LORENZ NEHER
Dipl. El.-Ing. FH, CISA, CISSP Risk & Security Consulting
Consulting & project experience
Project manager for concept, set-up and certification of first Swiss public PKI according Swiss Federal Signature Law
Technical project manager for the concept and implementation of a large enterprise network authentication service according 802.1x EAP-TLS
Several PKI and Certificate based security projects
Design, Implementation and Audit of ISMS according 27001
Process oriented, technical audit and assessment of essential business process in the finance industry such as stock exchange, clearing and settlement of securities and treasury for regulatory reporting
SAS 70 audit of the supplied services in the financial sector (e.g. Security Lending and Borrowing) and Outsourcing
Audit and assessment of a migration venture (migration to Windows 2003/XP)
Security Assessment of internet access
Technical audit of the compliance with terms and conditions of SWX Swiss Exchange
Expertise
Risk & Security analysis in banking and industries sector
Information Security Management according: BS7799 / ISO 27001 and CoBIT
Security architecture and perimeter security concepts
PKI and cryptographical measures for data encryption, time stamping and digital signature
Professional experience
Since 2004 Senior Consultant , Risk & Security Consulting Swisscom Solutions AG
2001 - 2004 KPMG Fides Peat, Senior Consultant and IS Auditor
1995 – 2001 Frey + Cie Telecom AG, System Engineer, Head of Engineering
1991 - 1995 Alcatel STR AG (MDS AG), System Engineer
Professional Education
Studies in electrical engineering at ATIS with Diploma
Business economist NDS/FH
CISSP (Certified Information Systems Security Professional
CISA (Certified Information Systems Auditor
European Organization Quality Auditor (EOQ)
