Security project manager for access management & authorization in a cybersecurity task-force program to mitigate red team report findings including:

• Analysis of existing policies, architecture- and access management landscape
• Preparation of deep-dives and workshops to understand customer and stakeholder requirements
• Vendor analysis & implementation support of passwordless solution
• Expanding use of MFA for all admins while providing simplified login (passwordless)
• Planning and implementation of automated detection and remediation of compromised credentials on dark web
• Analysis and adaption of PAM solution (CyberArk) to eliminate bypassing and enforce time based access
• Enforcement of Least Privilege and 4-Eye principle for AD admins
• Planning, creating and conducting workshops for relevant stakeholders to drive team into desired project status
• Strengthing of AD configuration by following industry best practices
• User communication and awareness
• Management presentations to report program progress

SME for Security Architecture in the SAFe landscape performing analyses of security status on ART level and development of security architecture artefacts on Capability, Large Solution and Platform level including:

• Analysis of the DevSecOps process in all ARTs of a digitalization department
• Identification of decision points for security issues in the DevSecOps process
• Analysis of the decision levels in the SAFe framework (products, ARTs, solution, portfolio)
• Analysis of decision-making bodies and participants
• Alignment of architecture and security artefacts on all levels
• Analysis of overlaps between architecture and security artefacts
• Identification of decision points for Architecture topics
• Analysis of decision levels in the SAFe framework (products, ARTs, solution, portfolio).
• Analysis and linking to the Domain Model / Architecture Target Landscape
• Depiction of the dependencies between architecture and IT security
• Development of security guidelines for architecture, etc.
• Creation of result and management presentations

Security champion for cloud-based digitalization products performing enablement of product teams, creation and implementation of processes including:

• Analysis of existing policies, security standards and blueprints
• Interviews with different stakeholders to evaluate security status in products to adapt project plan
• Gap analysis
• Adapting of project plan based on risk assessment and gap analysis. Priorizitation by using OWASP Top 10 Cybersecurity risks as a reference
• Support with moving legacy application to cloud (AWS)
• Development of secure coding guidelines, static code analysis and dynamic code analysis by using different tools (SonarQube, BlackDuck, Prisma, ?)
• Communication interface between development teams and central cybersecurity (business- and operations side)
• Conducting of workshops to raise awareness on team level and sharpen understanding of responsibilities
• Development of shared responsibilities and RACI-matrix
• Improvement of security standards and blueprints including feedback loops from development teams and central cybersecurity
• Plan and implementation of suitable knowledge management
• Roll-out of new standards, processes and blueprints and enabling of development teams for following topics (excerpt):
  • User Access Management
  • Incident Management
  • Business Continuity Management
  • Asset Management
  • Hardening
  • Backup & Recovery
  • Patch & Vulnerability Management
  • ?Logging ?and Monitoring (SIEM)
• Support for audit preparation and execution
• Presentation of results on management level to raise awareness about security status

Design and implementation of a security strategy as part of a sales process redesign program involving 1.200 employees including:

• Definition of KPI?s and OKR?s
• Implementation and optimization of Quality Gates on platform level
• Recurring awareness sessions for different stakeholders (management, PO?s, security responsibles, ?)
• Preparation and conduction of workshops for different purposes and audiences
• Communication interface between different stakeholders and departments and alignment of interests
• Design and formulation of security announcements for publication on the social intranet
• Analysis of existing security tools and AWS services
• Alignment of an appropriate security toolchain (BlackDuck, SecHub, Habor, AWS Services, ?)
• Central cybersecurity communication and presentation support
• Development of central documentation strategy
• Creation of central documentation for everyone who wants to onboard on platformModeration of regular security guild meetings including management of topics and guest speakers

Development and implementation of an ISMS in accordance with TISAX requirements including:

• Assessment of security Status and documentation
• Gapanalysis
• Processing of TISAX requirements and derivation of necessary Steps
• Analysis and editing of security policies
• Implementation of an ISMS in Organization
• Creation of processes and documentation
• Readiness assessment
• Audit support

Scrum project manager in science for following projects:

• Smart city project to detect traffic jams and accidents automatically with AI
  
• Smart railway project to improve time forecast for trains
  
• Internal railway infrastructure project to replace old and hardcoded codebase with object-oriented programming language and dynamic frontend
  

Implementation and adaptation of the CyberArk solution tothe existing infrastructure to secure privileged access (PAM) including:

• Creation and management of all accounts, safes & platforms of the acceptance environment via PVWA as well as Rest API
• Administration of CyberArk servers on infrastructure & OS level
• Execution of technical acceptance tests
• Monitoring of infrastructure components
• Documentation of processes, components & platforms
• PAM integration in existing SIEM solution