CISO Consulting Services

freiberufler CISO Consulting Services auf freelance.de
Referenzen
offline
Verfügbarkeit einsehen
auf Anfrage
en  |  de
auf Anfrage
Baden-Württemberg
01.08.2019

Kurzvorstellung

Professional consulting services supporting digital transformation, IT strategy, and cyber security operations for DAX 30 and Fortune 500 companies.

Auszug Referenzen (3)

"Herr [...] war in ganz besonders hohem Maße zuverlässig. Die Leistungen haben jederzeit und in jeder Hinsicht unsere vollste Anerkennung gefunden."
Head of O365 Legal and Compliance Workstream
Shady Saleh
Tätigkeitszeitraum

8/2018 – 7/2019

Tätigkeitsbeschreibung

Independent Advisor, Frankfurt and Heidelberg, Germany
Cybersecurity, Compliance, IT Operations and Transformation Consultant
Independent advisor for international client base consisting of small businesses, research firms, and large Dax30 enterprises. Provide advice and support on many topics such as:
§ Security strategies to accelerate behavioral changes and increase adoption rates
§ Optimization of IT processes and technology roadmaps for digital transformation
§ Compliant cloud migration strategies for highly regulated international enterprises
§ Optimization strategies to simplify compliance models in highly regulated industries
§ Leadership development and coaching in highly political intercultural environments
Provide legal and compliance advice to a leading Dax30 Medical company for complex migration of 50K users located in 67 countries and 200 sites into centralized cloud services
§ Managed distribution, signature and adoption of global cloud use, data classification, and data retention policies to all companies and subsidiaries to foster user compliance
§ Harmonized local country assessments of data privacy, cross border data transfer, data localization, and stringent compliance laws with corporate regulations and guidelines
§ Evaluated relevant data protection and data loss prevention technologies to mitigate risks, increase adoption, and improve overall function and security of cloud services
§ Deployed e-learning compliance training in 23 languages to 40k users in 67 countries
§ Designed and managed dashboards and key performance indicators to align stakeholders

Eingesetzte Qualifikationen

CISA (Certified Information Systems Auditor), Datenschutz, Microsoft Office 365, MS Office (Anwenderkenntnisse), Compliance management


"no comment"
Global Head of Security, Risk, Compliance, and Integration (CISO) (Festanstellung)
James Stewart
Tätigkeitszeitraum

5/2014 – 8/2017

Tätigkeitsbeschreibung

§ Responsible for building and leading the vision, strategy, and initatives to protect Merck’s IT, data, systems, and intellectual property which generate over €15B in annual revenue
§ Led global security assessment against 10 security benchmarks at 20 locations to establish Merck’s security, risk, and compliance rating in the Pharma and Biotech industry
§ Established and led Board approved multi-million euro “Protect Merck” program which drove Merck’s score to the top 10% for 6 of the assessed benchmarks in under 1 year
§ Revolutionized Merck’s SRC operating model while simultaneously achieving company wide ISO 27001 re-certification; praised by auditors for raising the bar in Pharma/Biotech
§ Gained 700% increase in operational budget to build revolutionary SRC organization which trained and mentored companywide staff, reduced vulnerabilities by 45%, increased system visibility 16 fold, and optimized global risk and compliance processes
§ Built “Protect Merck” Executive Committee of Executive Vice presidents, legal counsel, and business leaders to align Protect Merck initiatives with business strategies; won board and president support to educate 50K employees on new SRC practices
§ Founded Merck’s annual Security, Risk and Compliance Symposium which brings together over 150 technology leaders from 30 countries to collaboratively improve SRC processes
§ Hosted security round table with CISOs from other DAX 30 and public organizations to share knowledge and launch the Merck Security Academy to certify over 1K IT employees
§ Built external partnerships and drove industry innovations in the areas of mobile mail encryption, cloud security encryption, data leakage prevention, vulnerability and application scanning, intrusion detection, and advanced “red-team” testing techniques
§ Responsible for IT integration of Merck’s largest M&A in its 350 year history worth $17B
§ Established board approved multi-year, multi-million euro, M&A IT integration portfolio of 100 broad initiatives; refined synergy targets, and reprioritized CIO’s global initiatives
§ Drove implementation of board level KPIs, dashboards, and global communication campaings to improve transparency and decision making for users, staff, and executives
§ Built matrixed team of 60 internal and external technical experts from both companies; hosted virtual and onsite workshops to build high level of respect, cooperation, and trust
§ Infused IT integration experts into multiple boards and projects of parallel non-IT integration streams to enhance visibility, increase agility, and optimize technical solutions
§ Established executive change advisory board and governance processes to solve unique integration challenges and improve global management of complex architecture changes
§ Drove interoperability of disparate architectures by harmonizing WiFi, crossconnecting networks, and optimizing SSO to improve user satisfaction for 50K users in 66 countries
§ Delivered virtual cloud infrastructures to bridge legacy systems and global ERP harmonization initiatives and provide seamless access to over 26,000 diverse applications

Eingesetzte Qualifikationen

Incident Management, Service Management, Identitätsmanagement (IDM), Cyber Security, IT-Governance, Management-Informationssysteme, IT-Strategieberatung, Change Management, Management (allg.), Transformation Management, Programm Management


"Mr [...] served as my Deputy and did outstanding work. He can to handle complex tasks and produce superior results; a cyber process expert."
Deputy Chief of Staff and Strategic Advisor to CIO (Festanstellung)
COL Mark Schonberg
Tätigkeitszeitraum

1/2007 – 5/2014

Tätigkeitsbeschreibung

§ Responsible for guiding the development and maintenance of the vision, strategy, and programs necessary to support 65,000 IT system users operating in 51 countries
§ Served as Chief of Staff during his absence and managed effective utilization of $310M annual budget across the headquarters staff and 10 subordinate organizations
§ Created the CIO’s initiative group, which saved the Army over $100M USD through IT consolidation, drove leadership accountability programs, and grew multinational cyber capacity and coalition partnerships throughout Europe, Africa, and the Middle east
§ Continuously prepared the CIO for strategic engagements with Department of Defense leaders reporting to the Executive and Legislative branches of the U.S. government; won 20M Euro to fund IT consolidation efforts, 20% increase in cyber funding, and additional headcount for new European strategic and tactical operating models
§ Guided creation of first joint cyber center prototype in history which was later adopted as nucleus for the new cyber center operating models of Army and US Cyber commands
§ Responsible for optimizing operations, processes, and budget expenditures of a European IT enterprise with a $250M annual budget and 1,500 employees in 15 countries
§ Built and managed corporate process improvement program supporting over 40 IT organizations within US Army Europe; achieved $20M/year in savings and cost avoidance
§ Selected, mentored, and certified 20 Lean Six Sigma Black Belts and 35 Green Belts to guide and advise senior officers and staffs through resolution of complex process issues
§ Worked closely with the CIO to refine broad concepts into operational business models which won 4-Star General Officer (board of directors) approval for global implementation
§ Hand selected by CIO to develop new initative for a joint cyber center operating model

Eingesetzte Qualifikationen

ITIL, Cyber Security, IT-Governance, Telekommunikation / Netzwerke (allg.), IT-Strategieberatung, Lean Management, Management (allg.), Enterprise project management (EPM), Programm Management, Marketing (allg.)

Ich biete

IT, Entwicklung
  • ITIL
  • Telekommunikation / Netzwerke (allg.)
  • Service Management
  • CISA (Certified Information Systems Auditor)
  • IT Sicherheit (allg.)
Management, Unternehmen, Strategie
  • Lean Management

Fokus
  • Program Management

Projekt‐ & Berufserfahrung

Head of O365 Legal and Compliance Workstream
Kundenname anonymisiert, Bad Homburg
8/2018 – 7/2019 (1 Jahr)
Healthcare
Tätigkeitszeitraum

8/2018 – 7/2019

Tätigkeitsbeschreibung

Independent Advisor, Frankfurt and Heidelberg, Germany
Cybersecurity, Compliance, IT Operations and Transformation Consultant
Independent advisor for international client base consisting of small businesses, research firms, and large Dax30 enterprises. Provide advice and support on many topics such as:
§ Security strategies to accelerate behavioral changes and increase adoption rates
§ Optimization of IT processes and technology roadmaps for digital transformation
§ Compliant cloud migration strategies for highly regulated international enterprises
§ Optimization strategies to simplify compliance models in highly regulated industries
§ Leadership development and coaching in highly political intercultural environments
Provide legal and compliance advice to a leading Dax30 Medical company for complex migration of 50K users located in 67 countries and 200 sites into centralized cloud services
§ Managed distribution, signature and adoption of global cloud use, data classification, and data retention policies to all companies and subsidiaries to foster user compliance
§ Harmonized local country assessments of data privacy, cross border data transfer, data localization, and stringent compliance laws with corporate regulations and guidelines
§ Evaluated relevant data protection and data loss prevention technologies to mitigate risks, increase adoption, and improve overall function and security of cloud services
§ Deployed e-learning compliance training in 23 languages to 40k users in 67 countries
§ Designed and managed dashboards and key performance indicators to align stakeholders

Eingesetzte Qualifikationen

CISA (Certified Information Systems Auditor), Datenschutz, Microsoft Office 365, MS Office (Anwenderkenntnisse), Compliance management


Global Head of Security, Risk, Compliance, and Integration (CISO) (Festanstellung)
Merck-Millipore, Darmstadt
5/2014 – 8/2017 (3 Jahre, 4 Monate)
Life Sciences
Tätigkeitszeitraum

5/2014 – 8/2017

Tätigkeitsbeschreibung

§ Responsible for building and leading the vision, strategy, and initatives to protect Merck’s IT, data, systems, and intellectual property which generate over €15B in annual revenue
§ Led global security assessment against 10 security benchmarks at 20 locations to establish Merck’s security, risk, and compliance rating in the Pharma and Biotech industry
§ Established and led Board approved multi-million euro “Protect Merck” program which drove Merck’s score to the top 10% for 6 of the assessed benchmarks in under 1 year
§ Revolutionized Merck’s SRC operating model while simultaneously achieving company wide ISO 27001 re-certification; praised by auditors for raising the bar in Pharma/Biotech
§ Gained 700% increase in operational budget to build revolutionary SRC organization which trained and mentored companywide staff, reduced vulnerabilities by 45%, increased system visibility 16 fold, and optimized global risk and compliance processes
§ Built “Protect Merck” Executive Committee of Executive Vice presidents, legal counsel, and business leaders to align Protect Merck initiatives with business strategies; won board and president support to educate 50K employees on new SRC practices
§ Founded Merck’s annual Security, Risk and Compliance Symposium which brings together over 150 technology leaders from 30 countries to collaboratively improve SRC processes
§ Hosted security round table with CISOs from other DAX 30 and public organizations to share knowledge and launch the Merck Security Academy to certify over 1K IT employees
§ Built external partnerships and drove industry innovations in the areas of mobile mail encryption, cloud security encryption, data leakage prevention, vulnerability and application scanning, intrusion detection, and advanced “red-team” testing techniques
§ Responsible for IT integration of Merck’s largest M&A in its 350 year history worth $17B
§ Established board approved multi-year, multi-million euro, M&A IT integration portfolio of 100 broad initiatives; refined synergy targets, and reprioritized CIO’s global initiatives
§ Drove implementation of board level KPIs, dashboards, and global communication campaings to improve transparency and decision making for users, staff, and executives
§ Built matrixed team of 60 internal and external technical experts from both companies; hosted virtual and onsite workshops to build high level of respect, cooperation, and trust
§ Infused IT integration experts into multiple boards and projects of parallel non-IT integration streams to enhance visibility, increase agility, and optimize technical solutions
§ Established executive change advisory board and governance processes to solve unique integration challenges and improve global management of complex architecture changes
§ Drove interoperability of disparate architectures by harmonizing WiFi, crossconnecting networks, and optimizing SSO to improve user satisfaction for 50K users in 66 countries
§ Delivered virtual cloud infrastructures to bridge legacy systems and global ERP harmonization initiatives and provide seamless access to over 26,000 diverse applications

Eingesetzte Qualifikationen

Incident Management, Service Management, Identitätsmanagement (IDM), Cyber Security, IT-Governance, Management-Informationssysteme, IT-Strategieberatung, Change Management, Management (allg.), Transformation Management, Programm Management


Deputy Chief of Staff and Strategic Advisor to CIO (Festanstellung)
US Army Europe, Office of the CIO, Wiesbaden, Germ, Wiesbaden
1/2007 – 5/2014 (7 Jahre, 5 Monate)
Telekommunikation
Tätigkeitszeitraum

1/2007 – 5/2014

Tätigkeitsbeschreibung

§ Responsible for guiding the development and maintenance of the vision, strategy, and programs necessary to support 65,000 IT system users operating in 51 countries
§ Served as Chief of Staff during his absence and managed effective utilization of $310M annual budget across the headquarters staff and 10 subordinate organizations
§ Created the CIO’s initiative group, which saved the Army over $100M USD through IT consolidation, drove leadership accountability programs, and grew multinational cyber capacity and coalition partnerships throughout Europe, Africa, and the Middle east
§ Continuously prepared the CIO for strategic engagements with Department of Defense leaders reporting to the Executive and Legislative branches of the U.S. government; won 20M Euro to fund IT consolidation efforts, 20% increase in cyber funding, and additional headcount for new European strategic and tactical operating models
§ Guided creation of first joint cyber center prototype in history which was later adopted as nucleus for the new cyber center operating models of Army and US Cyber commands
§ Responsible for optimizing operations, processes, and budget expenditures of a European IT enterprise with a $250M annual budget and 1,500 employees in 15 countries
§ Built and managed corporate process improvement program supporting over 40 IT organizations within US Army Europe; achieved $20M/year in savings and cost avoidance
§ Selected, mentored, and certified 20 Lean Six Sigma Black Belts and 35 Green Belts to guide and advise senior officers and staffs through resolution of complex process issues
§ Worked closely with the CIO to refine broad concepts into operational business models which won 4-Star General Officer (board of directors) approval for global implementation
§ Hand selected by CIO to develop new initative for a joint cyber center operating model

Eingesetzte Qualifikationen

ITIL, Cyber Security, IT-Governance, Telekommunikation / Netzwerke (allg.), IT-Strategieberatung, Lean Management, Management (allg.), Enterprise project management (EPM), Programm Management, Marketing (allg.)


CKO and Information Technology Infrastructure Library (ITIL) Service Manager (Festanstellung)
US Army Europe Enterprise Technology Command, Mannheim
1/2004 – 1/2007 (3 Jahre, 1 Monat)
Telekommunikation
Tätigkeitszeitraum

1/2004 – 1/2007

Tätigkeitsbeschreibung

§ Responsible for creating organizations, programs, and strategies based on ITIL, Lean Six Sigma, and Knowledge Management to evolve the unit to a centralized operating model
§ Drove strategy to collapse 21 help desks into 1 service desk, 400 Datacenters into 2 regional Datacenters, and to rationalize disparate organizations and processes
§ Facilitated the Army’s adoption of centralized european operating models and organizations into new global operating models for the Army’s worldwide IT operations
§ Responsible for driving agency efforts to increase collaboration, improve decision making, and integrate information sharing platforms of geographically dispersed units
§ Created robust knowledge management program and managed portfolio of 15 projects to improve interagency and intra organization collaboration and decision-making
§ Launched educational campaign and published new knowledge management policies, which increased higher headquarters buy-in and aligned decentralized peer organizations
§ Consolidated over 30 separate information sharing systems into 1 centralized enterprise portal, which increased availability of operational information to personnel at all levels

Eingesetzte Qualifikationen

ITIL, Cyber Security, Netzwerk-Sicherheit, Lean Management, Wissensmanagement, Enterprise project management (EPM), Programm Management


Zertifikate

Certified Information Systems Auditor
Juni 2019

Certified Advanced Security Practicioner
Dezember 2013

Lean Six Sigma Black Belt
Dezember 2010

ITIL Practitioner Release and Control
Juni 2009

Ausbildung

Management Information Systems
(-)
Jahr: 
Ort: University of Maryland

CIO Certification Program
(-)
Jahr: 
Ort: National Defense University

Qualifikationen

EDUCATION/STUDY
Certified Advanced Security Practitioner (CASP) CN # COMP001020662217
Department of the Army: Lean Six Sigma Black Belt
National Defense University: CIO Certification Program
EXIN: ITIL Practitioner in Release and Control CN# 310701952
EXIN: ITIL Foundation in IT Service Management CN#579585
University of Maryland: Information Systems Management

Über mich

Accomplished strategic leader with over 20 years experience in information security, cyber operations, and digital transformation for multinational agencies and DAX 30 companies

Innovation driver with the ability to balance multiple initiatives and priorities at a corporate level

Experienced, engaging and visionary leader with profound success building robust coalitions to drive excellence in cyber security, IT operations, and cultural change management

Strong executive presence with exceptional leadership and communication skills across diverse cultures and accountable for budgets in excess of 300M$

Persönliche Daten

Sprache
  • Englisch (Muttersprache)
  • Deutsch (Gut)
Reisebereitschaft
auf Anfrage
Arbeitserlaubnis
  • Europäische Union
  • Vereinigte Staaten von Amerika
Profilaufrufe
510
Berufserfahrung
25 Jahre und 1 Monat (seit 01/1995)
Projektleitung
15 Jahre

Kontaktdaten

Nur registrierte PREMIUM-Mitglieder von freelance.de können Kontaktdaten einsehen.

Jetzt Mitglied werden »