Director GIS Network & Telecommunications

Managing a global team for many topics after the merger of Software AG and IDS Scheer AG. Helped some team members in their professional career, so they could take over smaller teams from me (call that a win-win).

Technical lead on several mergers and acquisitions, especially for identity migration and communication tools.

Migration from an on-premises environment based on Active Directory to the Azure cloud. This included the setup of an hybrid environment for legacy systems and the migration to EntraID, Exchange Online, Teams, SharePoint and OneDrive.

Setup of an ESAE (Enhanced Security Admin Environment) for our Active Directory together with Microsoft.

Implementation of SSO (Single-Sign-On) based on Kerberos, SAML and OAuth authentications – migration of nearly one hundred systems to use the new function. Introduction of FIDO2 multi-factor authentication where suitable (basically Yubikeys and WebAuthn).

Setup of a redundant monitoring solution based on Zabbix. Monitoring several 10K machines with automatic onboarding and alerting using mails, SMS and later REST API calls to Teams channels. Also using Elasticsearch (ELK stack) and Grafana for the visualization of our CIAM environment.

Development of PowerShell scripts to automate synchronization of user information from SAP HR and later Workday to the Active Directory. This did not only created an automatic workflow for the joiner and leaver process, but also ensured that the data in the identity store (Active Directory) was always accurate with the data provided form the HR system with the corresponding birth right.

Creation of automatically maintained distribution groups for Exchange based on information from the leading HR system.
Implementation of a litigation mail archive to ensure immutable mails in case of legal issues.
Separation of address books in Exchange during mergers and acquisitions as required.

Setting up an IT Security team which operates also the firewalls globally and takes care of the global WAN connections.
As OPSEC is part of my private life I joined the team blue here just easily 🙂

Developed several web applications to help us finding problems quicker as well as some applications which were used by the end users to find information quicker and in a browser – the one tool everybody can use just fine…

Senior manager GIS

Consolidation of several Active Directory and Exchange environments into one central identity store.

Global rollout of a communication system based on Microsoft Lync, later migration to Skype.

Setting up a PKI (Public Key Infrastructure) infrastructure based on Windows to provide S/MIME and server/client certificates for user. The S/MIME certificates were provided automatically upon user activation and made available in the address book. Private keys were stored with a key recovery procedure which required IT and data protection team in order to restore a private key (four eye principle).

Unification of firewalls globally with a central management as well as a global WAN infrastructure.

Start of global, centrally managed WIFI infrastructure.

Director Corporate IT

Definition of IT strategy an architecture on a global base.

Rollout of a global Active Directory and Exchange mail server environment with high redundancy.

Implementation of multi-factor authentication using tokens from RSA SecurID.

Migration of firewalls to next generation UTM applications from Checkpoint.

Rollout of global processes in the region Americas and Asia, including budget planning for the regions. Also setting up first infrastructures and connectivity to the headquarter.

IT Manager

Setup of a secured infrastructure with servers responsible for SPAM and antivirus protection.

Defined the first security policy for the setup of servers (Windows and Linux) and how to hardem them accordingly – especially if they face the Internet.

Backup and disaster recovery procedure definitions.

Migration from Novell to Microsoft based server environment (file server and mail).

IT Administrator

Setup the very first mail system for the company with ISDN router and a gateway to the university. The tool we used was Pegasus mail – there was not much in the mailboxes yet back then.

Created the first LAN and WAN connections between offices – basically using ISDN and ring networks. Once we got our first Internet line, other office locations got routed over the main office.

Programmed the first – very simple – Internet web page for our company after acquiring the domain name. This was later taken over by marketing and graphics department.

Setting up new offices in different cities – including some European capitals.

Working student

Literally started as a student who was initially hired to cleanup the cellar – physically probably one of the hrder jobs in my life…

Created first PowerPoint presentations on Windows 2.0 – became a master of scrolling 🙂

Switched to the development department where I was in charge to program a hypertext help environment for our tools on IBM OS/2.

Joined the newly created IT (EDV) team where I finally found my profession so far.