Uwe Schwarz

Uwe Schwarz
Project Manager

I connect technology, people, and business goals – acting as the bridge between teams, stakeholders, and systems. Whether it's IT security, networking, high-availability infrastructure, or email solutions, I take ownership, lead complex projects, and ensure the results are not just technically sound, but strategically aligned and built to last.

See my work
Download CV

Availability

75% available · 100% from 2027-01-01

Portrait photo of Uwe Schwarz, Project Manager and IT Security Expert.
🛡️ GDPR
🤖 AI
🤝 Human API
📡 networking
💡 strategy
🔐 security

About Me

Illustration of Uwe in three roles: at the top, he is working on a computer with green code on the screen, symbolically supported by an AI. At the bottom left, he explains a network diagram on a flipchart, and at the bottom right, he gives a presentation with a progress chart. The scenes are connected by flowing lines, representing the seamless transition between technology, planning, and communication.

With over two decades of hands-on experience in IT and project leadership, I specialize in building secure, scalable, and future-ready systems. From high-stakes data center migrations to evolving security strategies for regulated industries, I’ve led diverse teams and initiatives that drive tangible business outcomes.

I act as the bridge between technical complexity and strategic clarity. Whether I’m aligning teams on a security roadmap, modernizing infrastructure, or translating compliance requirements into real-world action, I bring a clear head, calm hands, and a passion for connecting the dots between tech and people.

Outside the day-to-day, I stay curious. I’m particularly fascinated by AI and its potential to enhance everything from cybersecurity to user experience. I enjoy experimenting with new tools, self-hosted solutions, and smart workflows – always with an eye on what’s practical, elegant, and secure.

20+Years of Experience
30+Completed Projects
50+Technologies

Experience

Key Projects

Major technical and organizational engagements with high responsibility.

A curated selection of multi-month and multi-year work; further details on request.

Deutsche Rentenversicherung (RP, BW) logo

Program Lead IPv6 Migration

Deutsche Rentenversicherung (RP, BW)

Jan 2026 - Today
Karlsruhe & Speyer, Germany
  • Leading the IPv6 migration for DRV RP, and DRV BW, including governance, planning cadence, and execution tracking.
  • Built and operationalized a project control model with dashboard, action board, KPI portfolio, risk register, and decision index.
  • Coordinating architecture, security, and rollout preparation across addressing, segmentation, dual-stack transition, test-lab planning, and cross-team dependencies.
  • Driving compliance-relevant alignment for BSI, NIS2, and critical infrastructure requirements, evidence obligations, and transparent reporting to management and stakeholder groups within the institution.
  • Achievement: Established a reusable intake-to-governance workflow to create traceable actions, risks, questions, and evidence requests.
  • Achievement: Created the operational baseline for program execution with measurable KPIs, ownership clarity, and decision transparency.
Program Management
Project Governance
IPv6
Network Architecture
Dual Stack
Address Management
BSI
CI
NIS2
Compliance
Risk Management
KPI Management
Evidence Management
Atlassian Jira
Confluence
Microsoft PowerPoint
Infoblox (IPAM)
Joh. Berenberg, Gossler & Co. KG logo

Subproject Lead Data Center Migration & Backup Modernization

Joh. Berenberg, Gossler & Co. KG

Jan 2024 - Sep 2025
Hamburg, Germany
  • Subproject lead within the data center migration project, focusing on Solaris, Linux, storage, and backup environments.
  • Responsible for the modernization and full implementation of the new enterprise backup platform based on Rubrik Security Cloud.
  • Supported the transition of Solaris infrastructure and legacy systems towards modern, cloud-ready architectures.
  • Contributed to the redesign and renewal of the legacy network into a modern, segmented structure with improved security focus.
  • Achievement: Successfully led the Rubrik Security Cloud modernization project, enhancing data protection, compliance, and recovery performance across all business units.
  • Achievement: Contributed to the successful relocation of two data centers with minimized downtime and coordinated dependencies across multiple infrastructure domains.
Project Management
Rubrik Security Cloud
Atlassian Jira
Atlassian Confluence
Microsoft Project
ServiceNow
LeanIX
Delinea
IPv6
Network
Compliance
Backup
Solaris
Rubrik
DORA
Threedium Ltd. logo

Information Security Officer

Threedium Ltd.

Oct 2023 - Jun 2024
London, United Kingdom
  • Consulting in all questions about and around IT security.
  • Support of the DevOps team.
  • Integration of services in SSO infrastructure.
  • Certificate audit: SOC2 and ISO27001
  • Advice on all aspects of GDPR. Introduction of retention policies and data protection guidelines.
  • Introduction of security guidelines.
  • Achievement: Implemented IT security measures that passed a SOC2 audit with zero non-conformities, securing key client contracts.
  • Achievement: Integrated SSO infrastructure across multiple platforms, improving security and user experience.
  • Achievement: Led the team in passing ISO27001 certification within a tight six-month deadline, which opened new markets for the company.
Security
Data Protection
SSO
GDPR
ISO 27001
SOC 2
Atlassian Jira
Atlassian Confluence
Palo Alto Firewall
Cisco
VMware
Windows
Linux
Microsoft Azure
Incident Response
Penetration Testing
Deutsche Vermögensberatung AG logo

IT Security Consultant

Deutsche Vermögensberatung AG

Jan 2019 - Sep 2023
Frankfurt am Main, Germany
  • Consulting regarding any security topics, focus on server and networks.
  • Support and strategy handling during a (large) security incident.
  • Writing (security) policies and technical concepts.
  • Automation of vulnerability and incident management.
  • Support for building IT architecture and strategy (including network architecture, cloud infrastructure, firewall concepts, etc.).
  • Preparation and accompanying of penetration tests (including network, cloud, applications, Active Directory, etc.).
  • Led and managed the Security Operations Center (SOC) team, overseeing daily operations, incident response, and continuous improvement of security processes.
  • Security audits and security oversight for application and network migrations.
  • Specialization in the areas of Linux and networking.
  • IT security consulting also on Windows, Cloud (primarily Azure) and application development.
  • Advice on data protection and certification issues (e.g. ISO27001, BSI Grundschutz, NIST framework, MITRE).
  • Achievement: Managed the response to a major security incident, coordinating efforts that minimized data loss and restored operations.
  • Achievement: Developed and automated a vulnerability management system, reducing incident response time and increasing system uptime.
  • Achievement: Implemented security policies that were later adopted as best practices company-wide.
Security
GDPR
ISO 27001
BSI / NIS2 / NIST / MITRE
ITIL
Guidelines
Atlassian Jira & Confluence
Palo Alto / Cisco
Microsoft Azure
Microsoft Sentinel
Microsoft Defender
Microsoft 365
Deutsche Vermögensberatung AG logo

Team Coordinator / System Architect

Deutsche Vermögensberatung AG

Jul 2015 - Dec 2018
Frankfurt am Main, Germany
  • Coordination and planning of resources of a small team.
  • Focus of the team: e-mail, cloud storage, load balancing, proxy and DNS (all linux based).
  • Analysis, troubleshooting and sustainable remediation in email infrastructures.
  • Consulting and implementation of IPv6, security topics, high-availability systems and more topics.
  • Sub-project lead: data centre relocation including migration and rebuild of applications and server infrastructures into redundant, highly available environments.
  • Achievement: Coordinated a successful data center relocation project.
  • Achievement: Led the implementation of IPv6 across the organization, future-proofing the network.
  • Achievement: Improved team efficiency through the introduction of automated processes and resource management tools.
Team Management
Atlassian Jira & Confluence
dovecot & postfix
Microsoft Azure
IPv6
High-Availability
Load Balancing
Email
Cloud Storage
Proxy
DNS
Deutsche Vermögensberatung AG logo

Product Owner / System Architect

Deutsche Vermögensberatung AG

Jan 2013 - Jun 2015
Frankfurt am Main, Germany
  • Product Owner and system architect for the enterprise-wide email archiving platform, including requirements management, technical roadmap, and long-term evolution.
  • Led the design and implementation of a legally compliant archive for more than 50,000 users, ensuring immutable retention, auditability, and long-term maintainability.
  • Introduced scalable storage, redundancy concepts, monitoring, indexing and full-text search to enable efficient retrieval of historical correspondence.
  • Close collaboration with legal, compliance, and auditing teams to meet regulatory requirements and ensure long-term evidentiary integrity.
  • Secondary responsibilities in the surrounding mail infrastructure (dovecot, postfix), Linux-based services, DNS, proxy, load balancing and cloud storage.
  • Achievement: Delivered a stable, compliant archive used daily across the entire organization.
  • Achievement: Established future-proof data retention strategies aligned with strict regulatory expectations.
Email Archiving
Compliance
Retention Policies
dovecot
postfix
Linux
High Availability
Monitoring
Full-Text Search
Indexing
Scalability
Auditability
IPv6

Additional & Focused Projects

Complementary or specialized projects with flexible scope.

Specialized, flexible, or focused initiatives that complement the broader work.

DEGIT AG logo

Member of the Board

DEGIT AG

May 2018 - Present
Hockenheim, Germany
  • Information Security Officer and Data Protection and Privacy Officer.
  • Access to experts from multiple fields.
  • Competent and focused partner for all consulting needs.
  • Building a secure and compliant IT infrastructure with a focus on modern technologies (IPv6, Zero Trust, Zero-Config VPN, etc.) and best practices.
  • Responsible for corporate governance in IT security, privacy and compliance topics.
Security
Privacy
Microsoft 365
Notion
Cloudflare
Resend
Supabase
IPv6
Zero Trust
Zero-Config VPN
Governance
Training
Security Awareness
Risk Management
Compliance
EU AI Act
xtensible UG (haftungsbeschränkt) & Co. KG logo

SchlauFabrik – Multi-tenant Compliance & AI Training Platform

xtensible UG (haftungsbeschränkt) & Co. KG

December 2025 - Present
Hockenheim, Germany
  • Designed and built a modern, responsive training platform for compliance and AI topics with tenant isolation and role-based access.
  • Implemented security-by-design with Postgres Row-Level Security, audit logging, rate limiting, and hardened authentication flows (Passkey/Magic Link/2FA/SSO).
  • Built course delivery with progress tracking, quizzes, enrollments, and admin dashboards for tenant/user management.
  • Delivered tamper-evident PDF certificates with QR verification and cryptographic hashing; enabled bulk export for audits.
  • Integrated Stripe billing (subscriptions, portal, webhooks) with license models and soft-lock mechanisms for tenant limits.
  • Tech: Next.js (App Router), TypeScript, Bun, Tailwind, next-intl (DE/EN), Neon Postgres, Stripe, Resend, Vitest/Playwright.
Multi-tenant
Compliance
AI Training
RBAC
Postgres RLS
Stripe
Next.js
TypeScript
Tailwind
Neon Postgres
Vitest
Playwright
AKTion gegen Krebs gUG logo

Founding Member & Data Protection Officer

AKTion gegen Krebs gUG

May 2025 - Present
Seevetal, Germany
  • Founding member responsible for data protection and GDPR compliance.
  • Developed and maintain the organization's backend systems.
  • Planning and implementing AI-supported workflows for case management.
  • Responsible for IT security strategy and risk management.
  • Established GDPR-compliant data protection framework from the ground up.
Data Protection
IT Security
AI Workflows
Agentic AI
Backend Systems
Backup-Strategies
IPv6
Zero Trust
Zero-Config VPN
Risk Management
Compliance
Notion
Cloudflare
Resend
Supabase
DEGIT AG logo

AI Training Platform & AI Tools Evaluation

DEGIT AG

Aug 2025 – Oct 2025
Hockenheim, Germany
  • Design and implementation of an internal AI training platform for corporate use, focusing on compliance with the EU AI Act and practical enablement of teams.
  • Evaluation and decision paper comparing leading AI and automation platforms with regard to data protection, reliability, API integration and governance readiness.
  • Evaluation of emerging Agentic AI workflows for multi-step task orchestration and their integration into enterprise automation environments.
  • Analyzed and benchmarked: OpenAI ChatGPT, OpenAI Open-Weight GPT-OSS, Microsoft Copilot, Perplexity, Anthropic Claude, Apple Foundation, z.AI GLM, n8n, make.com, Zapier.
AI Evaluation
AI Training
EU AI Act
Supabase
Cloudflare
Automation
n8n
make.com
Zapier
OpenAI
Apple Foundation
Anthropic Claude
Microsoft Copilot
Perplexity
z.AI GLM
Agentic AI
Enterprise Automation
Cursor
Claude Code
OpenAI Codex
GEHR Datentechnik GmbH logo

Code Review & Security Advisory

GEHR Datentechnik GmbH

Oct 2023
Mannheim, Germany
  • Comprehensive code review of the existing PHP application with a structured assessment of critical, medium and low-severity issues.
  • Creation of a detailed review document including technical findings, recommended remediation steps, and prioritization for development teams.
  • Consulting on application and infrastructure security with a focus on practical improvements, secure coding patterns and operational hardening.
  • Support during the implementation phase to fix identified issues and improve overall application resilience.
Code Review
Security Advisory
Vulnerability Analysis
GDPR
OWASP
Web Security
Data Protection
Risk Assessment
Linux
PHP
MySQL
More previous projects or references available upon request.
Download CV
Loading…
Loading…
Loading…