Berlin Metropolitan Area
With a solid background exceeding 20 years in cybersecurity, I am the Cybersecurity Transformation Lead Manager at Alstom, focusing on bridging IT and product security to safeguard company assets. My mission resonates with Alstom's commitment to excellence, as I instill robust cybersecurity practices into the core of our operations. My expertise in managing multimillion-euro projects and fostering cybersecurity awareness positions me to contribute substantial value to the organization. My role as the Cybersecurity Transformation Lead Manager has allowed me to lead a dedicated team in delivering strategic IT security solutions, managing a significant budget, and achieving our security objectives. We've not only enhanced our security posture through rigorous penetration tests and audits but also laid the groundwork for ISMS implementation and ISO 27001 certification, ensuring comprehensive compliance across IT services.
Leading a team of five project managers to successfully deliver IT security solutions with a budget of up to €4 million. Ensured the achievement of IT security objectives within various programs while fostering synergies between IT security and product security initiatives. Championed the corporate cybersecurity awareness program, effectively managing the execution of security awareness activities.
Managed IT security policies and standards, identifying operational exceptions and mitigating cybersecurity risks. Executed penetration tests and audits to enhance security posture. Led the organization in preparation for ISMS implementation and ISO 27001 certification. Defined and established a comprehensive security services portfolio, ensuring compliance among IT service providers.
Oversaw the management of the outsourced Security Operation Center to enhance security monitoring and response capabilities. Led the Computer Security Incident Response Team (CSIRT) to effectively address and mitigate security incidents. Developed and managed security policies, directives, and standards to ensure compliance and best practices. Assessed and managed IT security risks, implementing strategies to safeguard organizational assets. Streamlined operational security processes to improve efficiency and effectiveness across the organization. Directed the Bombardier security awareness program, fostering a culture of security mindfulness among employees.
Redknee acquires BSS business line from Nokia Siemens Networks. • managed the daily operations of an international team of 13 IT Network and Security specialists in worldwide over 50 projects • consolidated IT Network planning services for products from Business Support Systems (ex-Nokia Siemens Networks) and Redknee, I established unified delivery procedures and a common set of network documentation • created the concept for a tool-based network planning process, I realized a common repository for planning data, in-build consistency checks, client specific representations and seamless integration into the company-wide configuration management system • fostered cooperation of Redknee with the Club R2GS for security standardization in the field of Security Information and Event Management and Security Operation Centers • coordinated cooperation with Hewlett-Packard, Dimensioning Data, EMC², Fujitsu Technology Solutions and F5 to clarify technical aspects of network integration and infrastructure planning • responsible for knowledge management and skill development of the team, I created personal development plans, organized trainings and coached team members to enhance critical competences
• developed the organizational and operative structure of IT System Integration & IT Security • managed the transitions from centralized management of local teams, via a regional setup with a global support office to a distributed team responsible for all operative functions • led a team of 15 colleagues responsible for network engineering, service management, competence management, customer maintenance support, quality management and IT Security • implemented guidelines for network design, network dimensioning and planning of infrastructure deployment in customer projects • implemented guidelines for IT Security in customer projects working in close cooperation with product security management to productize new security features • developed a knowledge management framework for IT System Integration & IT Security, I introduced and moderated a Wiki as a collaboration platform and initiated a user community for knowledge sharing • published a monthly newsletter to keep all members of the community informed and engaged on IT System Integration & IT Security topics