Thomas Bössl

Consultant

Avatar placeholder
Raubling, Germany

Experience

Jan 2024 - Jan 2025
1 year 1 month

Consultant

Berliner Verkehrsbetriebe

  • Advised on implementing the BSI KRITIS regulation within the digital radio system for the subway
  • Modeled the system network according to BSI standards
  • Prepared for certification
  • Budget: n/a, 10 internal employees
  • Tools / Methods: ISO27001, KRITIS, EU-DSGVO, BDSG, BSI-GS, NIS2, B3S
Aug 2023 - Feb 2024
7 months

Consultant

Bechtle AG

  • Advised clients on GDPR, BDSG (new version) and cybersecurity regulations
  • Assisted with implementation and integration of GDPR, BDSG (new version) and cybersecurity measures
  • Developed strategies for implementing GDPR, BDSG (new version) and cybersecurity
  • Budget: n/a, 10 internal employees
  • Tools / Methods: ISO27001, KRITIS, EU-DSGVO, BDSG, BSI-GS, NIS2
Apr 2023 - Jul 2023
4 months

Consultant

Deutsches Krebsforschungszentrum

  • Implemented an ISMS for a cross-border international project across universities/DKFZ for the genome registry
  • Integrated artificial intelligence for analysis
  • Budget: €2 million, 2 external / 25 internal
  • Tools / Methods: ITIL, PMP, ISO 27001, EU-DSGVO, BDSG, BSI Grundschutz, IT security regulation for critical infrastructures, AI, NIS2
Nov 2022 - Apr 2023
6 months

Service Manager

Bundesdruckerei TDS Berlin

  • Service management for the administration digitization project, specifically digitizing the organ and tissue donation registry
  • Built the service organization
  • Drafted contracts with the public client
  • Budget: €50 million, 20 external / 10 internal
  • Tools / Methods: ITIL, PMP, ISO 27001, EU-DSGVO, BDSG, BSI Grundschutz, IT security regulation for critical infrastructures, AI, NIS2
Sep 2022 - Oct 2022
2 months

Consultant

Europäische IT-Consulting und Beratungsgesellschaft

  • Advised on cybersecurity topics and securing them with insurance companies
  • Assessed operational risks and possible failure scenarios as well as damage impacts on clients
  • Budget: n/a
  • Tools / Methods: ISO27001, EU-DSGVO, BDSG, BSI Grundschutz, IT security regulation KRITIS, NIS
Jan 2022 - Aug 2022
8 months
Stuttgart, Germany

Consultant

Stuttgart State Authority

  • Advising the technical director's staff on cybersecurity topics
  • Supporting departments in re-certification under BSI IT Baseline Protection / ISO 27001
  • Creating cross-agency security guidelines within architecture management
  • Creating and changing processes using SIGNAVIO²
  • Supporting penetration tests and vulnerability analyses
  • Budget: €3M, 5 external / 30 internal
  • Tools / Methods: ITIL, PMP, ISO 27001, GDPR, German Federal Data Protection Act (BDSG), BSI IT Baseline Protection, IT Security Regulation for Critical Infrastructures, NIS
May 2017 - Dec 2021
4 years 8 months
Ismaning, Germany

Deputy Overall Project Manager

Manufacturer of dispatch control systems for public safety agencies

  • Leading the "ELKOS" project for the Austrian Federal Ministry of the Interior to create a dispatch control system for the Federal Police, Federal Criminal Police Office, and Domestic Intelligence Service
  • From 2020, taking over project management for a state police agency
  • From 09/2020, deputy project manager for the central dispatch control system of Rhineland-Palatinate (police/fire department/rescue)
  • Budget: €30M, 30 external / 10 internal
  • Tools / Methods: ITIL, PMP, ISO 27001, GDPR, German Federal Data Protection Act (BDSG), BSI IT Baseline Protection, IT Security Regulation for Critical Infrastructures, AI, NIS
Sep 2016 - Apr 2017
8 months
Stuttgart, Germany

Project Manager

Finanzinformatik IT-Solutions Stuttgart

  • Leading the "Data Center Relocation" project to move all workstations and employees to the new location
  • Creating time and task schedules as well as timelines
  • Coordinating with clients (LBBW, DWP) regarding IT security guidelines, MaRisk, and ECB requirements
  • Complete planning, documentation, and adaptation to the BSI IT Baseline Protection manual
  • Change management for existing processes and approvals
  • Budget: €15M, 10 external / 10 internal
  • Tools / Methods: ITIL, PMP, ISO 27001, GDPR, German Federal Data Protection Act (BDSG), BSI IT Baseline Protection, MaRisk, IT Security Regulation for Critical Infrastructures, NIS
Mar 2016 - Aug 2016
6 months
Berlin, Germany

Project Manager

Vodafone KabelDeutschland

  • Leading the data center relocation of all applications and servers in Berlin
  • Creating time and task schedules and timelines
  • Preparing and logging change requests
  • Creating written notifications about changes for affected departments
  • Complete planning, documentation, and adaptation to the BSI IT Baseline Protection manual
  • Change management for existing processes and approvals
Nov 2015 - Jan 2016
3 months

Project Manager

IT Service Center, Bavarian State Government

  • Supporting certification according to BSI IT Baseline Protection / ISO 27001
  • Implementing the BSI IT Baseline Protection catalog
  • Creating checklists and action instructions for operations
  • Expanding operations and installation manuals for SAN infrastructure (FC, NAS)
  • Developing emergency drills and creating emergency documentation
  • Security policy for Fibre Channel networks
  • Implementing and documenting an account structure with personalized admin accounts
  • Designing concepts for storage networks (SAN/NAS) based on availability, confidentiality, and integrity
  • Budget: €0.5M, 1 external / 8 internal
  • Tools / Methods: VMware, Windows, Linux, NetApp, HDS, Brocade, ITIL, PMP, ISO 27001, BSI IT Baseline Protection
Sep 2014 - Oct 2015
1 year 2 months
Fürstenfeldbruck, Germany

Project Associate

Systemhaus Fürstenfeldbruck

  • Planning and executing the relocation of a high-availability data center after hardware and software consolidation
  • Implementing a procedure directory according to BSI IT Baseline Protection
  • Separating security policies for contract data processing
  • Training employees with access to personal data
  • Budget: €1M, 3 external / 2 internal
  • Tools / Methods: VMware, Citrix, Windows, Linux, NetApp, Cisco, Fujitsu, HP, IBM, ITIL, PMP, ISO 27001, BSI IT Baseline Protection
May 2014 - Aug 2014
4 months
Berlin, Germany

Project Manager

Öffentlicher Auftraggeber Berlin

  • Planning and building a data center in Libya
  • Creating SLAs for Dubai
  • Implementing internal security policies in line with BSI recommendations
  • Developing an action matrix and training materials for on-site staff
  • Budget: n/a
  • Tools / Methods: VMware, Windows, Linux, Cisco, HP, ITIL, PMP, ISO 27001, BSI IT Baseline Protection
Nov 2013 - Mar 2014
5 months
Stuttgart, Germany

Project Manager

Gesundheitswesen Stuttgart

  • Planning and executing data center consolidation
  • Implementing procedure directories according to ISO 27001 and the BSI IT Baseline Protection Manual
  • Physically separating patient data, personnel data, and general data
  • Creating an emergency plan
  • Budget: €2M, 3 internal
  • Tools / Methods: ITIL, PMP, BSI IT Baseline Protection, VMware, Windows, Linux, Cisco, HP, IBM
Dec 2012 - Nov 2013
1 year
Munich, Germany

Project Manager

Nachrichtentechnik München

  • Planning, building, and integrating radio tracking and monitoring systems for the military and intelligence services
  • Developing role and access concepts to ensure data availability
  • Implementation according to ISO 27001: emergency plan, backup concept, and access control concept
  • Budget: €45M, 12 internal
  • Tools / Methods: PMP, ITIL, BSI IT Baseline Protection, VMware, Linux, Windows, HP, IBM
Jul 2012 - Nov 2012
5 months
Zürich, Switzerland

Project Manager

Telekommunikation Zürich

  • Planning and managing IPv6 readiness, credit check, and self-service portal
  • Implementing the security concept according to ISO 27001, including emergency preparedness
  • Designing a fraud prevention concept
  • Budget: €25M, 5 external / 4 internal
  • Tools / Methods: PMP, ITIL, ISO 27001, VMware, Cisco, Infoblox
May 2012 - May 2012
1 month
Nuremberg, Germany

Project Manager

US Hardware/Software Manufacturer

  • Review and costing of a tender for the German Patent and Trade Mark Office
  • Budget: €5M, 1 internal resource
  • Tools / methods: PMP, ITIL, VOL/VOB, VMware, NetApp, IBM, Cisco
Jan 2012 - Mar 2012
3 months
Fürth, Germany

Project Manager

International System House Fürth

  • Planning and implementation of a 20-petabyte storage expansion
  • Co-planning of the security concept and emergency preparedness
  • Creating a processing inventory and classifying systems into protection classes
  • Establishing appropriate support structures
  • Budget: €80M, 10 internal / 10 external
  • Tools / methods: PMP, ITIL, BSI basic protection, NetApp, Brocade
Jun 2011 - Dec 2011
7 months
Munich, Germany

Technical Project Manager

Munich Security Authority

  • Feasibility study for the introduction of digital radio
  • Planning and operation of the technology and integration according to BSI and BDBOS guidelines
  • Planning of external access for civilian police vehicles according to ISO 27001
  • Security concept for digital radio devices and SIM cards
  • Budget: €3M, 2 internal / 10 external
  • Tools / methods: ITIL, PMP, V-Model XT, BSI basic protection, BDBOS, ISO 27001, Tetra, HP, IBM, VMware, Windows, Linux
Jan 2009 - Apr 2011
2 years 4 months
Münster, Germany

Project Manager

Telecommunications Münster

  • Concept, planning and implementation of new storage deployment
  • Security concept and classification of storage systems (personal / general)
  • Planning of a processing inventory
  • Crisis planning (emergency preparedness) and high availability with three geo-redundant sites in a DWDM cluster
  • Budget: €30M, 8 internal / 8 external
  • Tools / methods: PMP, ITIL, BSI basic protection, EMC, NetApp, IBM, HDS, SUN
May 2007 - Dec 2008
1 year 8 months
Munich, Germany

Project Manager

Network Equipment Provider Munich

  • Planning, configuration and delivery of systems for telecommunications surveillance for national and international intelligence services
  • Hardening of the systems (intrusion prevention/protection)
  • Security concept and training of operational staff
  • Data loss prevention concept and audit-proof data retention
  • Budget: €2–15M, 1–4 internal / 2–6 external
  • Tools / methods: PMP, ITIL, BSI basic protection, ISO 27001, NetApp, Fujitsu, HP, IBM, Brocade, Cisco

Skills

  • Collaborated With Cross-functional Teams To Carry Out Regular Security Audits And Implement Required Controls To Ensure Compliance With Industry Standards And Regulations.
  • Conducted Network Penetration Tests To Identify Vulnerabilities And Potential Security Risks.
  • Developed And Implemented Robust Security Measures, Including Firewall Configurations And Intrusion Detection Systems, Resulting In A 30% Reduction In Network Breaches.
  • Performed Comprehensive Security Testing Of Web Applications To Ensure Protection Of Sensitive Information.
  • Led The Automation Of A Vulnerability Assessment Framework For Network Device Configurations To Streamline Security Protocols And Improve Efficiency.

Languages

German
Native
English
Advanced

Education

Lorem ipsum dolor sit amet

Diploma · Business Informatics

Certifications & licenses

IT Baseline Protection Consultant according to BSI Standard

Cyber Security Practitioner (CSP BSI Certification)

VdS Recognized Consultant for Cybersecurity

DEKRA Certified Data Protection Officer

DEKRA Certified IT Expert

DEKRA Certified IT Forensics Specialist (Mobile Devices)

DEKRA Certified IT Forensics Specialist (Windows)

Project Management Professional (PMI/PMP)

Certifications MCT, MCPSE, MCSE, MCTIP

Project Management

Telecommunications Engineering

Brocade Fibre Channel Administration & Theory

NETAPP Data Protection & High Availability (Metro Cluster)

Successful Negotiation in Arabia

NETAPP Basic Data Ontap

Need a freelancer? Find your match in seconds.
Try FRATCH GPT
More actions

Similar Freelancers

Discover other experts with similar qualifications and experience

Björn Bausch
Björn Bausch

Project Manager NIS-2

View Profile
Nikolaus Betzler
Nikolaus Betzler

ICT Risk Management and Information Security

View Profile
Christian Decker
Christian Decker

Managing Director and Senior Consultant

View Profile
Oliver Frömel
Oliver Frömel

Senior IT Enterprise Security Architect | Project Bank Migration

View Profile
Tobias Greiner
Tobias Greiner

Head of IT D-A-CH (CIO)

View Profile
Daniel Jüntgen
Daniel Jüntgen

Information Security Consultant

View Profile
Alagi Mansaray
Alagi Mansaray

Senior Project Manager S4HANA in the energy sector

View Profile
Stephan Selnerat
Stephan Selnerat

IT-Security Manager

View Profile
David Bleyer
David Bleyer

Acting Partner

View Profile
Hakan Kisa
Hakan Kisa

Senior IT Manager & Project Manager

View Profile
Alexander Sänn
Alexander Sänn

Owner and Managing Director

View Profile
Klaus Kilvinger
Klaus Kilvinger

Consultant and Trainer, Managing Partner

View Profile
Günther Eufinger
Günther Eufinger

Senior Consultant

View Profile
Lucas Garzarolli
Lucas Garzarolli

Business Consultant

View Profile
Peter Fleischer
Peter Fleischer

Subproject Manager and Solution Architect - Microsoft 365 Transformation

View Profile
Matthias Steinmann
Matthias Steinmann

Senior Consultant Security (freelance)

View Profile
Sascha Leitner
Sascha Leitner

CEO

View Profile
Stephan Heinsius
Stephan Heinsius

Consultant

View Profile
Stephan Lewering
Stephan Lewering

Managing Director

View Profile
Friederike Balaz
Friederike Balaz

Information Security Manager

View Profile
Christian Gebhardt
Christian Gebhardt

Deputy Chief Information Security Officer

View Profile
Jörg Iffländer
Jörg Iffländer

External Information Security Officer

View Profile
Maxim Ribakowski
Maxim Ribakowski

Information Security Officer

View Profile
Thomas Ullrich
Thomas Ullrich

Senior Consultant / PM Infrastructure Services & Workplace Migration

View Profile
Thomas Kupfer
Thomas Kupfer

Consultant/Coach ISO/SAE 21434 / UNECE R-155

View Profile
Thomas Martini
Thomas Martini

Consultant / System Administrator / IT Analyst

View Profile
Frank Joraschkewitz
Frank Joraschkewitz

Lead Project Manager

View Profile
Jörg Hoffmann
Jörg Hoffmann

Managing Director; Data Protection Officer; Information Security Officer

View Profile
Henryk Orantek
Henryk Orantek

Security Consultant

View Profile
Julian Voje
Julian Voje

Project Lead Change the Bank

View Profile