11.09.2025 aktualisiert
100 % verfügbar
Enterprise Architekt, IAM, CIAM, Team Lead Infrastructure expert and Cloud expert, DLP Pureview
Stockerau, Österreich
Weltweit
IT Engineer DipleomaSkills
Service ManagerProjektmanagerProject Manager RemoteApplikation ManagementIT SecurityService Delivery ManagerSolution ArchitectSolution ArchitectureScrum Master / Agile MethodenCloud ApplicationsCloud integrationOffice 365 MigrationOffice 365AzureAWS (Amazon Web Services)awsAWS (Amazon WebServices)IAMEnterprise ArchitektCIAMOne Identity Managerping identityNIS2DORA
MAIN SKILLS:
Stakeholder management is always one of my primary focus, because the client's satisfaction can be the key to a successful project.
I was also involved multiple Cloud projects based on Microsoft Azure and Amazon Web Services (AWS) technologies.
At OMV I was an International Solution Architect at OMV , and having worldwide scale refocusing tasks.
In may recent position at UNIQA Global AG, I filled an Enterprise Architect role focusing on IAM and IT security projects.
I led Data Loss Prevention implementation team as well (Microsoft Pureview)
- Enterprise Architecture
- DORA and NIS2 complience
- Project management, (Bank and Service center fields)
- Agile methodology
- Cloud technologies
- IT Security
- Group Lead
- IAM & SSO Protocols: CIAM, OAuth, OpenID Connect, SAML, Ping identity suit, One Identity
- Cloud & DevOps Tools: MS Azure B2C, Azure B2C , Entra ID connect, OpenShift, Docker,Azure DevOps, GitHub,
- Frontend Technologies: HTML, JavaScript (Vanilla).
- Cybersecurity
- Infrastructure management and transformation projects (Telecommunication (A1 Telekom) Insurance (VIG), Bank Unicredit Global) Field
Stakeholder management is always one of my primary focus, because the client's satisfaction can be the key to a successful project.
I was also involved multiple Cloud projects based on Microsoft Azure and Amazon Web Services (AWS) technologies.
At OMV I was an International Solution Architect at OMV , and having worldwide scale refocusing tasks.
In may recent position at UNIQA Global AG, I filled an Enterprise Architect role focusing on IAM and IT security projects.
I led Data Loss Prevention implementation team as well (Microsoft Pureview)
Sprachen
DeutschverhandlungssicherEnglischverhandlungssicherUngarischMuttersprache
Projekthistorie
Designed group-wide CIAM & IAM architecture ( One Identity, Entra ID, Ping identity suit (Directory, Ping-One, Ping federate))
●
Defined IAM standards (SAML, OAuth,Open-ID,MFA, SSO) and GDPR-aligned data-protection controls and identity lifecycle management
●
Led architecture squad; prepared DORA-compliance and network-segmentation strategy
Technology Stack:
-
Provisioning of IAM Automates user onboarding/offboarding and group assignments.
-
Directory Sync with Entra ID to Syncs users from on-prem AD to Entra ID.
-
DLP (Data classification, Data labeling ) Microoft Pureview Architecture and implementation
-
Identity Lifecycle Management at UNIQA with Entra ID governance to manages roles and permissions over time.
-
CIAM (Customer Identity and Access management) PING ONE suit and Microsoft Entra ID.
-
Identity provider Ping Directory, Azure AD B2C transformation
-
Authentication & Authorization: Ping Federate, Ping ID using OpenID, OAuth, SAML.
-
Security Compliance: Multi-Factor Authentication (MFA), Conditional Access (limited in CIAM), Role Based access
●
Defined IAM standards (SAML, OAuth,Open-ID,MFA, SSO) and GDPR-aligned data-protection controls and identity lifecycle management
●
Led architecture squad; prepared DORA-compliance and network-segmentation strategy
Technology Stack:
-
Provisioning of IAM Automates user onboarding/offboarding and group assignments.
-
Directory Sync with Entra ID to Syncs users from on-prem AD to Entra ID.
-
DLP (Data classification, Data labeling ) Microoft Pureview Architecture and implementation
-
Identity Lifecycle Management at UNIQA with Entra ID governance to manages roles and permissions over time.
-
CIAM (Customer Identity and Access management) PING ONE suit and Microsoft Entra ID.
-
Identity provider Ping Directory, Azure AD B2C transformation
-
Authentication & Authorization: Ping Federate, Ping ID using OpenID, OAuth, SAML.
-
Security Compliance: Multi-Factor Authentication (MFA), Conditional Access (limited in CIAM), Role Based access
Directed AD → Azure AD & Microsoft 365 migration, integrating SaaS workloads
●
Introduced updated IAM policies for GDPR
●
Managed mixed on-site/remote engineering team; aligned business & technical stakeholders
Technology Stack: Azure Cloud Migration components:
Compute: Azure Migrate: Server Migration Lift-and-shift of VMs (Hyper-V, VMware, physical)
Storage: Move files and structured data to Azure
Network Routers: Create Azure Virtual Network,
Apps&Web apps: Migrate apps to Azure App Service or virtual environment.
IAM: Sync users from AD to Azure, Role-based access control, MFA and Conditional Access
●
Introduced updated IAM policies for GDPR
●
Managed mixed on-site/remote engineering team; aligned business & technical stakeholders
Technology Stack: Azure Cloud Migration components:
Compute: Azure Migrate: Server Migration Lift-and-shift of VMs (Hyper-V, VMware, physical)
Storage: Move files and structured data to Azure
Network Routers: Create Azure Virtual Network,
Apps&Web apps: Migrate apps to Azure App Service or virtual environment.
IAM: Sync users from AD to Azure, Role-based access control, MFA and Conditional Access
Re-architected monolith trading platform into micro-services; produced risk analysis (ISO 27001)
●
Piloted CyberArk rollout and network segmentation for BAIT compliance
●
Oversaw DevOps pipeline and stakeholder communication across Europe
Technology Stack:
-
TCP IP communication isolation, protecting sensitive systems from unauthorized access
-
Filtering, firewall rules, packet filtering, intrusion detection systems (IDS), log analysis,
-
DMZ creation, designing and deploying buffer zones to isolate public-facing services (web servers, gateways, load balancers,
reverse proxies, and harden
ing OS configurations)
-
Rollout management project leading for multiple technical teams (Solaris, network, Microsoft), Patch and OS lifecycle management, Infrastructure migrations or upgrades, compliance-driven deployments (ISO 27001, GDPR)
●
Piloted CyberArk rollout and network segmentation for BAIT compliance
●
Oversaw DevOps pipeline and stakeholder communication across Europe
Technology Stack:
-
TCP IP communication isolation, protecting sensitive systems from unauthorized access
-
Filtering, firewall rules, packet filtering, intrusion detection systems (IDS), log analysis,
-
DMZ creation, designing and deploying buffer zones to isolate public-facing services (web servers, gateways, load balancers,
reverse proxies, and harden
ing OS configurations)
-
Rollout management project leading for multiple technical teams (Solaris, network, Microsoft), Patch and OS lifecycle management, Infrastructure migrations or upgrades, compliance-driven deployments (ISO 27001, GDPR)