Federico (F.) Leefhelm - ISO – Senior Consultant Quality & Information Security
Experience
Senior IAM Manager & Single Point of Contact for Information Security
EnBW Energie Baden-Württemberg AG
As the only large integrated energy company in Germany, EnBW covers the entire value chain—from energy generation through distribution to the customers. They are expanding their renewable energy sources, working for a socially responsible coal phase-out and advancing key technologies such as the use of green hydrogen. A fast energy transition and achieving climate neutrality by 2035 are a priority for EnBW. Development and implementation of a holistic process view that considers both technical and organizational aspects Ensuring end-to-end control of all IAM-related technical services Establishing clear responsibilities and accountabilities within the IAM landscape Collaborating with various departments to identify and optimize a holistic architecture and serve as Single Point of Contact (SPoC) for Information Security Implementing and monitoring governance policies to ensure compliance and security Continuous improvement of IAM processes and systems through regular audits and assessments Participation in external process audits as part of official ISO standard audits Further development of the policy for defining administrative requirements and procedures and aligning them with administrative areas Conceptual further development of the KPI system for measuring process quality
Senior PMO for the Global IT CDC Project
Daimler Truck Financial Services (DTFS)
Daimler Truck Financial Services is moving from traditional data centers to the Azure Cloud. As part of the Cloud Data Center project (CDC), DTFS is migrating traditional data centers in Europe (EMEA), Asia & South Africa (APAC), Canada, South, Central and North America (NAFTA) and transferring the service into the Azure Cloud. DTFS supports Daimler commercial vehicle sales worldwide through leasing, financing and insurance and, with a contract volume of €25.4 billion, is one of the world's largest financial service providers for commercial vehicles ([link]). Working as Senior PMO and Senior Management Consultant with the Global IT Director and Head of Innovation Projects Working as Senior PMO and Management Consultant together with the international PM and PO teams (Project Management/Project Owner) Created a master plan based on MS Project for the CDC project, which enabled DTFS to gain a clear overview and transparency of the project after one year The master plan provided management and the teams with clear and accurate information on the status of the overall project and each subproject, both by region and by country The reports from the master plan enabled management and the teams to take countermeasures to correct deviations, so that the project could be completed on time, on budget and on quality Regular reporting of project progress to the Global IT Director and PM teams Handover of the CDC master plan to the PM of DTFS at the end of the contract period
ISO – Senior Consultant Quality & Information Security
Gemeinsame Klassenlotterie der Länder (GKL)
- Responsible for implementing the QMS & ISMS on behalf of the partner company ModernX GmbH & Co. KG.
- Responsible for the benchmarking and future implementation of an ISO tool for central management of all management systems.
- Responsible for deploying a Quality Management System (QMS) according to ISO 9001:2015.
- Responsible for deploying an Information Security Management System (ISMS) according to ISO 27001:2022.
- Preparing and creating the necessary measures (scope, SoA, policies, security concepts, procedural instructions, SOP, etc.) to establish a QMS and ISMS.
- Risk management: identification, assessment and handling of critical and potential attack scenarios.
- Risk analysis, risk treatment, protection requirement determination and vulnerability analysis of the IT infrastructure.
ISO – Senior Consultant Cyber- & Information Security
Northland Power Europa GmbH
- Northland Power is a developer, operator and owner of clean wind energy plants.
- Member of the security team, co-responsible for cyber & information security of the wind farms.
- Responsible for preparing all documentation and measures (policies, security concepts, cryptography, key management) to deploy intrusion detection systems according to BSI IT-SiG 2.0 and EnWG.
- Preparing and creating measures (policies, SOP, ISMS manual, BCM, IT emergency plans, IAM, backup & recovery, MDM, supplier, password, patch, asset & configuration, network management) to build an ISMS according to ISO 27001:2022.
- Identification, assessment and handling of critical and potential attack scenarios of wind farms in risk management.
- Risk analysis, risk treatment, protection requirement determination and vulnerability analysis of the IT/OT infrastructure.
- Creation of IT/OT emergency concepts, incident response processes & rebuilding of IT/OT systems within BCM (BIA, RIA & DRP).
- The project was terminated early because the wind turbines were sold and the company was closed in Germany.
CISO ad Interim & Senior Management Consultant ISMS, BCM & IAM
Huf Hülsbeck & Fürst GmbH & Co. KG
- Leading and managing the project to implement a Business Continuity Management (BCM) system according to ISO 22301.
- Defining the scope, creating a BCM policy, business impact analysis (BIA), risk impact analysis (RIA) and disaster recovery plan (DRP).
- Developing IT emergency concepts, vulnerability analysis, incident response processes & rebuilding IT systems.
- Conducting the first review of the corporate identity and access management (IAM) process and identifying improvement measures.
- Contributing to the continuous improvement process of the TISAX and ISMS certification according to ISO 27001.
- The BCM project was not completed due to budget planning.
ISO, Sr. Management Consultant and Sr. PMO
Universitätsklinikum Düsseldorf (UKD)
- UKD is the largest hospital in the state capital and one of the most important medical centers in North Rhine-Westphalia.
- Operator of critical infrastructures (KRITIS according to §8a BSIG) with an ISMS certified to ISO 27001:2022.
- Work directly as Senior Management Consultant to the IKMT head (CIO) and leader of innovation projects.
- Responsible for the entire IT department in information security as ISO.
- Create, maintain, and improve ISMS policies and SOPs.
- Train and raise awareness among IT staff on IT security, incident response processes, and IT system recovery.
- Develop and act as main point of contact for the new UKD IT strategy, plus a BIA and DRP for IT system recovery.
- Prepare for the next introduction of business continuity management according to ISO 22301 for the IKMT department and UKD.
- Develop an IT cyber security strategy and roadmap for implementing additional tools and solutions for UKD’s cyber security.
- Create an IT emergency concept (as part of the DRP), IT security plan, incident response, and related supporting concepts (data protection, antivirus, cryptography, configuration and hardening measures, asset & configuration management, patch management, roles & rights (IAM), IT emergency preparedness, etc.).
- Participate in defining measures to become compliant with attack detection systems (SzA) according to BSI IT Security Act 2.0.
- Develop a security concept, conduct a proof of concept (PoC), evaluate and review up to procurement and implementation of a medical device monitoring security system.
- Build a Security Operations Center (SOC) with operating concept and definitions for preventive measures, threat detection, and incident response.
- Implement a Security Information and Event Management (SIEM) with Splunk.
- Senior PMO to the department head since February 2023, responsible for controlling all IT-related projects (over 2K projects).
- Create & manage Gantt charts for all IT-related projects (IT & medical, IT security, SAP, etc.).
- Develop a patch management security concept & processes and standard operating procedures (SOPs).
- Contribute to the continuous improvement process (CIP) of the certified ISMS in preparation for the first surveillance audit.
- Regularly report project progress to the department head and executive board.
Senior Management Consultant BCM, Compliance & Information Security
Bitmarck Beratung GmbH
- Lead and manage the project for implementing business continuity management (BCM) according to ISO 22301 and BSI IT-Grundschutz Standard 200-4.
- Define the scope, create a BCM policy, and conduct a business impact analysis (BIA) and risk impact analysis (RIA).
- Develop IT emergency plans, perform vulnerability analysis, incident response processes, and IT system recovery (DRP).
- Create a project Gantt chart and prepare all necessary certification documents.
- The BCM project was not completed due to budget planning.
CISO as a Service – Chief Information Security Officer
EUROVIA Services GmbH
- Prepare and deliver awareness training for the company and its subsidiaries.
- Review results from penetration tests (PenTests) and create an action plan to fix identified vulnerabilities.
- Optimize IT processes to support business operations.
- Help ensure the availability of IT services.
- Review existing ISMS documentation for an as-is assessment and gap analysis to implement an ISMS according to ISO 27001.
Security Engineer, ISO, Senior Management Consultant Cyber & Information Security
Thales Deutschland GmbH Naval
- Member of the F126 team and co-responsible for the cyber and information security of the new F126 ships for the German Navy according to the German military Security Accreditation Authority.
- Lead the largest Thales innovation project in information security for the German Navy.
- Identify, evaluate, and handle critical and potential attack scenarios for the new F126 ships.
- Risk management, risk analysis, risk treatment, protection requirement determination, IT emergency plans, vulnerability analysis, incident response processes, and IT infrastructure recovery.
- Create, adjust, and improve policies, hardening and security concepts, and SOPs.
- Develop, maintain, and document information security and emergency plans considering ISO 27001, BSI IT-Grundschutz & compendium, and regulations of the German military Security Accreditation Authority (ZDV A-960/1).
- Work on information security for the Digital Communication Network (DKN), Ship Entry Point (SEP), and satellite communication (SATCOM) systems.
- Advise and work with business units on conflicts between technical implementation and information security requirements.
- Apply ISO/IEC 27001 based on BSI IT-Grundschutz & compendium and Bundeswehr IT-Grundschutz for the ISMS.
- Participate in workshops with the German Navy and other contractors in German and English.
- Collaborate with information security teams from France and the Netherlands.
ISO & Senior Management Consultant Compliance & Information Security
Bundeskriminalamt (BKA)
- Responsible for the certification (attestation) of new cloud services of the Police Service Platform (PSP) to the international C5 standard.
- Conduct gap analysis and help build and improve an ISMS according to ISO 27001, IT-Grundschutz, and the new BSI compendium.
- Create and update policies and SOPs for the entire federal agency (BCM, BIA, RIA, DRP, IT emergency plans).
- Develop and improve information security (SiKo) and IT emergency plans for IT operations and cloud services (IAM, backup & recovery, patch management, crypto & key management, asset & configuration management).
- Work with the SOC team to update the threat landscape.
- Deliver internal training, workshops, and awareness activities.
- BKA security clearance level SÜ2.
- The project was ended early due to the COVID-19 pandemic.
CISO & Senior Management Consultant Compliance & Information Security
Dr. Glinz COViS GmbH
- Creation of security concepts (SiKo) for the company and various software products.
- Conducting a pre-audit on EU GDPR, achieving over 90% compliance.
- Strategic advancement of IT security, continuous improvement, and maintenance of the ISMS according to ISO 27001.
- Introducing a concept for event handling and improving the SOC system.
- Conducting security assessments (pen tests & vulnerability scans) to address vulnerabilities.
- Developing new compliance services for customers and running workshops on ISMS and GDPR.
- Creating new policies, especially for the use of cloud services as CSP and CSC.
Lead Auditor & Sr. Management Consultant Compliance & Information Security
TÜV SÜD
- Conducting audits according to ISO 27001 for various customers.
- Conducting EU GDPR workshops and pre-audits for TÜV SÜD Munich and its customers.
Lead Auditor & Sr. Management Consultant Compliance & Information Security
SAP AG
- International lead audit manager in quality management and information security according to ISO 9001, ISO 27001, ISO 22301, SOC, SOX, C5, PCI-DSS & SIEM.
- Focus on Cloud Network Delivery (CND) and worldwide SAP cloud services.
- Collaborating with enterprise compliance, audit, and SOC teams for Threat Lifecycle Management (TLM).
- Reviewing and improving information security concepts for all SAP cloud services.
- Contributing to innovation projects in the field of information security.
- SPOC between Cloud Network Delivery, users, and global compliance teams.
- Compliance project manager for CND (Cisco switches in global data centers).
CISO & Division Manager Compliance Services & Solutions
Makro Factory GmbH & Co. KG
- Planning, expansion, and establishment of the new Compliance Services & Solutions division.
- Advising customers on implementing ISMS (ISO 27001), BCM (ISO 22301), IT baseline protection, BaFin & MaRisk.
- Successful implementation and dual certification of an ISMS (ISO 27001) and a BCM (ISO 22301) within 14 months.
- Achieving ISO 27017 / ISO 27018 certification to protect personal data as a Cloud Service Provider (CSP).
- Conducting IT security assessments (pen tests, vulnerability scans) and creating IT emergency plans.
- Conducting seminars, training sessions, and workshops on GDPR and information security.
- Performing information security audits according to ISO 27001, ISO 27006, and ISO 19011.
Senior Management Consultant Compliance & Information Security
Stadtsparkasse Düsseldorf
- Conducting a banking security consultation regarding BaFin and MaRisk AT 8.2 compliance.
- Advising on IT requirements and measures for secure IT operations (SITB).
- Advising on outsourcing network services under the German Banking Act (KWG 25a/b).
- Adjusting incident management for the switch of the network provider to Finanz Informatik (FI) according to MaRisk AT 9 outsourcing.
- Business analysis, modeling, and adaptation for outsourcing processes.
Strategic ITSCM, CISO, Business & eGRC Senior Management Consultant
Independent Entrepreneur
- Senior Project Manager, Business Analyst and Senior PMO as interim manager for banks, insurance companies, retail, and industry.
- Technical rollout and change management for an international mining company during the implementation of new ERP systems.
- Strategic development of ITSCM, IT services, and IT security as interim CISO.
- Implementation of an ISMS according to ISO 27001 and BCM according to ISO 22301 in Chile, Argentina, and Brazil.
- Interim Business Development Manager for various IT companies.
- Business Analyst and interpreter for IT projects (Spanish/German/English).
Regional eRCP Manager & Senior PMO for all of Latin America
Zurich Shared Services – Insurance Company
- Responsible for enterprise release, configuration & promotion (deployment) as part of the global Growing Market Platform (GMP) project.
- Rollout of a new core insurance system for all Latin American business units of Zurich Insurance.
- Establishment, training, and leadership of an eRCP team in Chile, Brazil, and India.
- Regional problem, incident, change, release, and crisis management across the entire application lifecycle.
- Single point of contact for Latin American users and collaboration with regional Change Advisory Boards (CAB).
- QA approval of software releases and development of test cases.
- Review and adaptation of contracts for external service providers (Accenture, CSC, Everis, Wipro).
- People management responsibility for more than 80 employees worldwide.
- Senior PMO for all non-core applications (legacy systems) in Latin America.
Interim CISO & Interim Manager of IT & IT Security Departments
INE, Chilean National Statistics Institute
- Responsible for preparing, programming, and securing wireless solutions for the digital data collection for the 2011-2012 census.
- Conducted training for external staff on digital data collection.
- Strategic development of ITSCM, IT services, and IT security as well as management of all innovation projects.
- Restructuring the IT department and negotiating with executive management and the works council.
- Implementation of policies according to ISO 27001, ISO 22301, ITIL, COBIT, and OECD.
- Setup and introduction of the first SOC with a SIEM platform for automated Threat Lifecycle Management (TLM).
- Introduction of PMO, development, and project methodologies (PMI, CMMI, CMMN).
- Led the cross-border improvement of the telecommunications network (RFP).
- Interim people management responsibility for more than 50 employees.
CEO & Owner; Managing Director, CISO & Senior Consultant
ATNet Latin America Management Consulting GmbH
- Founder and managing director of an international IT management consulting company.
- Specialization in IT governance, risk & compliance, information security, and electronic invoicing processes.
- Implementation and certification of ISMS (ISO 27001) and BCM (ISO 22301) at financial institutions in South America.
- Establishment of SOCs with SIEM platforms for banks in Chile.
- Development and sale of an application for electronic invoicing with asymmetric cryptography.
- Lecturer for the Ministry of Economy and the Santiago Chamber of Commerce on strategic and technological aspects of cryptography.
- Workflow automation of foreign trade processes for a Brazilian bank.
- Consolidation of networks and server platforms to reduce TCO at a local bank.
- Introduction of IT security guidelines and reorganization of the IT department at Chile's largest mining and steel company.
- People management responsibility for over 120 employees.
CIO & COO – IT & Operations Manager
Chipkarten AG (ETISA)
- Introduction of an electronic money card (eWallet) using smart card technology as a subsidiary of the banks.
- Management of the technological platform for eWallet administration as an open innovation project.
- Licensing of the money card with Mondex International (MasterCard).
- Establishment and leadership of an interbank committee for operational and technology topics.
- Development of the model for manufacturing, operation, and clearing of electronic money in cooperation with banking supervision and the central bank.
- Development of the financial model regarding investment and profit distribution, considering money market stability.
- Interface (Business Analyst) between banks for project implementation.
- People management responsibility for more than 20 employees.
Manager of Technological Remote Channels
Banco Crédito Inversiones (BCI)
- Operational management of technological remote channels: web, mobile banking, telephone banking, and ATMs.
- Design and definition of the project to launch the first Chilean transaction-oriented banking website.
- Introduction of mobile digital banking.
- Leadership and oversight of external service providers.
- Personnel responsibility for over 40 employees.
Senior Consultant Electronic Banking
Banco Crédito Inversiones (BCI)
- Development, implementation, and management of all electronic banking products for the corporate sector.
- Development and launch of e-commerce solutions for the bank.
- Consulting for the secure development of e-commerce and EDIFACT in Chile.
R&D Manager, Research and Technological Development
Banco Crédito Inversiones (BCI)
- Implementation of EDIFACT (Electronic Data Interchange) for the bank.
- Advising on establishing a bank EDI subsidiary.
- Development and launch of the first drive-in car banking branch.
- Personnel responsibility for over 10 employees.
Senior Consultant & Deputy Manager International Banking
Digital Equipment Corporation (DEC)
- Responsible for COMEX, financial EDIFACT & e-commerce for German and European banks.
- Responsible for financial institutions at CeBIT.
- Development and promotion of e-commerce in German banks.
- Member of European interbank committees in Frankfurt, Paris, and London.
- Led an e-commerce project between commercial banks and the Landeszentralbank (LZB) in Frankfurt.
CIO and Authorized Officer
Société Générale
- Conducted benchmarking and procured the SWIFT ST400 system for the entire bank.
- Planned, rolled out, and trained staff on the SWIFT system for all German branches.
- Introduced the first wide area network (WAN) from Frankfurt to all state branches using analog multiplexers.
- Defined and implemented the new data center in Frankfurt.
- Personnel responsibility for over 40 employees.
- Career path within the bank: promoted to CIO and authorized officer (1988), CTO (1986), Deputy CIO (1984), Software Engineering Team Leader (1983).
Industry Experience
See where this freelancer has spent most of their professional time.
Experienced in Banking and Finance, Information Technology, Professional Services, Insurance, Government and Administration, and Aerospace and Defense.
Business Area Experience
See which departments and functions this freelancer has contributed to most.
Experienced in Information Technology, Project Management, Product Development, Quality Assurance, Legal, and Strategy.
Summary
Graduate Engineer with a focus on Business Informatics from TU Santiago, Chile. Throughout my career, based on my skills and experience, I have held various positions in Germany, Chile, and other Latin American countries (CEO, CIO, COO, CTO, CISO, ISO, Sr. PM, Sr. PMO, etc.). My experience as a CEO includes founding and leading my own IT service company, where over six years I employed more than 120 engineers and successfully completed large projects. My leadership style has always been characterized by a holistic talent management approach. Due to my German and Chilean citizenship, I lived in the Federal Republic of Germany with my wife from April 1981 until the end of June 1992. Afterwards, we returned to Chile, became parents there, and 23 years later (June 2015) we came back to Germany. In 2016, working as an ISO at an IT service company in Karlsruhe, I achieved a double certification in Information Security and Business Continuity Management within 14 months—my first ISO certifications in Germany. In addition to these activities, I familiarized myself with the European General Data Protection Regulation (GDPR). However, my entrepreneurial spirit led me back to self-employment, and since 2018 I have been working as a freelance Senior Management Consultant for Information Security and Business Continuity. For this purpose, I was certified by a recognized German company as an ISMS Lead Implementer and ISMS Lead Auditor, also for organizations and institutions in the area of critical infrastructures (KRITIS). Summary of successful projects and key results: Makro Factory in Karlsruhe: As CISO, I successfully implemented and certified an ISMS and a BCMS for the CSP and IT service company within 14 months SAP in Walldorf: As international Lead Audit Manager, I enabled the Cloud Network Delivery division to successfully pass all audits (ISO 9001, ISO 27001, ISO 22301, C5, SOC, SOX, and PCI-DSS) COViS in Düsseldorf: The software development company had an oversized ISMS that the IT staff worked on almost exclusively, which led to dissatisfaction, friction, and user frustration. After consulting with the CEO and senior management, I tailored the ISMS to the actual needs. Since then, the IT colleagues have been able to satisfy their users and their needs Federal Criminal Police Office in Wiesbaden (BKA): As ISO, I led the organization to achieve C5 certification for the new cloud services of the Police Service Platform and helped build and improve an ISMS according to ISO 27001 and the BSI IT-Grundschutz Compendium TÜV SÜD in Munich and Mannheim: Through my consulting and workshops on the EU GDPR, the company was able to start offering data protection services German Navy via Thales Naval Kiel: As Security Engineer and ISO, I contributed to certifying the cyber and information security of the new (F126) frigates of the German Navy according to the German Military Security Accreditation Authority University Hospital Düsseldorf: As ISO, I (among other things) developed the new IT strategy for UKD and a security concept (BIA & DRP) for rebuilding IT systems; I also prepared and successfully conducted a surveillance and recertification audit of the ISMS according to ISO 27001. As PMO, I developed a security concept, executed a proof of concept, evaluated and oversaw procurement and implementation of a medical device monitoring security system, to know which, how many and at what security level medical devices were connected to the campus network, and to prevent further threats or attacks via the network Daimler Truck Financial Services: As Senior PMO, I created a master plan for the Cloud Data Center project, which enabled the company to have a clear overview of the project after one year EnBW Energie Baden-Württemberg in Karlsruhe: As Senior IAM Specialist, I work on improving the company's overall IAM concept and IAM processes across the entire company
Skills
Information Security Governance, Risk & Compliance: Consulting & Management For Implementing An Information Security Management System According To Iso 27001, A Business Continuity Management System According To Iso 22301 (Bia, Ria, Drp & Bsi It-gs 100-4/200-4), Dora And Nis2 Compliant
Gdpr Compliant With The Use Of An Isms According To Iso 27001:2022 Plus Iso 27701
Bafin: Dora, Macomp & Xait Compliant; Marisk, Bait, Vait, Zag, Zait, Kait
Bsi: It-grundschutz & Compendium As The German Foundation For Information Security
C5:2020 & Information Security: Cloud Computing Compliance Criteria Catalogue And Escloud
Setup, Rollout & Services Of Secure Operation Centers (Soc) & Siem, Ueba & Soar Platforms
Iam: Identity & Access Management, Cryptography & Key Management (Symmetric/asymmetric)
Information Security Audits According To Iso 27001, 27006, 19011, Gdpr & Bsi-gs
Audits For Energy Supply Companies (So-called Kritis), According To Bnetza § 11, Art. 1a Enwg
Project Management & Control Methods For Projects (Pgmp & Pmo According To The Project Management Institute)
Itscm (Iso 27031), Itsm (Iso 20000), Sla, Crisis, Patch, Security Logging & Monitoring, Event, Incident, Problem Management, Etc.
Ercp Management: Enterprise Release, Configuration & Promotion/deployment, As Well As Release & Change Management (According To Itil & Cobit)
Strong Hands-on Mentality, High And Fast Analytical, Conceptual, Abstract And Logical Thinking Skills
Service- And Solution-oriented, Conceptual, Strategic, Self-directed, Goal-driven And Highly Structured Working Style Based On The Pestel Framework
High Sense Of Responsibility, Self-motivation, Flexibility And Trustworthiness
Creativity And Courage To Introduce And Drive New Ideas, Following The Open Innovation Principle
Strong Assertiveness And Persuasive As A Contact Person With End Users
High Cooperation And Team Skills
Strong Process Thinking In Terms Of Overall Concept And Business Process Modeling
Very Good And Strong Communication Skills And Social Competence
Confident And Convincing Presence
Experience Leading International Project Teams, Project Management, Pmo, Etc.
Audits On The European General Data Protection Regulation (Eu Gdpr)
Information Security Egrc – Enterprise Governance, Risk Management & Compliance According To The Iso/iec 2700x Family, Iso 22301, Iso 27031, Bsi It-grundschutz, Eu Gdpr, New Bdsg And According To Deumilsaa German Military Security Accreditation Authority (Zdv A-960/1, Etc.)
Bcm, Business Continuity Management According To Iso 22301, Iso 27031 (Bia, Ria, Drp) And Bsi It-grundschutz Standards 100-4/200-4, It Service Continuity Management (Itscm According To Iso 27031), Disaster Recovery Plan, Business Continuity Plan, It Emergency Concepts, Etc.
Kritis: Bsig § 8a Paragraph 1a And The Use Of Intrusion Detection Systems, Early Detection Of Cyber-attacks, Incident Response Management & Rebuilding Of It Systems
C5 & Escloud: Security Concepts For Using Cloud Services (Csp & Csc)
Iam: Identity And Access Management
Bafin: Dora, Macomp And Xait Compliant (Bait, Vait, Zait, Kait); Management Consulting For Credit Institutions, Marisk, Zag
Audits According To Iso 9001, Iso 27000, Iso 27001, Iso 27006, Iso 19011, Iso 22301, Soc, Sox, C5, Pci-dss And Kritis Regulation According To § 11, Art. 1a Enwg And Bsi It-gs
Irbc According To Iso 27031; It Readiness For Business Continuity To Minimize Enterprise-threatening It Risks And Implement Effective Countermeasures
Pm & Pmo According To Pmi, It Service Continuity Management According To Iso 20000 & Itil, Cobit, Cmmi
Languages
Education
TU Santiago
Diploma Engineer (Technical University), specialization in Business Informatics · Business Informatics · Santiago, Chile
Certifications & licenses
CISA/CISM: Certified Information System & Security Lead Auditor according to ISO 27000 TÜV SÜD series and ISO 19011
TÜV SÜD
CISO: Chief Information Security Officer / Professional according to ISO 2700X series
TÜV SÜD
Certified ISMS Lead Auditor according to the IT Security Catalog of the Federal Network Agency (BNetzA)
Bundesnetzagentur
Certified ISMS Lead Implementer according to ISO/IEC 2700X series
TÜV SÜD
Statistics
Experience
Global Experience
Expertise
Qualifications
Profile
Frequently asked questions
Do you have questions? Here you can find further information.
Where is Federico based?
What languages does Federico speak?
How many years of experience does Federico have?
What roles would Federico be best suited for?
What is Federico's latest experience?
What companies has Federico worked for in recent years?
Which industries is Federico most experienced in?
Which business areas is Federico most experienced in?
Which industries has Federico worked in recently?
Which business areas has Federico worked in recently?
What is Federico's education?
Does Federico have any certificates?
What is the availability of Federico?
What is the rate of Federico?
How to hire Federico?
Average rates for similar positions
Rates are based on recent contracts and do not include FRATCH margin.
Similar Freelancers
Discover other experts with similar qualifications and experience
Experts recently working on similar projects
Freelancers with hands-on experience in comparable project as a Senior IAM Manager & Single Point of Contact for Information Security
Nearby freelancers
Professionals working in or nearby Düsseldorf, Germany
