Peter Dittkuhn - Project coordination, consulting, IT security, ISMS, NIS2, continuous improvement

Recommended expert

Callenberg, Germany

Experience

Sep 2025 - Present

5 months

Germany

Security Consultant

Municipal GmbH of the City Administration

Requirements management, process planning, interface function, ISMS setup and documentation
Establishment and implementation of an ISMS according to ISO 27001 and development of emergency management / ITSCM
Coordination of conditions with the authority's IT service provider
Considering KRITIS relevance in scope and implementing a B3S
Developing guidelines for document control and continuous improvement (CIP)
Creating relevant project documents
Analyzing existing processes and developing guidelines
Gathering requirements for ISMS and ITSCM and coordinating with the IT service provider including defining interfaces
Analyzing communication processes and escalation paths
Reviewing documents for risk management, ISMS, emergency prevention, and emergency response
Developing a complete rebuild of all documentation and creating new relevant documents
Developing necessary rules, policies, and concepts
Serving as an interface between the client and service provider to ensure document quality
Aligning protection needs with business units, especially regarding KRITIS relevance, and planning resulting measures
Developing preventive measures to minimize data center outages for scenarios like pandemics or ransomware attacks
Defining the test strategy for IT emergency drills
Initiating necessary training measures to raise awareness among business units

Dec 2024 - Mar 2026

1 year 4 months

Germany

IT Consultant

State Authority

Requirements management, process planning, interface function, project management, and project documentation
Implementing BCM at the Ministry of Finance and with the authority's IT service provider
Restructuring and revising emergency management / ITSCM considering KRITIS relevance
Introducing BSI basic protection 200-4 in a limited scope
Establishing interfaces and boundaries between BCM, ITSCM, and ISMS between the authority and service provider
Completely revising and restructuring emergency management documents
Developing guidelines for document control for BCM and emergency management
Analyzing the existing ITSCM process (BSI 100-4) and designing an adapted process according to BSI 200-4
Planning and documenting specific tasks in IT emergency management for implementation
Analyzing communication processes and escalation paths in IT emergencies
Conceptual revision of ITSCM template documents for emergency manuals
Checking existing emergency documents for completeness and traceability
Coordinating with business units to implement continuous improvement measures
Developing preventive measures to minimize data center outages for scenarios like pandemics or ransomware attacks
Revising the test strategy for IT emergency drills
Initiating training measures for IT emergency managers

Jul 2024 - Dec 2024

6 months

Germany

IT Consultant

Federal Authority

Requirements management, process planning, interface function, project management, and project documentation as Service Manager
Restructuring ITSCM in the context of implementing BCM and ServiceNow considering KRITIS relevance
Introducing BSI basic protection 200-4 and realigning relevant areas
Aligning interfaces between BCM, ITSCM, and ISMS
Introducing document control for ITSCM and reclassifying documents
Conducting a risk analysis for one of the existing data centers
Analyzing existing ITSCM and environmental processes
Designing a new ITSCM process and documenting specific tasks
Restructuring file storage for cross-access
Analyzing and revising communication processes and escalation paths
Conceptual revision of ITSCM template documents for emergency manuals
Reviewing existing emergency documents for completeness and quality
Coordinating with business units to implement continuous improvement measures from audits and IT emergencies
Aligning protection needs for TechnicalServices and ApplicationServices regarding KRITIS relevance
Developing preventive measures for scenarios like blackouts, floods, and ransomware attacks
Conducting market research and defining requirements for a standalone, redundant alerting system for IT emergencies
Revising the test strategy and follow-up of IT emergency drills for continuous improvement (PDCA)

Jan 2022 - Dec 2023

2 years

Germany

Security Consultant (ISB support)

Telekom / DTBS

Subproject management, project coordination, and requirements management within a certified ISMS (ISO 27001 according to IT basic protection 200-x)
Responsibility for the continuous improvement process (CIP), CAPA, and PDCA
Setting up and adjusting the central CIP in the ISMS (BSI basic protection) as a transparent interface
Developing processes, workflows, and interfaces of the ISMS in the information network connected to operational IT
Integrating ITIL V3 area CSI (Continual Service Improvement) from operations, as well as IT architecture and service management
Creating policies, concepts, and process descriptions
Implementing changes and workflows in JIRA
Recording, reviewing, and analyzing all audits, especially in IT emergency management and security incident management
Qualifying non-conformities and coordinating between service units and clients
Aligning interfaces to Verinice for importing measures from basic protection checks
Monitoring and tracking the implementation of all measures from the agreed action list (audits, implementation plan, risk management)
Checking implemented measures for effectiveness and quality assurance
Defining KPIs and metrics and implementing them in JIRA management dashboards
Contributing to building a lifecycle for document control in the ISMS

Nov 2019 - Dec 2021

2 years 2 months

Germany

Security Consultant (Internal Security Auditor)

Telekom / T-Systems

Subproject management, project coordination, and requirements management within a certified ISMS for a government network
Responsibility for CIP, CAPA, and PDCA in the context of BSI IT basic protection (100-x and transition to 200-x)
Planning and implementing a central CIP as a transparent interface in the information network
Developing policies, concepts, and process descriptions for the ISMS with interfaces to operational IT
Processing and analyzing all audits and qualifying non-conformities
Coordinating between service units in the ISMS and clients at the specialist level
Planning and commissioning the implementation of resulting measures in business units
Status reporting within the security organization and to stakeholders
Monitoring action tracking for deviations from audits and risk management
Regular coordination with ISB, emergency management, and change management
Conducting effectiveness reviews of implemented measures
Documenting instructions, reference documents, and reports
Providing operational support until the Certificate of Compliance (CoC) is achieved

Mar 2019 - Aug 2019

6 months

Germany

Project Manager

ITK-OnlineStore

Project management, requirements management and rollout planning for a Windows 10 deployment (approx. 700 clients)
Using SCCM deployments for software distribution
Adjusting the IT infrastructure to install deployment points
Defining, packaging and testing the required standard and custom software
Resource planning and acting as the interface between customers and internal service providers
Coordinating and managing external service providers
Stakeholder management to align differing interests
Planning service levels and providing status reports to the steering committee
Preparing sites and departments for the rollout, including training planning
Project management fully implemented in JIRA and Confluence

Jan 2015 - Dec 2018

4 years

Germany

Project Manager

ITK Service Provider (DB Energy Subsidiary)

Coordinating redundant telecom and VoIP infrastructure and services for control centers in a critical infrastructure environment (KRITIS)
Planning and designing custom solutions focused on telecom availability and security
Creating detailed requirement documents and redundancy concepts for 9 control center locations (high availability: complete failure of 3 sites without impact)
Developing guidelines for emergency preparedness, disaster recovery plans and manuals (ITSCM, BCM)
Developing security concepts for custom solutions, including call recording for evidential purposes, considering compliance and data protection
Planning and overseeing construction work in electrical, climate control and cabling to ensure high availability
Rack planning, procurement and coordination of network and application commissioning
Calculating power loads and cooling capacity for data center rooms
Incident escalation management and resolving rollout issues
Researching and testing VoIP multiline technology for control center systems
Advising the customer on tenders for infrastructure projects
Coordinating fault resolution in the telecom environment for the customer DBE

Jul 2012 - Dec 2014

2 years 6 months

Germany

IT Service Manager

ITK Service Provider (DB Subsidiary)

Service, requirements and escalation management for a VoIP rollout with approx. 100,000 ports at over 2,000 locations
Service and process design to ensure production and operational capabilities
Planning and coordinating service levels (SLA/OLA) for telecom services according to ITIL V3
Developing concepts for custom solutions for infrastructure adjustments and operational takeover
Acting as interface between project organization and regular operations
Order management and conducting service reviews
Coordinating cross-departmental procedures and collaborating with product management
Researching custom solutions for the removal of traditional telecom services after migrating to VoIP
Creating work instructions for providing and troubleshooting new products
Supporting the analysis of service outages in operational operations

Apr 2008 - Dec 2011

3 years 9 months

Germany

Deputy Infrastructure Project Manager

BWI

Infrastructure planning and project coordination within the Bundeswehr's Hercules project
Managing multiple projects to create secure infrastructure at a total of 103 sites in non-military environments (defense industry)
Assessing the current state of the network infrastructure and planning measures to achieve the target structure according to the technical concept and regulatory requirements
Planning cable routes, fire protection, active IP technology, UPS systems, climate control and rack setups (VoIP, WAN, LAN)
Taking into account IT security (BSI baseline protection) and guidelines from MAD and IT security officers
Developing security concepts for sites with high protection needs (confidentiality, integrity)
Selecting, contracting and supervising service providers for construction work
Planning building connections and low-voltage technology in IT rooms
Coordinating rollout and relocation activities, including status reporting
Reviewing invoices and approving construction and infrastructure services
On-site supervision of technical equipment works for small construction projects

Sep 2007 - Dec 2007

4 months

Germany

Consulting, Planning, Concept Development

Gesenkschmiede

Expanding the network for a new ERP system, including database servers
Upgrading servers for payroll and financial accounting
Updating the company’s entire security infrastructure
Specifying, capacity planning and product evaluation of hardware systems
Researching and comparing new technologies for security applications

Feb 2007 - Jun 2011

4 years 5 months

Germany

Lecturer

National Association for Elderly Care

Conducting training and seminars on data protection and data security
Conveying compliance requirements in the care sector
Raising user awareness for handling particularly sensitive data

May 2004 - Dec 2007

3 years 8 months

Germany

Project Manager

Closed-Die Forge Company

Advising, planning, and managing the overhaul of the entire IT infrastructure
Upgrading system technology and developing a security concept
Expanding the network infrastructure (TCP/IP) and setting up VPN for external access
Migrating the network to Windows XP and introducing a new mail system
Implementing a domain model with Windows 2003 Server and migrating all clients
Introducing a new backup library and associated software
Managing IT security and data protection, temporarily serving as external data protection officer
As-is/to-be analysis, product research, procurement, and vendor coordination

May 2002 - Apr 2004

2 years

Germany

Project Manager

Mechanical Engineering, Micro Spraying Technology

Advising, planning, and coordinating the team for expanding the network infrastructure
Switching branch office connections to VPN
Migrating the network to Windows 2000 (clients and servers) and introducing a mail system
Upgrading server hardware and implementing a new backup concept
Conducting successful VoIP test runs for internal and external use
Meeting the highest standards of IT security, data protection, and reliability
Planning and executing the complete IT relocation, including the data center, to a new site with minimal downtime

May 2001 - Apr 2004

3 years

Germany

Project Manager

Mechanical Engineering, Micro Spraying Technology

Designing and building a completely new server room infrastructure and network technology
Developing a security concept for the data center area and its connections
Implementing a gigabit backbone cabling and VoIP-ready twisted pair building installation
Configuring SwitchMesh for increased availability
Implementing multi-level backup strategies and rolling out a departmental/central server concept
Planning and commissioning an intelligent UPS protection system
Introducing Windows 2000 and various application software
Connecting branch offices via RAS services
Managing IT security and data protection

Jan 2001 - Jun 2001

6 months

Germany

Project Manager

Mechanical Engineering, Precision Threaded Spindles

Advising and planning a completely new server room infrastructure for network technology
Installing fiber-optic gigabit cabling in the backbone and VoIP-ready twisted pair cabling
Implementing building cabling in core areas with fiber-optics for extreme industrial environments
Configuring SwitchMesh for fail-safe connections
Selecting technology and products and overseeing implementation

May 2000 - Apr 2001

1 year

Germany

Project Manager

Mechanical Engineering, Micro-spray Technology

Planning a multi-server network including router connection to new branch offices
Designing a secure data processing system in 19-inch technology without direct user access to the hardware
Technology research, evaluation, and feasibility testing of secure IT systems
Coordinating the project with suppliers and service providers

Jul 1999 - Dec 2000

1 year 6 months

Germany

Project Manager

Waste Disposal and Freight Forwarding Group

Building a completely new corporate IT system in parallel to the existing network
Implementing a highly available fiber optic infrastructure across 14 buildings and connecting to the data center
Implementing gigabit meshing in the backbone (VoIP-capable)
Setting up a new server room with intelligent UPS backup
Setting up a multi-server network based on Windows 2000 Server for four companies in the group
Planning and implementing Active Directory and access concepts
Commissioning backup and recovery strategies based on Sony AIT libraries
Client rollout with Windows 2000 workstations and implementation of central fax and mail systems
Secure router networking of the four sites and VPN connections for branch offices
Creating a business continuity plan and organizational emergency planning
Documentation, support, and handing over the systems to the internal IT team

Mar 1998 - Dec 1999

1 year 10 months

Germany

Project Manager

Drop Forging Company

Planning a multi-server network including connecting all buildings and a secondary site
Setting up corporate IT based on Windows NT (workstation and server)
Installing the infrastructure with 100 Mbit Fast Ethernet cabling
Selecting and introducing various standard software and applications (MS Office, CAD)
Implementing firewall solutions, fax systems, and time tracking
Planning and implementing a backup concept

Mar 1998 - Dec 1998

10 months

Germany

Trainer

Largest Health Insurance Company in Bavaria

Conducting user training for Windows NT 4 and the entire Microsoft Office suite
Training in PC troubleshooting

Jan 1998 - Dec 2001

4 years

Reutlingen, Germany

Managing Director

Connect.IT GmbH

Managing staff as well as leading technical and sales departments for a team of 12 employees
Project management for various projects in training, technical, and organizational areas
Supporting medium-sized businesses primarily in the development and manufacturing sectors

Jan 1998 - Dec 1998

1 year

Germany

Project manager

Global network distributor

Project management and organization for setting up the network infrastructure for pan-European customers
Planning locations for building distribution points and installing active network components (hubs, switches, routers)
Monitoring system integration according to international company guidelines
Acceptance of construction work and coordination of commissioning
Project management for clients such as Ashland Oil and DiverseyLever in the DACH region

Sep 1997 - Feb 1998

6 months

Germany

Consultant

Insulation materials manufacturer

Planning and installation of the company's IT infrastructure based on Windows NT (workstation and server)
Replacing Novell NetWare and setting up a 100 Mbit Fast Ethernet cabling
Selection and installation of suitable application programs
Migration to MS Office and MS BackOffice
Preliminary planning for the introduction of CAD systems

Jun 1997 - Mar 1998

10 months

Germany

Consulting / network support

Facade paint manufacturer

Expanding the network infrastructure and systems technology
Maintaining a Novell network with three servers and 60 workstations
Setting up a leased line connection to the warehouse and a secure connection to the corporate headquarters
Building an NT network for external workstations using Cisco routers
Performing standardization, software rollout, inventory management, and license administration
Implementing connectivity for around 70 field staff
Installing a network-wide antivirus solution (Inoculan)

Jan 1997 - Apr 1997

4 months

Frankfurt, Germany

Instructor

Frankfurt investment bank

Employee training during the migration to Windows NT 4
Training on new office communication systems, including Outlook and the HP OpenMail server

Jun 1996 - Nov 1996

6 months

Germany

Assistant project manager

Renowned bank in the Rhineland

Planning and commissioning data transmission for reporting files of the Telekom stock issuance
Implementation via ISDN, FTAM, and FLAM according to banking standards with encryption and compression
Implementation of time-controlled processes for data return transmission and statistics
Setting up high-security measures and backup lines

Jan 1996 - Dec 2002

7 years

Germany

Lecturer

Siemens / DeTeCSM / AOK

Regular teaching assignments for various well-known companies and organizations
Conducting training sessions in IT technology, organization, and standard software
Sharing expertise on network systems and operating systems

Oct 1995 - Apr 1996

7 months

Germany

Project Manager

Mechanical Engineering, Micro Spray Technology

Consulting, planning, and setup of the company's IT environment based on Windows NT
Installing the infrastructure including 100 Mbit cabling (VG-Anylan and Fast Ethernet)
Selecting and implementing application programs, databases, and fax solutions
Transition to Microsoft Office and introduction of CAD systems

May 1992 - Dec 1993

1 year 8 months

Germany

Consultant

Automotive Supplier

Planning and commissioning of a graphic design center for automotive dials
Introducing a development and design system with scanning and digitizing functions
Replacing traditional drawing boards with a fully digital workflow
Selecting and installing exposure and output systems for production planning

Mar 1990 - Dec 1992

2 years 10 months

Geneva, Switzerland

Branch Manager Germany

Swiss company (Geneva)

Leading the German branch office for electronics production and CAD/CAM systems
Consulting and customer support for photoplotters, laser plotters (Zeiss/Wild technology), and test software
Planning system integration into business processes
Coordinating interfaces with external systems
Commissioning output systems in production planning

Jan 1988 - Dec 1990

3 years

Germany

Technical Manager

IT system house

Technical leadership in a newly founded IT system house
Responsibility for technical direction and customer projects

Jan 1986 - Dec 1988

3 years

Germany

Interface between development and production

Company for high-quality measurement technology

Tasks in the development and design of PCBs and electronics
Served as the interface between the development department and production

Jan 1984 - Dec 1986

3 years

Germany

Information electronics technician (apprenticeship)

DB

Jan 1982 - Dec 1984

3 years

Germany

Communications equipment mechanic (apprenticeship)

DB

Summary

Experienced freelancer (no temp agency) 35 years of professional experience in IT often in production (various), transport & logistics (rail), defense (Bundeswehr), ICT (telecom), public administration (various), among others.

IT security
Information security
ISMS
ISB
BSI basic protection
BCM
ITSCM
KRITIS
NIS2
ISO 27001
Project coordination
Interface coordination
Service management
Requirements management
Escalation management
Consulting & planning
Organization
Processes
(IT) documentation & administration
Continuous improvement
Quality
Infrastructure

Projects under GHB and SÜG welcome.

A detailed CV can be requested by email with contact details.

Skills

Project Coordination
Subproject Management
Project Management
Interim Manager
Scrum Master (Psm1)
Prince2
Escalation Manager
Requirements Management
Continuous Improvement
Csi
Qm
Capa
Nc
Lkvm
Soa
Rca
Migration Coordination
Migration Planning
Coordination Of Infrastructure Planning And Setup
Consulting
Data Security
Data Protection
Data Protection Officer
Data Protection Coordinator
Dsb
Bdsg
Gdpr
Information Security
It Security
It Security Officer
Isb (Information Security Officer)
Isms (Setup, Maintenance, Improvement)
Iso 27001
Iso 27002
It Basic Protection (Bsi 200-1, 200-2, 200-3)
B3s
Verinice
Bcm (Business Continuity Management)
Emergency Planning (Bsi 200-4)
Kritis
Nis-2 / Nis2umsucg
Cra
Dora
Bsig
Compliance
Itil
Itsm
Service Manager
Service Management
Change Management
Rollout
Migration
Relocation
System Technology
Asset Management
Procurement
Support
Helpdesk
It Documentation
Document Management
Guidelines
Policies
Concepts
Work Instructions
Analysis
Organization
Processes
Workflow
Raci Matrix
Stakeholder Management
Training
Training
Trainer
Rfid
Nfc
Iot
Committed
Resilient
Communicative
Strong Organizational Skills
Team Player
Able To Handle Conflicts
Analytical Thinking
Independent Working
Customer And Goal Oriented
Cross-functional Thinking
Tech-savvy
Loyal
Flexible
Persuasive
Self-motivated
Reliable
Hands-on Mentality
Project And Subproject Management
Project Coordination
Requirements Management (Requirements Engineering)
Recording Current States, Existing Hardware And Software, And Organizational Context
Analysis Of Current And Target States Including Evaluation (Requirements), Determining Needs, And Deriving Activities
Service, Requirements, And Escalation Management In A Line Organization
Needs Analysis And Requirements Gathering
Concept Development And Creation Of Technical Concepts With Technology Structure Considering It Security
Creation Of Operational And Service Documents
Project And Migration Coordination Including Reporting And Team Management
Interface Between Project Management And Supplier Control
Coordination With Line Departments And Organization (Status Jour Fixe)
Planning, Concept Development, And Project Management Of Extensions And Migrations To New Technologies And Systems
Drafting Planning Proposals And Creating Requirement Specifications
Planning, Design, And Implementation Of It Infrastructure Projects
Roi Analysis And Cost Estimates
Aligning Network Design And It Architecture With Business Units
Change Evaluation And Change Management
System Planning (Networks, Standard Software, Operating Systems, And Tools)
Product Selection With Performance And Cost Comparison, Considering Support And Expansion Options
Procurement Of Products And Services, Coordination Of Delivery And Contracts (Sla, Ola)
Project Coordination For Migrations And Rollouts Of New Systems
Standardization To Avoid Excessive Product Diversity (Organization, Processes, Documents, Technology)
Negotiating And Controlling Maintenance And Service Contracts Of External Providers (Provider And Supplier Management, Service Management, Processes, Sla, Ola, Lifecycle)
Coordination And Supervision Of Cabling Projects And Installation Of Network Components, Including Acceptance
Support For Procurement
Configuration Of Systems And Software Including Disaster Recovery Planning And Tests
Setup And Commissioning Of Systems (Rollout, Relocation, Migration)
Installation Of Applications Including Customizations
Consulting And Planning Including Ha Network Design, Testing, And Commissioning Of Solutions (Infrastructure, Cabling, Tcp/ip, Routing, Switching, Security, Technology, Systems, Voip, Software)
Conducting Technical Assessments And Reviews
Designing Effective Data Structures In Coordination With Users
Creating System Documentation (Planning, Operation, Service)
Rollout, Migration, And Relocation Of Systems, Servers, Printers, Ip Network Technology, Ups, Documentation
User Training In Standard Software And Operating Systems
User Support (1st Level, Partly 2nd Level, Uhd)
Service, Support, And Helpdesk (Users, Systems, Standard Software, Custom Software, Release Management, Asset Management)
Building Support And Technical Services
Inventory Of Hardware And Software (Asset Management) Including License Management
Coordination Of Subcontractors, Partly Spoc (Qm Control, Schedule Tracking)
Commissioning, Monitoring, And Acceptance Of Construction Measures (Infrastructure)
Developing Improvement Proposals Based On New Products (It Innovation)
Interface Between Business Units And External Service Providers
Stakeholder Management To Align Implementation Across Different Interests
Coordination Between Business Units And It Operations Units
Management Of Various Processes And Procedures, Ensuring It Operations (Bcm)
Reviewing Hardware, Software, And It Organization Against Security Policies
Determining Protection Needs, Risk Assessments, And Emergency Planning (Infrastructure, Systems, Software, Processes, Data)
Creating A Data Protection Concept And Manual, Implementing The Data Protection Concept
Creating Security Concepts And Audit Templates (Security Policy)
Implementing Security Policies In Collaboration With The Customer
Checking It Security According To Bdsg (Technical And Organizational)
Ensuring Compliance With Relevant Bdsg Regulations
Awareness Training And Consulting (Security Awareness)
Planning And Conducting Workshops And User Training
Implementing Isms And Bsi It Basic Protection (Structure Analysis, Protection Needs Assessment, Modeling, Basic Protection Check, Risk Analysis, Measures Evaluation And Implementation)
Realization Of Basic Protection Concepts And Security Concepts (Siko)
Consulting, Design, And Implementation Of Bsi Basic Protection (Isms And Risk Management)
Implementing Bsi Basic Protection 200-4, Revising Processes And Documents, Developing Interfaces
Subject-area And Theme-related Audits And Basic Protection Checks (Gscs)
Checking And Ensuring Legal Compliance (Compliance, Audit) In The It And Organizational Context
Taking On The Role Of External Data Protection Officer (External Dsb)
Service And Process Design For Workflows Within And Across Business Units To Ensure Production, Delivery, And Operational Capability
Kvp Manager
Implementation Of Measures
Documentation And Audit (Incl. Classified), Creating Manuals, Guides, Policies, Concepts, And General Documentation
Checking Requirements And Statuses, Controlling The Lifecycle
Creating Policies (Requirements) And It Concepts (Implementation Descriptions)
Planning And Developing Requirements And Supporting Implementation Of Document Control In Bcm And Emergency Management (Itscm)
Consulting And Training In Data Protection, Data And It Security, Compliance, Concept Development, Internal Audits, And Awareness