I AM
Christoph Franke.
IT auditor, IT governance manager and
Information Security Architect
High-performing, authentic, unconventional, honest
C
Since 1991, after studying computer science at the Bundeswehr University, I have been continuously working in information technology.
I have been self-employed or working as an entrepreneur since 1998.
Today, my main areas of focus include, in addition to experience in IT infrastructure operation, IT outsourcing and mainframe system programming, as well as leading a system group, primarily IT auditing as an auditor and also as a representative of the audited entity, as well as an architect and expert for information security .
Regarding team leadership, I can draw on my experience as managing director with more than 20 permanent employees and ±50 contractors.
My most important current professional experience was gained in the BAIT-regulated environment in roles with and without personnel responsibility, where DORA is not a foreign concept.
01 QUALIFICATION
MY TOP SKILLS
Mainframe
85%
IT audit
90%
Cloud services
60%
Information security
85%
Security architecture
75%
Cobit
80%
SOC Services
90%
Privileged Access
90%
02 PORTFOLIO
SELECTED PROJECTS.
I will present selected projects on the following page.
Topics include the following aspects:
Bezeichnung | Themen | Laufzeit | Kundenbezeichnung |
|---|---|---|---|
Industrialization of Security Monitoring | Introduction of automated and industrialized technical audits (target/actual comparisons) for various platforms at DB-Systel | 2008 - 2010 | DB-Systel, Frankfurt/Erfurt, Germany |
Mainframe security audit at a German insurance company | Mainframe security audit with a focus on RACF at an insurance company | 2004 - 2006 | VGH, Hanover, Germany |
Mainframe audit at an IT service provider | Mainframe audit for an IT service provider in the finance sector, covering various aspects | 2002 - 2007 | IZB, IZB-Soft, Finanz-Informatik Technology Services, Munich, Germany |
Mainframe audit at a Deutsche Bank | Mainframe audit at a major international German bank with a security focus | 2000 | IT-Revision a (premier global Bank), Eschborn, Germany |
03 EXPERIENCE
2019 - 2024
FI-TS, Hair
Senior Security Architect
In addition to the architecture, I work on the practical optimization of the CSIRT, including fulfilling the tasks of a security analyst and incident handler. Furthermore, optimizing security and authorization monitoring with Splunk, security incident management, vulnerability management, and supporting internal and external audits are also part of my responsibilities.
2019
KfW, Frankfurt
IT Security Consultant
Onboarding planning and implementation within the framework of Privileged Access Management with One-Identity TPAM.
2016 - 2019
"German major bank", Eschborn
Security Lead Architect Mainframe
Responsibility for the security architecture of the mainframe platform, including hardening, security status and event monitoring. Project architect for the development of a company-wide privileged access management solution for multiple platforms using Shell Control Box, Arcsight, and several ITSM systems.
2013 - 2016
"German major bank", Eschborn
IT Governance Manager (acting)
Optimization and operation of IT governance as well as handling of internal and external audits for a major outsourcing to an international IT service provider.
2010 - 2013
various Finance, Automotive
IT auditor (clients in Germany, UK, USA)
Deployment as external reinforcement of IT audit teams at several banks, a Bavarian car manufacturer, and IT service providers for finance and insurance.
2006 - 2010
DB-Systel
Project architect ISO27001 and mainframe security monitoring
Conception and implementation of technical audits for the core platforms, including industrialization of the processing.
