I AM
Christoph Franke.
IT auditor, IT governance manager and
Information Security Architect
High-performing, authentic, unconventional, honest
C
Since 1991, after studying computer science at the Bundeswehr University, I have been continuously working in information technology.
I have been self-employed or working as an entrepreneur since 1998.
Today, my main areas of focus include, in addition to experience in IT infrastructure operation, IT outsourcing and mainframe system programming, as well as leading a system group, primarily IT auditing as an auditor and also as a representative of the audited entity, as well as an architect and expert for information security .
Regarding team leadership, I can draw on my experience as managing director with more than 20 permanent employees and ±50 contractors.
My most important current professional experience was gained in the BAIT-regulated environment in roles with and without personnel responsibility, where DORA is not a foreign concept.
01 QUALIFICATION
MY TOP SKILLS
Mainframe
85%
IT audit
90%
Cloud services
60%
Information security
85%
Security architecture
75%
Cobit
80%
SOC Services
90%
Privileged Access
90%
02 PORTFOLIO
SELECTED PROJECTS.
I will present selected projects on the following page.
Topics include the following aspects:
Bezeichnung | Themen | Laufzeit | Kundenbezeichnung |
|---|---|---|---|
Rectification of MaRisk findings at a financial services provider | Consulting on MaRisk findings including design and definition of solutions | 2023/10 - 2025/03 | FNZ Bank, Aschheim, Germany |
24/7 access monitoring | Extension of authorization monitoring to 24/7 | 2021/06 - 2023/12 | Finanz Informatik Technologie Service, Haar, Germany |
Ransomware protection audit | IT auditor, technical lead of an audit on ransomware defense measures | 2020/04 - 2020/07 | Finanz Informatik Technologie Services, Haar, Germany |
SOC setup at an IT service provider | Contributing as a Senior Security Architect to the setup and operation of a SOC for the financial sector | 2019/08 - 2024/07 | Finanz Informatik Technologie Services, Haar, Germany |
Security Lead Architecture for Outsourcing at a major bank | Work as Security Lead Architect at a major German bank in an outsourcing environment | 2016 - 2019/03 | global Platform Security Team for Infrastructure Operations at a (premier global Bank), Eschborn, Germany |
03 EXPERIENCE
2019 - 2024
FI-TS, Hair
Senior Security Architect
In addition to the architecture, I work on the practical optimization of the CSIRT, including fulfilling the tasks of a security analyst and incident handler. Furthermore, optimizing security and authorization monitoring with Splunk, security incident management, vulnerability management, and supporting internal and external audits are also part of my responsibilities.
2019
KfW, Frankfurt
IT Security Consultant
Onboarding planning and implementation within the framework of Privileged Access Management with One-Identity TPAM.
2016 - 2019
"German major bank", Eschborn
Security Lead Architect Mainframe
Responsibility for the security architecture of the mainframe platform, including hardening, security status and event monitoring. Project architect for the development of a company-wide privileged access management solution for multiple platforms using Shell Control Box, Arcsight, and several ITSM systems.
2013 - 2016
"German major bank", Eschborn
IT Governance Manager (acting)
Optimization and operation of IT governance as well as handling of internal and external audits for a major outsourcing to an international IT service provider.
2010 - 2013
various Finance, Automotive
IT auditor (clients in Germany, UK, USA)
Deployment as external reinforcement of IT audit teams at several banks, a Bavarian car manufacturer, and IT service providers for finance and insurance.
2006 - 2010
DB-Systel
Project architect ISO27001 and mainframe security monitoring
Conception and implementation of technical audits for the core platforms, including industrialization of the processing.
