Management

Projekte

Projects

Manage agile, traditional or hybrid projects.
Prozesse

Processes

Optimally manage and model processes.
Interimsmanagement

IT Security

IT security standards 
implement and live.

Interim

Interim

Perform temporary support and coaching.

Projects

Based on our many years of experience in project management, we carry out projects of all sizes not only in the agile world, but also in traditional or hybrid environments. We see ourselves as intermediaries between expertise and implementation, meaning that we aim to understand the project content to such an extent that professional project management can be implemented. Depending on the client's preferences, we follow PM standards such as IPMA, PRINCE2, Scrum or SAFe.
We also provide consulting services for the implementation of such standards, among other things, as part of the introduction of PM manuals or overarching standards such as CMMi.
Projects
Prozesse

Processes

We provide support in the creation and documentation of processes and process models, such as for business processes, software development or product development. In process modeling, we focus on achieving the highest possible level of automation. We have extensive experience in compliance areas such as ISO27000, CMMi or BAIT. For documentation, we use standards such as BPMN and best practice software such as Signavio, ARCIS or Visio. Process orchestrators like Camunda are used for process automation.

IT Security

Our experience in IT security ranges from implementing security standards such as BSI basic protection, ISO27000 or BAIT to implementing IAM / PAM systems (OneIdentity, Forgerock, Tenfold), setting up SOC / SIEM, and optimizing security through the introduction of IT policies, defining naming conventions, introducing automated processes in user and rights management, or setting up jump servers, transfer platforms or introducing zero trust frameworks.
IT Security
Interim

Interim

As interim managers, we take responsibility for leading departments or teams, with a particular focus on IT and product development departments. Our experienced staff guarantee a very rapid familiarization with your topics, taking into account the existing corporate culture, and in close coordination with our clients, focusing and implementing on the specified goals. We can also actively support change management for required reorganizations.

Technologies

PAM

PAM

Secure administrative access to the IT infrastructure.
Cloud

Cloud

Implement and secure Microsoft M365 in a controlled manner.
IAM

IAM

Automate user and rights management.
Image

SOC / SIEM

Detect and defend against cyberattacks.

PAM

In Privileged Access Management, we take care of the authorization management on the administrative side of the IT infrastructure, especially in critical infrastructure companies. PAM accounts are classified and embedded in user and rights management processes, which are implemented as automated as possible depending on the requirements. Management systems such as Forgerock, OneIdentity or Tenfold are used in conjunction with orchestration systems such as Camunda. In addition, target architectures such as Zero Trust Frameworks are supported to achieve the highest possible security standard. Regulatory requirements such as ISO27000, BSI basic protection, or BAIT are usually also taken into account here.
PAM
Cloud

Cloud

We support you in the implementation of Microsoft M365, particularly in the administrative setup for hybrid architectures, including the integration between Azure AD and on-prem AD, where the synchronization between the two directories needs to be designed. Furthermore, an IT security concept must be created that secures the endpoints in use, for example with MFA and integrated hardware and software supply processes.

IAM

The introduction and expansion of products such as Quest OneIdentity, Forgerock Identity Platform, or Tenfold are the focus of our consulting services related to Identity & Access Management. We support the design of processes related to the user lifecycle, the definition of account types, AD structures, or naming conventions. In this context, we also advise on file server hardening, for example, against ransomware attacks, in defining file server permissions and structures, and accompany necessary document classification and file server migrations. To achieve the highest possible degree of automation in the ULC process, we support the integration of HR systems, AD/AAD, KISS, SAP, as well as systems for managing software permissions and distribution.
IAM
Image

SOC / SIEM

In the context of the new requirements of the IT Security Act 2.0, the introduction of SOC/SIEM infrastructures is particularly necessary for critical infrastructure companies. We organize the introduction of the technology for you, including the architecture of transfer networks, network, system and application monitoring, firewall authorizations, the setup and connection of sensors, the necessary measures to reduce vulnerabilities, if necessary, and the ramp-up process for interpreting sensor results, as well as the definition and introduction of rule and emergency processes.

Sectors

Telekommunikation
Telecommunications
energy
Energy
Finance
Finance
Engineering
Engineering

Telecommunications

Experience in the telecommunications sector:
  • Program management for IPTV (service delivery, sales)
  • IPTV risk management
  • Architecture management for wholesale customers
  • Introduction of risk management, process analysis and documentation (BPMN, Camunda)
  • Integration, release management processes, product rollout & deployment management
  • Introduction of a product development process based on CMMi with BPMN (Camunda)
  • Process analysis, process development, process quality, management of the process team
  • Identity management for end customers in mobile/fixed network
  • Adaptation of business processes (BPMN, ARIS), integration of data warehouse (DWH)
  • Provisioning management in the area of AAA domains
  • Introduction of OpenID/OAuth2 infrastructure
  • Organization and implementation of an international software rollout in seven countries
Telecommunications
Energieversorgung

Energy

Experience in the field of energy supply:
  • E2E processes campaign management / customer / consent data.
  • Adaptation of E2E processes for DSGVO Consent Management
  • Assessment of DSGVO conformity, proposal of measures
  • Technical concept creation, epics and user stories as product owner
  • Technical analyses and reports from the data warehouse (DWH)
  • Analysis AD / AAD / conception file server authorization structure
  • Concept creation for IAM automation
  • Ensuring compliance regarding ISO2700, Kritis, DSGVO
  • Compliance with BSI requirements regarding SOC / SIEM for KRITIS
  • Definition of network topology of SOC connection for OT and IT Prioritization of the assets to be connected
  • Definition of operational processes between end customer, provider, SOC
  • Control of the "false positive" phase
  • Implementation of a jump server and file transfer platform solution
  • Classification of login procedures for all customer applications

Finance

Experience in the area of finance:

Derivation of measures from PAM audit findings according to §30 and §44 of the German Banking Act (KWG)
Analysis of actual and conception of target use cases for PAM accesses
  • Creation of a PAM concept for a banking group
  • Identification of all PAM assets and definition of an asset handling process
  • Creation of an access concept for PAM for the technologies used
  • Definition of PAM account types
  • Definition of approval processes for assets and their authorizations
  • Integration of the systems required for PAM access management such as Quest OneIdentity, Ivanti HEAT / CMDB, Wallix Bastion, Cisco ISE, Tufin and Active Directory
  • Design of a technical access process for PAM access based on the Zero Trust Model and the jump server solution Wallix Bastion
  • Ensuring conformity with BAIT, ISO2700, DSGVO, NIST
IAM
Mechanical Engineering

Mechanical Engineering

Experience in the field of mechanical engineering:
  • Management consulting for a post-merger transformation.
  • Transformation of the machine level for IoT and digitalization
  • Introduction of standards / norms (e.g. ISA88 / ISA95)
  • Process analyses and adaptations, value chain analyses, BPMN
  • Conversion of organizational structure: special to standard machine building
  • portfolio management
  • Interim management R&D
  • Introduction of Scrum and Requirement Management
  • Quality management engineering process (hardware / software)
  • Introduction of monitoring and CIP tools for management

Information

© Copyright 2023 – All contents, especially texts, photographs, and graphics, are protected by copyright. All rights, including reproduction, publication, editing, and translation, are reserved by pro:concept GmbH.

Legal
We use cookies
We use cookies on our website. Some of them are essential for the operation of the site, while others help us to improve this site and the user experience (tracking cookies). You can decide for yourself whether you want to allow cookies or not. Please note that if you reject them, you may not be able to use all the functionalities of the site.
Accept all cookies Decline all cookies
Privacy policy | Imprint