Thoralf Thorson - Consultant Digital Operational Resilience Act (DORA)

Bad Vilbel, Germany

Experience

Apr 2023 - Jun 2023

3 months

Berlin, Germany

Consultant Digital Operational Resilience Act (DORA)

Swisslife Deutschland GmbH

Project language English
DORA gap analysis / mapping to CIS Control V7.0
Auditing CIS evidence of the SOC providers T-Systems Austria / Cancom GmbH
Mapping VAIT / ISO/IEC 27002 / CIS 7.0 requirements for IT realignment
Strategy for the German subsidiaries in threat intelligence and zero trust
Assessment of the IT network architecture
Review of SIEM evidence / reporting / incident management / security breaches
Review of IT asset management regarding ITSCM / BCM processes
Employee awareness measures / compliance training (focus on CEO fraud)
Consulting for the Chief Information Security Officer (CISO)

Oct 2022 - Apr 2023

7 months

Hoisdorf, Germany

Interims Information Security Officer (ISO)

BRUSS Sealing Systems GmbH

Support for the BRUSS group, TISAX re-certification
Defining the ISMS scope for the corporate group and international rollout
Creating an IT security concept with policies, process descriptions and technical security baselines (admin work instructions)
Expanding risk management according to ISO/IEC 27005
Location-based statements of applicability (SoA) per VDA ISA 5.1
Implementing the Sophos XDR platform for global network monitoring
Guidelines for document control and network documentation (Docusnap)
Employee awareness measures (training kit, phishing tests)
Reporting matrix / process flow for handling security incidents
Reviewing the cyber insurance policy, updating obligations
Conducting pen-tests with Nessus and PingCastle and building management reports
Preparing and running certification audits (group assessment)
Training internal ISO and building an ISMS coordinator structure

Mar 2022 - Sep 2022

7 months

Stuttgart, Germany

Business Continuity Manager

Landesbank Baden-Württemberg

DORA requirements for the BCM structure according to BSI Standard 200-4
Supporting the BCM project team in operationalizing resilient ICT systems and tools within the BCM target picture
Revising and improving BCM objectives and relevant documents (RL document review)
Streamlining PLK process clusters to increase BIA efficiency
Supporting the expansion of BCM reporting for foreign branches
Continuous monitoring of all ICT risk sources to set up safeguards and prevention measures and detect anomalies immediately
Introducing comprehensive business continuity policies and emergency recovery plans, including annual tests
Raising DORA know-how among project team, risk managers and outsourcing officers
Risk-based exercise and test plan over a multi-year cycle

Jun 2021 - Dec 2021

7 months

Munich, Germany

KRITIS Auditor BSIG §8a

ADAC Versicherungen AG

Supporting the CISO with audit preparation for DORA / IT Security Act KRITIS
Gap analysis of KRITIS documentation per ISO/IEC 27001 for the October 2021 audit
Fulfilling document requirements for the VAIT review in February 2022
Developing information security and BCM – creating policies, documentation and emergency concepts
Assisting the CISO / creating a target picture for the cyber security strategy
Drafting a crisis communication plan for ICT incidents with a reporting matrix
Liaising with IT teams and IDS provider Trend Micro (TippingPoint)
Adding risk assessments for ICT service providers
Reviewing the DMS IT contract management with fido
Reviewing compliance processes per IDW PS 980 ff.
Documenting VAIT / DORA requirements in IRIS
Running phishing training campaigns

Mar 2021 - Apr 2021

2 months

Hanover, Germany

KRITIS Auditor BSIG §8a

Finanz Informatik GmbH & Co. KG

Preparing for the BaFin assessment – document review
Reviewing security concepts, structure analyses and procedure descriptions using an internal checklist with a team of six auditors
Checking product docs for availability, authenticity, integrity and confidentiality of systems/rooms and third-party interfaces/dependencies (SLA)

Feb 2020 - Feb 2021

1 year 1 month

Wiesbaden, Germany

Interim Information Security Officer (ISO)

Bertelsmann AFS

Arvato Financial Solutions (RM AFS Bertelsmann/Experian)
Third-party audits BAIT/VAIT
Supporting the legal officer and compliance in BAIT / VAIT client audits
Gap analysis of Bertelsmann IT security policies and implementing Experian policies
ISO 27001 re-certification of Informa HIS GmbH
ISMS alignment of BAIT/VAIT client requirements with CMDB / SIEM
Assisting the Experian post-acquisition security audit (PASA)
Handling PASA findings across all six AFS companies
Auditing risk impact analyses in all six AFS companies

Jan 2020 - Mar 2020

3 months

Berlin, Germany

IT Security Manager / Lead Auditor ISO/IEC 27001

Berliner Luft Technik GmbH

Gap analysis and PDCA cycle of the ISMS
IT security inventory
Immediate measures after risk assessment using the BSI all-hazards approach (200-3)
Checking asset inventories and protection requirements
Network analysis and vulnerability report with NESSUS
Creating IT security policies and procedures (network security, patch, incident management, home office, MDM, emergency plan)
Reviewing the HISCOX cyber insurance and the emergency service provider HiSolution GmbH
Short GDPR audit: reviewing technical and organizational measures (TOM)

Dec 2019 - Dec 2021

2 years 1 month

Frankfurt am Main, Germany

External Data Protection Officer, Real Estate Management

Gateway Real Estate AG

Advising two public companies and one GmbH within a holding
GAP analyses of existing GDPR implementation
Creating data protection documentation by company size/legal form
Data protection training for staff and handling data subject requests
Phased rollout of key processes: AVV, VV, deletion concept

Aug 2019 - Dec 2020

5 months

Heilbad Heiligenstadt, Germany

Interim Information Security Officer (ISO)

Design in Form GmbH

Hands-on ISMS implementation for TISAX certification “Information Very High”
Gap analysis of existing ISMS and GDPR measures – network analysis with Nessus and report on critical findings
Creating the ISMS documentation and defining security zones
Introducing asset management, risk management and a measures catalog
Implementing IT controls from the VDA catalog to achieve maturity goals
Training internal ISO and running a pre-audit ISMS
Taking over external data protection officer tasks

Feb 2019 - Jun 2019

5 months

Leipzig, Germany

IT Security Manager / BAIT

Sparkasse Leipzig, S-Beteiligungsgesellschaft mbH

Adapting Sparkasse Leipzig’s information security concepts to meet MaRisk and BAIT
Aligning with the “Secure IT Operating Model, Financial Informatik variant” and matching BAIT requirements to internal IT security policies
Creating documents for risk management and BCM requirements: physical concepts, location, room factors, building
Business continuity emergency plans and operational concepts
Documents for change and release management; secure administration, system and network management

Jan 2019 - Apr 2019

4 months

Munich, Germany

KRITIS Auditor per § 8a BSIG

Flughafen München GmbH (MUC)

Reviewing and improving ISMS documents per BSI Standard 100-4
Checking ITIL / BSI Standard implementation of BCM and change management
Reviewing BCM and CM documentation and system manuals for Linux, Windows, macOS environments and CCTV
Verifying emergency scenarios and management per BSI Standard 100-4 and BS 25999 (aviation)

Jul 2018 - Jan 2019

7 months

Berlin, Germany

IT Security Manager

DomConsult Immobilien GmbH

Implementing ISMS measures per ISO/IEC 27001
Creating IT guidelines, policies and procedures
Meeting ISO control requirements
Developing business continuity standards (Business Impact Analysis)
Conducting Risk Impact Analysis and risk treatment plans
Advising on and deploying Symantec Endpoint Protection

Apr 2018 - Jun 2018

3 months

Berlin, Germany

IT Security Consultant

init AG

Conducting structure and protection needs analyses
Determining protection needs for database applications
Assigning protection needs categories per database based on availability analysis
Drawing conclusions for risk management
Securing networks through segmentation and data channels

Apr 2018 - May 2018

2 months

Berlin, Germany

Data Protection Advisor

Charité Berlin

Auditing data processing contracts (AV)
Assessing GDPR documentation standards of Charité Berlin’s service providers
Reviewing GDPR implementation using a checklist
Checking internal data flow policies (intranet, USB sticks)
Conducting short interviews with management and staff
Producing a list of deficiencies and an audit report

Mar 2017 - May 2018

1 year 3 months

Berlin, Germany

ISMS and Data Protection Trainer

Cyber Akademie Berlin

“ISMS Processes and ISMS Tools Compared”
“Risk Areas and Implementation Priorities of the EU GDPR”
“Live Phishing Campaigns for Employee Awareness”

Dec 2015 - Aug 2017

1 year 9 months

Hamburg, Germany

Perimeter Architect

NDA

Designing a passive ground detection system using HF detection cable
Creating a perimeter protection concept and deploying a detection system for complex outdoor sites
Developing an “Outer Perimeter” protection plan
Threat and vulnerability analysis in hilly outdoor areas
Civil and site planning for fiber optic mats
Installing 800 m detection line with 30 alarm zones (leakage coax cable tech)
Testing and trial run of the detection system
Writing security guidelines for IT integration
Creating an operations manual and training staff