Stefan Gröne - Senior Technical Architect / Sub-project Manager
Experience
Senior Technical Architect / Sub-project Manager
Helaba
Sub-project management
Designing the technical architecture and implementation
MS Active Directory
MS Azure Entra ID
Omada Identity Suite
Strategic realignment of the hybrid identity architecture of a regulated bank. Consolidation and security-focused standardization of multiple Active Directory environments and building a bank-wide Microsoft Entra ID structure. Migration of users and groups into a hybrid identity architecture and integration of Entra ID into existing governance and access processes (Omada). Implementation of regulatory requirements and establishment of audit-ready lifecycle processes to reduce structural security risks.
Senior Technical Architect / Sub-project Manager
Helaba
Sub-project manager and technical architect for the restructuring
MS Active Directory
MS Azure Active Directory
Omada Identity Suite
LDAP
Overall technical responsibility for the security-focused restructuring of a regulated bank’s Active Directory environment. Implementation of the target architecture concept with consideration of governance, tiering, and hybrid identity requirements. Adaptation and partial redevelopment of existing interfaces to IGA and cloud components to prepare for Azure AD integration and to improve auditability and standardize identity processes.
Senior Technical Architect
Helaba
Project lead for migration of MS Windows and MS SQL Server to current versions
MS Active Directory
Omada Identity Suite
Development and documentation of a security-focused detailed concept for the strategic realignment of the on-prem Active Directory architecture of a regulated bank. Definition of the target architecture with consideration of tiering models, governance requirements, hybrid identity preparation, and integration into existing IGA processes. The goal was to create a standardized, auditable, and cloud-ready AD structure as a basis for the subsequent transformation.
Project Manager
ISS
Project management for migration of MS Windows and MS SQL Server to current versions
MS Windows Server
MS SQL Server
MS Project
Jira
Overall responsibility for the technical and organizational execution of the migration and consolidation of 30 Windows servers and 7 SQL servers to current, supported versions. Led the project team, coordinated with business units on application dependencies, and ensured a low-disruption transition to the target environment. In addition to platform modernization, this laid the foundation for increased operational stability, supportability, and security compliance.
Senior Technical Architect / Project Manager
Helaba
Creating a concept for optimization and automation of Active Directory
MS Active Directory
MS PowerShell
Omada Identity
Architecture and implementation of a security-focused realignment of Active Directory to meet regulatory requirements and reduce administrative complexity. Restructuring the OU and GPO architecture and analyzing and cleaning up about 18,000 permission groups to reduce permission sprawl and improve auditability. Development and implementation of an automated interface to the identity governance system (Omada) to fully map the user lifecycle and enable audit-ready control of permissions. Result: significant increase in transparency, governance capability, and security in the identity environment while reducing manual administration efforts.
Senior Technical Architect / Subproject Manager
Helaba
Create a filesystem migration plan and execute the migration
MS Active Directory
Omada Identity
MS DFS
NetApp vServer
Security-focused restructuring of the bank-wide filesystem as part of organizational changes. Designed and implemented a standardized, governance-compliant target structure, including redefining permission models. Automated data migration coordinated with business units and integrated permissions into the identity governance system (Omada). Cleaned up obsolete access rights to reduce permission risks and improve auditability. Result: a transparent, audit-ready filesystem structure with clear permission logic and reduced security complexity.
Senior Technical Architect / Subproject Manager
Helaba
Develop overall concept for redesigning Active Directory and the filesystem
MS Active Directory
Omada Identity
MS DFS
NetApp vServer
Architected and implemented the technical integration of Active Directory and the filesystem into a bank-wide identity governance system (Omada). Redesigned the AD and filesystem structure to support role-based permission models and to prepare for audit-proof, centrally managed permission assignment. Created the overall concept and implemented the required interfaces. Result: established a governance-compliant, centrally managed permission architecture as a basis for regulatory compliance and future hybrid identity transformation.
Infrastructure Architect
ThyssenKrupp AG
Create a technical concept for the data center outsourcing tender
MS Azure Cloud
IT Security
MS Windows Server
Virtualization
Technical concept for outsourcing Europe's data centers to an external provider, using both a traditional data center and MS Azure Cloud. Focus on migrating servers and application systems to the cloud and data center while considering technical feasibility and security aspects.
Migration Expert
ThyssenKrupp AG
Analyze existing infrastructure and application systems
Support the migration
MS Active Directory
MS Windows Server 2003, 2008R2, 2012R2
VMWare ESX
Harmonized IT infrastructure as part of ThyssenKrupp Elevator GmbH's global unITe project. Described system and application dependencies and developed transition strategies for the Future Model Operations.
Project Manager
Staples Europe
Multi-project management for IT infrastructure projects
Managing project team members
Change and incident management
Reporting to stakeholders
MS Active Directory
MS Windows Server 2012R2
VMWare ESX
EMC Storage
Standardized and upgraded existing Windows Server 2003 environments. Harmonized IT infrastructure across Europe, consolidated old AD domains, migrated around 300 servers to Windows 2012R2, implemented virtualization with VMware ESX, managed data center relocations and Exchange migration to MS Office 365, and introduced centralized software distribution using MS SCCM.
Project Manager
Daimler AG
Project control
Planning and conducting workshops to document and optimize processes
Modeling processes
Integrating processes into a workflow tool
MS Windows Server 2008R2
MS IIS
MS SQL Server
Cabacos CMS
EPK
Analysis, optimization and modeling of processes in the technical service of the commercial vehicle plant. Implementation and rollout in a workflow tool.
Technical Project Manager
Daimler AG
Project management and supplier management
Definition and implementation of processes according to ITIL
Improvements in IT security
Creation of technical concepts
MS Active Directory
MS Windows Server 2008R2
MS Windows 7
MS Office 2010
ARIS
ITIL
Sophos
Qualys
Integration of existing and newly acquired production computers into the global AD, planning and execution of the integration with IT security aspects in mind, definition of operational processes and introduction of necessary procedures.
Head of IT Department
Median Kliniken Bad Krozingen
- Leading employees
- Project planning, leadership, management and controlling
- Process analysis and optimization in the context of software changes and implementations
- Participating in organizational adjustments
- IT procurement
- Server administration
- Managing user support (1st/2nd/3rd level)
- Advising management and staff on IT issues
- Developing IT training programs
- Introducing a training system
- Drafting works agreements
- Contractual matters
Working Student in IT Department
Wincor-Nixdorf AG
- User support (1st/2nd level)
- Server administration
- Installation and administration of client operating systems
- Installation and configuration of applications
Industry Experience
See where this freelancer has spent most of their professional time.
Experienced in Banking and Finance, Healthcare, Information Technology, Manufacturing, Retail, and Automotive.
Business Area Experience
See which departments and functions this freelancer has contributed to most.
Experienced in Information Technology, Project Management, Procurement, Customer Service, and Operations.
Summary
- 20+ years of IT experience
- Focus: Active Directory security, hybrid identity, governance
- Experience in regulated environments (banking, automotive)
- Implementation of regulatory requirements (BAIT, ISO 27001, BSI)
- Architectural responsibility, migration, hardening, automation
- Bridging technology, governance, and organization
Skills
Focus Areas
- Identity & Access Management (Iam / Iga)
- Active Directory Security & Tiering Concepts
- Hybrid Identity (On-prem Ad / Entra Id)
- Permission Modeling & Governance
- Security Hardening According To Cis / Bsi
- Regulatory Requirements In Banking
- Technical Automation (Powershell)
Technical Skills
- Operating Systems: Ms Windows Server, Ms Windows Client, Macintosh Os X
- Programming Languages: Powershell, Html, Css, Javascript (Basic), Java (Basic)
- Databases: Ms Sql Server, Ms Access, Mysql
- Networking/data Communication: Tcp/ip, Lan/wan, Smtp/email, Firewall, Vpn, Interfaces
- Software: Microsoft Active Directory, Microsoft Office 2013, 2016, 365, Omada Identity Suite, Jira/confluence, Microsoft Project, Microsoft Visio, Lotus Notes/domino, Bmc Remedy Itsm, Servicenow
- Cloud: Microsoft Entra Id, Microsoft Azure, Microsoft Office 365, Google Apps For Business
- Data & Process Modeling: Erm, Eepk, Aris, Omega
- Methods: Itil, Prince2, Cis Benchmarks, Bsi Baseline Protection, Bait, Iso/iec 27001, 27002
- Industries: All (Focus On Banking, Automotive, Retail, Healthcare)
Languages
Education
Paderborn University
Business Informatics program, no degree · Business Informatics · Paderborn, Germany
Merchant in wholesale and foreign trade · Wholesale and foreign trade
Certifications & licenses
Security, Compliance, and Identity Fundamentals SC-900
Microsoft
Certified Lotus Professional SA
Microsoft Azure Fundamentals AZ-900
Statistics
Experience
Global Experience
Expertise
Qualifications
Profile
Frequently asked questions
Do you have questions? Here you can find further information.
Where is Stefan based?
What languages does Stefan speak?
How many years of experience does Stefan have?
What roles would Stefan be best suited for?
What is Stefan's latest experience?
What companies has Stefan worked for in recent years?
Which industries is Stefan most experienced in?
Which business areas is Stefan most experienced in?
Which industries has Stefan worked in recently?
Which business areas has Stefan worked in recently?
What is Stefan's education?
Does Stefan have any certificates?
What is the availability of Stefan?
What is the rate of Stefan?
How to hire Stefan?
Average rates for similar positions
Rates are based on recent contracts and do not include FRATCH margin.
Similar Freelancers
Discover other experts with similar qualifications and experience
Miguel Skirl
Halil Oeztoprak
Markus Halbedel
Frédéric Klein
Pierre Gronau
Peter Fleischer
Michael Lenz
Frank Joraschkewitz
Alagi Mansaray
Peter Weileder
Markus Ickenroth
Elias Vasiliadi
Experts recently working on similar projects
Freelancers with hands-on experience in comparable project as a Senior Technical Architect / Sub-project Manager
Miguel Skirl
Halil Oeztoprak
Markus Halbedel
Pierre Gronau
Peter Fleischer
Mike Barthel
Christian Enderle
Frank Joraschkewitz
Frédéric Klein
Oliver Frömel
Alagi Mansaray
Peter Weileder
Nearby freelancers
Professionals working in or nearby Ballrechten-Dottingen, Germany
Tobias Bobka
FRATCH Henke
Anke Verrino
Ralph Elsäßer
Thomas Kasemir
Bernd Westermann
Stefan Hartl
Jan Hertlein
Joscha Greuel
Olesja Romme
Matthias Weber
