Uwe Schwarz

Uwe Schwarz
Project Manager

I connect technology, people, and business goals – acting as the bridge between teams, stakeholders, and systems. Whether it's IT security, networking, high-availability infrastructure, or email solutions, I take ownership, lead complex projects, and ensure the results are not just technically sound, but strategically aligned and built to last.

See my work
Download CV

Availability

75% available · 100% from 2027-01-01

Portrait photo of Uwe Schwarz, Project Manager and IT Security Expert.
🛡️ GDPR
🤖 AI
🤝 Human API
📡 networking
💡 strategy
🔐 security

About Me

Illustration of Uwe in three roles: at the top, he is working on a computer with green code on the screen, symbolically supported by an AI. At the bottom left, he explains a network diagram on a flipchart, and at the bottom right, he gives a presentation with a progress chart. The scenes are connected by flowing lines, representing the seamless transition between technology, planning, and communication.

With over two decades of hands-on experience in IT and project leadership, I specialize in building secure, scalable, and future-ready systems. From high-stakes data center migrations to evolving security strategies for regulated industries, I’ve led diverse teams and initiatives that drive tangible business outcomes.

I act as the bridge between technical complexity and strategic clarity. Whether I’m aligning teams on a security roadmap, modernizing infrastructure, or translating compliance requirements into real-world action, I bring a clear head, calm hands, and a passion for connecting the dots between tech and people.

Outside the day-to-day, I stay curious. I’m particularly fascinated by AI and its potential to enhance everything from cybersecurity to user experience. I enjoy experimenting with new tools, self-hosted solutions, and smart workflows – always with an eye on what’s practical, elegant, and secure.

20+Years of Experience
30+Completed Projects
50+Technologies

Experience

Key Projects

Major technical and organizational engagements with high responsibility.

A curated selection of multi-month and multi-year work; further details on request.

Deutsche Rentenversicherung (RP, BW) logo

Technical Program Lead IPv6 Migration

Deutsche Rentenversicherung (RP, BW)

Jan 2026 - Today
Karlsruhe & Speyer, Germany
  • Technical program ownership for the IPv6 migration at DRV RP and DRV BW, with a focus on migration planning, execution structure, and cross-functional technical coordination.
  • Designed and implemented an operational control model with dashboard, action board, KPI portfolio, risk register, and decision index to translate technical topics into structured delivery artifacts.
  • Coordinated technical groundwork for architecture and rollout across IPv6 addressing, segmentation, dual-stack target design, test-lab planning, and cross-team dependencies.
  • Supported security- and compliance-related requirements in the context of BSI, NIS2, and critical infrastructure, translating them into traceable evidence, risks, and management reporting.
  • Achievement: Established a reusable intake-to-governance workflow for systematically capturing technical actions, risks, open issues, and evidence requirements.
  • Achievement: Created an operational baseline for technical program execution with measurable KPIs, clear ownership, and transparent decision support.
Technical Program Leadership
IPv6
Network Architecture
Dual Stack
Address Management
Network Segmentation
Test Lab Planning
Rollout Preparation
BSI
Critical Infrastructure
NIS2
Compliance
Risk Management
KPI Management
Evidence Management
Atlassian Jira
Confluence
Microsoft PowerPoint
Infoblox (IPAM)
Joh. Berenberg, Gossler & Co. KG logo

Technical Subproject Lead Data Center Migration & Backup Modernization

Joh. Berenberg, Gossler & Co. KG

Jan 2024 - Sep 2025
Hamburg, Germany
  • Technical subproject ownership within the data center migration, focused on Solaris, Linux, storage, and backup environments.
  • Designed, modernized, and implemented the enterprise backup platform based on Rubrik Security Cloud, coordinating across operations, security, and recovery requirements.
  • Contributed to the evolution of the Solaris infrastructure and the phased replacement of legacy systems with modern, cloud-ready target architectures.
  • Supported the technical renewal of the network infrastructure toward a segmented, security-oriented architecture with clearer operational and protection boundaries.
  • Achievement: Established a modernized backup baseline with improved data protection, compliance, and recoverability across multiple business units.
  • Achievement: Contributed to the technical preparation and coordinated execution of the relocation of two data centers, with minimized downtime and aligned infrastructure dependencies.
Technical Subproject Leadership
Data Center Migration
Rubrik Security Cloud
Backup Modernization
Storage
Solaris
Linux
Legacy Modernization
Network Segmentation
Compliance
DORA
Rubrik
Atlassian Jira
Atlassian Confluence
Microsoft Project
ServiceNow
LeanIX
Delinea
IPv6
Threedium Ltd. logo

Information Security Engineer & Compliance

Threedium Ltd.

Oct 2023 - Jun 2024
London, United Kingdom
  • Advised on and implemented information security measures across technical security controls and organizational security requirements.
  • Supported the DevOps team on security-related topics, operational hardening measures, and the integration of security requirements into existing platform and deployment processes.
  • Integrated services into the existing SSO infrastructure to standardize authentication, access control, and user management across multiple platforms.
  • Supported audit and certification readiness for SOC 2 and ISO 27001, including control mapping, evidence collection, and coordination of technical and organizational measures.
  • Advised on GDPR requirements and introduced retention rules, data protection policies, and related organizational controls.
  • Introduced and evolved security policies and baseline controls to strengthen the organization's overall security posture.
  • Achievement: Implemented IT security measures that supported a SOC 2 audit with zero non-conformities and helped secure key client requirements.
  • Achievement: Integrated SSO infrastructure across multiple platforms, improving security, access consistency, and user experience.
  • Achievement: Contributed to successful ISO 27001 certification within a tight timeline through structured implementation of requirements, controls, and evidence.
Information Security
Security Controls
Security Engineering
DevSecOps
SSO
Identity & Access Management
GDPR
ISO 27001
SOC 2
Atlassian Jira
Atlassian Confluence
Palo Alto Firewall
Cisco
VMware
Linux
Microsoft Azure
Incident Response
Penetration Testing
Deutsche Vermögensberatung AG logo

Security Engineer & Incident Response

Deutsche Vermögensberatung AG

Jan 2019 - Sep 2023
Frankfurt am Main, Germany
  • Provided security consulting and technical support across information security, with a focus on server, network, and infrastructure security.
  • Supported strategic and operational activities during a major security incident, including coordination of response, containment, and recovery.
  • Developed and refined security policies, technical concepts, and implementation-oriented security standards.
  • Automated vulnerability and incident management to improve structured intake, prioritization, and handling of security-relevant events.
  • Supported the build-out and evolution of IT architecture and security strategy, particularly in network architecture, cloud infrastructure, and firewall design.
  • Prepared and supported penetration tests across network, cloud, application, and Active Directory environments.
  • Held operational responsibility in the SOC environment, focusing on security monitoring, incident response, and continuous improvement of analysis and escalation processes.
  • Performed security audits and provided security oversight for application and network migrations.
  • Technical focus on Linux and networking, complemented by security consulting for Windows, Azure, and application development environments.
  • Advised on data protection, audit, and certification requirements, including ISO 27001, BSI baseline protection, NIST, and MITRE.
  • Achievement: Contributed to the coordinated response to a major security incident, with a focus on damage containment, recovery, and operational stabilization.
  • Achievement: Developed and automated a vulnerability management approach, improving response times and transparency in incident handling.
  • Achievement: Implemented security policies and technical security standards that were later adopted as reusable best practices across the organization.
Information Security
Security Engineering
Incident Response
SOC
Vulnerability Management
Network Security
Linux
Cloud Security
Microsoft Azure
Microsoft Sentinel
Microsoft Defender
Microsoft 365
GDPR
ISO 27001
BSI Baseline Protection
NIST
MITRE
ITIL
Policies & Standards
Atlassian Jira & Confluence
Palo Alto / Cisco
Deutsche Vermögensberatung AG logo

Lead Infrastructure Engineer

Deutsche Vermögensberatung AG

Jul 2015 - Dec 2018
Frankfurt am Main, Germany
  • Handled technical coordination and resource planning for a small infrastructure team.
  • The team’s scope covered Linux-based platforms for email, cloud storage, load balancing, proxy, and DNS.
  • Analyzed, troubleshot, and sustainably stabilized complex email infrastructures.
  • Provided consulting and technical implementation across IPv6, security, and highly available infrastructure systems.
  • Held technical subproject responsibility for a data center relocation, including migration and rebuild of applications and server infrastructure into redundant, highly available target environments.
  • Achievement: Contributed to the coordinated execution of a successful data center relocation with aligned infrastructure dependencies and stable operational transition.
  • Achievement: Introduced IPv6 in the enterprise environment as part of the long-term modernization of the network infrastructure.
  • Achievement: Improved team throughput and operational stability through automation and more structured resource coordination.
Infrastructure
Linux
Email Infrastructure
Dovecot & Postfix
IPv6
High Availability
Load Balancing
Cloud Storage
Proxy
DNS
Data Center Migration
Atlassian Jira & Confluence
Microsoft Azure
Deutsche Vermögensberatung AG logo

System Architect Email Archiving

Deutsche Vermögensberatung AG

Jan 2013 - Jun 2015
Frankfurt am Main, Germany
  • Product Owner and system architect for the enterprise-wide email archiving platform, including requirements management, technical roadmap, and long-term evolution.
  • Led the design and implementation of a legally compliant archive for more than 50,000 users, ensuring immutable retention, auditability, and long-term maintainability.
  • Introduced scalable storage, redundancy concepts, monitoring, indexing and full-text search to enable efficient retrieval of historical correspondence.
  • Close collaboration with legal, compliance, and auditing teams to meet regulatory requirements and ensure long-term evidentiary integrity.
  • Secondary responsibilities in the surrounding mail infrastructure (dovecot, postfix), Linux-based services, DNS, proxy, load balancing and cloud storage.
  • Achievement: Delivered a stable, compliant archive used daily across the entire organization.
  • Achievement: Established future-proof data retention strategies aligned with strict regulatory expectations.
Email Archiving
Compliance
Retention Policies
dovecot
postfix
Linux
High Availability
Monitoring
Full-Text Search
Indexing
Scalability
Auditability
IPv6

Additional & Focused Projects

Complementary or specialized projects with flexible scope.

Specialized, flexible, or focused initiatives that complement the broader work.

DEGIT AG logo

Member of the Board

DEGIT AG

May 2018 - Present
Hockenheim, Germany
  • Information Security Officer and Data Protection and Privacy Officer.
  • Access to experts from multiple fields.
  • Competent and focused partner for all consulting needs.
  • Building a secure and compliant IT infrastructure with a focus on modern technologies (IPv6, Zero Trust, Zero-Config VPN, etc.) and best practices.
  • Responsible for corporate governance in IT security, privacy and compliance topics.
Security
Privacy
Microsoft 365
Notion
Cloudflare
Resend
Supabase
IPv6
Zero Trust
Zero-Config VPN
Governance
Training
Security Awareness
Risk Management
Compliance
EU AI Act
xtensible UG (haftungsbeschränkt) & Co. KG logo

Lead Software Engineer – SchlauFabrik Training Platform

xtensible UG (haftungsbeschränkt) & Co. KG

December 2025 - Present
Hockenheim, Germany
  • Designed, architected, and developed a multi-tenant training platform for compliance and AI topics with role-based access control and clear tenant isolation.
  • Implemented core platform capabilities including course delivery, progress tracking, quizzes, assignments, and admin dashboards for tenant and user management.
  • Implemented security-by-design using Postgres Row-Level Security, audit logging, rate limiting, and hardened authentication flows based on passkeys, magic links, 2FA, and SSO.
  • Developed tamper-evident PDF certificates with QR verification, cryptographic hashing, and bulk export capabilities for audit and evidence workflows.
  • Integrated Stripe billing including subscriptions, customer portal, and webhooks, and implemented tenant-based licensing models and soft-lock mechanisms for usage limits.
  • Built with Next.js App Router, TypeScript, Bun, Tailwind, next-intl, Neon Postgres, Resend, and automated testing with Vitest and Playwright.
  • Achievement: Built a production-grade SaaS platform focused on security, multi-tenancy, billing readiness, and auditability.
  • Achievement: Connected product logic, compliance requirements, and technical implementation in a consistent platform architecture.
SaaS
Multi-tenant
Compliance
AI Training
RBAC
Postgres RLS
Authentication
Audit Logs
Stripe
Next.js
TypeScript
Bun
Tailwind
next-intl
Neon Postgres
Vitest
Playwright
AKTion gegen Krebs gUG logo

Founding Member & Data Protection Officer

AKTion gegen Krebs gUG

May 2025 - Present
Seevetal, Germany
  • Founding member responsible for data protection and GDPR compliance.
  • Developed and maintain the organization's backend systems.
  • Planning and implementing AI-supported workflows for case management.
  • Responsible for IT security strategy and risk management.
  • Established GDPR-compliant data protection framework from the ground up.
Data Protection
IT Security
AI Workflows
Agentic AI
Backend Systems
Backup-Strategies
IPv6
Zero Trust
Zero-Config VPN
Risk Management
Compliance
Notion
Cloudflare
Resend
Supabase
DEGIT AG logo

AI Training Platform & AI Tools Evaluation

DEGIT AG

Aug 2025 – Oct 2025
Hockenheim, Germany
  • Design and implementation of an internal AI training platform for corporate use, focusing on compliance with the EU AI Act and practical enablement of teams.
  • Evaluation and decision paper comparing leading AI and automation platforms with regard to data protection, reliability, API integration and governance readiness.
  • Evaluation of emerging Agentic AI workflows for multi-step task orchestration and their integration into enterprise automation environments.
  • Analyzed and benchmarked: OpenAI ChatGPT, OpenAI Open-Weight GPT-OSS, Microsoft Copilot, Perplexity, Anthropic Claude, Apple Foundation, z.AI GLM, n8n, make.com, Zapier.
AI Evaluation
AI Training
EU AI Act
Supabase
Cloudflare
Automation
n8n
make.com
Zapier
OpenAI
Apple Foundation
Anthropic Claude
Microsoft Copilot
Perplexity
z.AI GLM
Agentic AI
Enterprise Automation
Cursor
Claude Code
OpenAI Codex
GEHR Datentechnik GmbH logo

Code Review & Security Advisory

GEHR Datentechnik GmbH

Oct 2023
Mannheim, Germany
  • Comprehensive code review of the existing PHP application with a structured assessment of critical, medium and low-severity issues.
  • Creation of a detailed review document including technical findings, recommended remediation steps, and prioritization for development teams.
  • Consulting on application and infrastructure security with a focus on practical improvements, secure coding patterns and operational hardening.
  • Support during the implementation phase to fix identified issues and improve overall application resilience.
Code Review
Security Advisory
Vulnerability Analysis
GDPR
OWASP
Web Security
Data Protection
Risk Assessment
Linux
PHP
MySQL
More previous projects or references available upon request.
Download CV

Developed Solutions

Illustration of a legally compliant email archiving system: Includes an envelope icon, two database stacks, a filing cabinet, a clock, a calendar labeled “10+”, and a shield with a checkmark. Represents long-term, immutable email retention, security, and compliance for over 50,000 users.

Secure Email Archive

Led the coordination, architecture, and implementation of a legally compliant enterprise-wide email archiving solution for more than 50,000 users. The system ensures immutable storage of all communication for over 10 years, meeting strict regulatory and auditing requirements. Based on open-source technologies, the archive was designed with scalability, redundancy, and long-term maintainability in mind. Integrated monitoring, indexing, and full-text search enable efficient retrieval of historical correspondence.

dovecot
postfix
Linux
CentOS
Compliance
Archiving
Email Security
Illustration showing AI-assisted workflows in case management: secure data vault, AI decision nodes, and case files moving through an optimized pipeline.

AI-Supported Case Management

Designed and implemented a system to support the processing of cancer-related cases using AI. The platform integrates secure data handling, structured workflows, and AI-based assistance to prioritize, analyze, and streamline case management. This ensures faster response times and improved quality in handling sensitive medical and legal information.

Agentic AI Workflow
Case Management
Data Protection
Automation
Illustration representing SOC 2 and ISO 27001 certification: Shows a certification document with checkmarks for “SOC 2” and “ISO 27001”, a security shield, a padlock, and a secured database icon. The graphic symbolizes information security, compliance, and audit-proof data processing.

SOC 2 & ISO 27001 Certification

Led the successful implementation of SOC 2 and ISO 27001 compliance frameworks, establishing robust information security policies and controls to meet industry standards and ensure data protection.

SOC 2
ISO 27001
Information Security
Compliance
Screenshot of the EU AI Act training platform showing completed modules, quizzes, and a structured overview of sections such as risk-based approach, governance, and compliance strategies.

EU AI Act Training Platform

Designed and developed a modular training platform covering the EU Artificial Intelligence Act (EU AI Act). The course provides a structured learning path with interactive slides, voice narration, and integrated quizzes to ensure a clear understanding of the regulation’s scope, risk-based framework, and compliance implications. The platform includes five sections — from fundamentals to governance, risk categories, and real-world applications — and was built with future expansion in mind to accommodate upcoming modules on data protection, ethical AI, and technical implementation guidelines.

EU AI Act
Compliance Training
AI Governance
E-Learning
Education Platform
Regulatory Framework
Illustration of a zero-configuration VPN: interconnected shielded devices connected by a global IPv6 network grid, lock icons indicating encryption, and auto-config symbols representing seamless setup without manual intervention.

Zero-Config IPv6 VPN Network

Designed and implemented a secure, zero-configuration VPN network leveraging IPv6 as the foundation for global connectivity. The solution enables seamless peer-to-peer communication without manual setup, NAT traversal, or complex provisioning, while ensuring strong encryption and modern authentication mechanisms. By combining simple rules with advanced security controls, the network architecture provides resilient, scalable, and privacy-preserving access across distributed environments.

IPv6
Zero-Config
VPN
Encryption
Authentication
Compliance
Network Security
Illustration depicting backup modernization with Rubrik: Features icons of secure cloud storage, data stacks, a recovery arrow, a laptop with an integration symbol, and the Rubrik logo. Represents modern data protection, fast recovery, and seamless system integration.

Backup Infrastructure Modernization with Rubrik

Modernized the existing backup infrastructure by implementing Rubrik's enterprise backup solution, enhancing data protection, reducing recovery times, and simplifying management across hybrid environments.

Rubrik
Backup
Data Protection
Hybrid Cloud
Illustration showing document scanning and AI classification: A scanner, digitized documents, AI nodes connecting to folder icons, and categorized labels like 'Finance', 'Health', and 'Insurance'. Represents automated document processing and intelligent organization.

Automated Document Management with OCR and AI Categorization

Developed a private system to digitize all personal documents and letters using OCR technology. Integrated AI-based classification to automatically sort documents into predefined categories, enabling efficient search, retrieval, and archival. Additionally, implemented automated analysis to detect tax-relevant documents for income tax purposes and tag them accordingly.

OCR
AI Categorization
AI Agent
Document Management
Automation

Skills & Technologies

The tools I rely on to build secure and scalable IT systems

Project Management

Team Leadership

Stakeholder Communication

IT Strategy

Technical Concepts

Get In Touch

Interested in working together? Feel free to reach out!

Let's Connect

Feel free to reach out for collaborations or just a friendly hello.

Loading contact form...