK Frankfurt
- Migrated credit card accounts and IT landscape after WGZ integration.
- Set up risk management and test management.
- Performed analytical audit methods and live cutovers.
- Implemented PSD2 requirements including conceptual study and process implementation.
- Acted as test manager for SAP applications and securities processes, and addressed audit findings.
Jan 2000 - Dec 2015
16 yearsProject Manager/Multi-Project Manager/Scrum Master
Deka Bank
- Managed projects and implemented international regulatory requirements.
- Implemented new banking and payment systems.
- Implemented IAM systems with SoD considerations and optimizations.
- Introduced new accounting processes and liquidity management tools.
- Facilitated external audits.
Jan 1998 - Dec 2000
3 yearsBusiness Analyst
DVG
- Developed functional specifications for the requirements of the 6th KWG amendment in connection with specific applications.
Jan 1990 - Dec 1998
9 yearsCOO, CIO, Program Director, Head of Finance and Accounting
Banco di Napoli
- Led a team of 60 employees.
- Managed finance and accounting departments with strategic IT responsibility.
Languages
German
NativeEnglish
AdvancedItalian
AdvancedEducation
Lorem ipsum dolor sit amet
Business Administration · Rendsburg, Germany
Lorem ipsum dolor sit amet
Bank Clerk · Rüsselsheim, Germany
Certifications & licenses
IT Auditor
Financial Statement Auditor
Scrum Master
Need a freelancer? Find your match in seconds.
Try FRATCH GPT More actions
Similar Freelancers
Discover other experts with similar qualifications and experience
- English
- Deutsch
2025 © FRATCH.IO GmbH. All rights reserved.