Program and Project Manager / Internal Auditor / CISO

The replacement of the existing archive system (document management system – DMS) on a host-based platform is well advanced.

The internal audit is meant to ensure the company's quality standards.

GDPR

ISO 27001 ff.

BSI

DORA

Patient data regulations

Host / Cloud / S3 / Container / highly scalable / Nuxeo

Budget: 50,000

Team: 1

Due to the merger of LBS South-West and LBS Bavaria, the requirements for KRITIS (critical infrastructure) / DORA in the financial sector now must be met.

The merger is under time pressure due to upcoming audits, and the existing structures and documents are now being merged and the enterprise architecture is being established in this context.

Consolidation of ICT enterprise architecture

Introduction of AI-supported input management

Introduction of AI-supported information management

Introduction of new network infrastructure (IaC principle)

Introduction of AI-based voice assistance

Introduction of DWH & regulatory reporting

Harmonization of document management systems (DMS) across different companies

Security management system

Windows 11 hardening

Policy revision

Process design

ARC42 (Archimate), modeling of end-to-end processes with compliance requirements in mind

Introduction of automated controls

Designing a UAT standard process

AI support for process optimization

Introduction of Azure Cloud for: governance SLA management / IAM / security (firewalls / WAF / PGP / documentation & processes) / workplace (Win 11) / field service / Exchange (mail / users and roles) / voice (Teams & fax) / print / SAP / UHD

GDPR

KRITIS

ISO 27001 ff.

BSI

Banking regulations

DORA

BSI basic protection compendium

ARC42

Multi-cloud environment (Azure / AWS / private cloud / on-prem)

DMS - DOXIS

Microsoft Azure Cloud

SharePoint

Budget: 250,000 / 500,000

Team: 3 / 10

The requirements for the Bavarian Medical Service have greatly increased due to electronic patient records, e-prescriptions, and more.

The increased dependence on service providers and their services requires revising existing processes and access strategies in a multi-cloud approach.

Pursuing a strategy for single sign-on / onboarding / RBAC for service providers, considering the higher monitoring requirements.

Unstable strategy caused by new legislation and time pressure from late approvals.

Legacy implementations with limited scalability.

NIS2 requirements for infrastructure and processes.

Extended BSI basic protection.

Active Directory (user and role model / IAM)

Monitoring (revision of the current solution)

Cisco upgrade (test concept – release planning and execution for 30 locations)

Firewall concept

Onboarding of external staff (BPMN)

NIS2

GDPR

KRITIS

ISO 27001 ff.

BSI

RACI model

CISCO

Active Directory

Fortinet Firewall

Budget: 50,000

Team: 1

Opening the marketplace to third-party providers.

Maintaining existing ERP systems and creating new ERP systems for third-party providers.

Ensuring consistency in order management.

Transitioning the IT landscape to an event-driven design approach.

Introducing new payment processes and billing for mixed orders.

Managing 9 Scrum teams to catch up on delays.

Scrum

NIS2

GDPR

KYC

Mirakel

SAP S/4 Retail

SAP Cloud

Google Cloud

Kafka

ASAPIO

NiFi

PayPal Hyperwallet (ESCROW)

Budget: 600,000

Team: 81

IT service provider for the state of Hesse for police, judiciary, tax offices, and public administrations.

Supporting the federal initiative for the cross-government provision of cloud services.

Architectural support for Azure topics & on-premise

Azure AD login (incl. B2C)

DESTATIS (Federal Statistical Office)

SchwebNet system for severely disabled applications

Implementation of HöMS (Hessian University for Public Management and Security)

Export license for medical products

Aerial image analysis for ordnance disposal

Security portal

FIDO2 implementation

Code signing

SKAT (radiation protection registry)

Winegrower's register

Dike register

Robotic process automation (RPA)

Housing benefit, OSCI, Ekom21, Moodle, address service, aviation security, accreditation database

Implementing a service provider model based on hyperscaler standards.

Strong dependencies on cross-state measures.

Waterfall / TOGAF / V-Model / Kanban

KRITIS

ISO 27001 and related standards

BSI

EIOPA

MaRisk

GDPR

Linux

Kubernetes

Azure AD

Azure B2C

Hadoop

Cloudera

Networking

ADOit

EAM

Nextcloud

Alfresco

Budget: 400,000

Team: 8

Established a near-time solution for fraud detection and customer tracking using Flink / Cassandra (NoSQL) on OpenShift.

Managed objectives for 4 Scrum teams.

Operated the Hadoop cluster in parallel during the rollout of the new solution.

Introduced DevOps based on Ansible / GIT.

Reviewed the use of Terraform.

Redesigned firewall rules for domain segmentation and load balancing with F5.

Supported the migration of over 400 VMs to SCS (Self Contained Services).

Assessed switching from direct attached storage to Ceph.

Created new role definitions for the CMDB.

Implemented a data model according to GDPR (BDSG) for the banking app to strengthen IT General Controls (ITGC) and business controls.

Scrum

Kubernetes

OpenShift

Cassandra

Flink

Kafka

Jupyter Notebook

S3

ELK

Azure

IaaS

PaaS

SaaS

MicroServices

Self Contained Services (SCS)

CyberArk

Keycloak

Budget: 1,000,000

Team: 6

Created a suitable message bus (Kafka) and a monitoring solution for log events (ELK stack).

Separated business events from log events.

Made the strategic decision for OpenShift on bare metal / ELK as a container solution.

Implemented fully automated provisioning.

Developed a metadata model for logging to strengthen IT General Controls (ITGC) and business controls.

Met high demands for scalability, transaction security, and regulatory requirements.

Scrum

Kafka

ELK Stack

Kubernetes

OpenShift

Docker

Kibana

IaaS

PaaS

SaaS

CyberArk

Budget: 2,100,000

Team: 5