Freelancer profile translated to English.
Back to original languageAbout Markus
I am a passionate Information Security and GRC expert with over 10 years of experience in highly regulated industries. My background with global market leaders like Mercedes-Benz Group AG and MHP – A Porsche Company has shaped my approach: I combine "German Engineering" precision with agile solution development for modern IT landscapes.
What do I do?
I help companies understand security not just as a technical hurdle, but as a strategic advantage. My focus is on:
• GRC Frameworks: Building and auditing ISMS according to ISO 27001, TISAX®, or NIST.
• Risk Management: Identifying and minimizing IT risks through pragmatic assessments.
• Compliance & Audit: Preparing for and supporting certifications (SOC2, ISO) and conducting internal audits (IT-ICFR/SOX).
• SaaS & Cloud Security: Ensuring compliance in cloud environments (AWS/Azure) for modern software companies.
How I enrich projects (Value Add)
Clients benefit from my experience at the intersection of management and technology:
1. Tried-and-tested concepts: No theoretical paper tigers – I implement processes that actually work in daily operations.
2. Fast Time-to-Compliance: Leveraging my experience with tools like Vanta, Tugboat, or SAP ICoM, I accelerate the path to certification readiness.
3. Stakeholder Management: I speak the language of auditors and developers alike, significantly increasing internal acceptance for security topics.
4. Scalability: I help startups and SMEs build professional governance structures that grow with the company.
German
Native or bilingual
English
Fluent
Romanian
Fluent
Remote only
Primarily works remotely
Experience
- Mercedes-Benz Group AGSenior IT Audit & ICFR Expert (2nd Line of Defense)January 2024 - Today (2 years and 5 months)Germany• • Orchestrated the global governance of SOX-relevant ITGCs, ensuring full audit readiness across international IT systems• • Negotiated and aligned control definitions with Big Four auditors (PwC/EY) to reduce testing friction• • Strengthened risk transparency by driving Control Framework Assessments (CFA) and remediation governance• • Architected the annual IT Scoping via LeanIX and governed master-data migration into SAP ICOM
- Mercedes-Benz Group AGCyber Security Risk AnalystJanuary 2022 - January 2024 (2 years)Germany• • Automated executive risk reporting in RSA Archer, accelerating steering-committee decisions• • Delivered cyber-risk assessments for enterprise-scale IT initiatives, enabling actionable mitigation planning
- MHP – A Porsche CompanySenior Cyber & Information Security ConsultantJanuary 2021 - January 2022 (1 year)Germany• • Accelerated ISO 27001 certification readiness for premium automotive clients• • Enhanced client security posture through targeted remediation plans
Recommendations
Be the first to recommend Markus
Help this freelancer shine by sharing your experience working together.
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- ISO/IEC 27001 Lead Auditor & Lead ImplementerISO/IEC 27001 Lead Auditor & Lead Implementer
- Information Security & IT Risk Manager (ISO 31000, ISO 27005)Information Security & IT Risk Manager (ISO 31000, ISO 27005)