About Mateusz
- Regulatory Authority: CIPP/E — the gold standard in EU data protection and Privacy by Design (Art. 25). Actively expanding into AI Governance.
- Technical Security: CSSLP (ISC²) — Certified Secure Software Lifecycle Professional, validating end-to-end secure development expertise.
- Technical Verification: CompTIA Security+ certified (Zero Trust, Cloud Infrastructure, IAM). Driven by a strong background as an M.Sc. Eng. in Computer Science.
- Pragmatic Approach: 9+ years of core software engineering. I speak the language of your developers and legal department simultaneously.
- Security & Privacy by Design: Structuring application frameworks, APIs, embedded software, and data stores to naturally comply with GDPR, CRA, NIS2, and DORA.
- AI Hardening & LLM Security: Designing secure data flows and guardrails for GenAI/RAG architectures. I protect models against Prompt Injection, Data Poisoning, and Data Exfiltration.
- Supply Chain & SBOM Governance: Implementing Secure SDLC (SSDLC) and Threat Modeling frameworks for automated SBOM generation under CRA mandates.
- vCISO & Strategic Audits: Detecting architecture-level data gaps and representing your security posture directly to board members.
Polish
Native or bilingual
English
Fluent
French
Fluent
German
Fluent
Danish
Fluent
Esperanto
Conversational
Experience
- WinterITFounderDIGITAL AND ITNovember 2025 - Today (9 months)Founded an independent security and privacy engineering consultancy focused on dismantling the friction between strict EU regulations (DORA, NIS2, GDPR) and modern corporate IT landscapes.I deliver precision architecture reviews, data lifecycle security, and fractional vCISO services for high-stakes industries, including Fintech, iGaming, and Cloud Enterprise SaaS.Key Areas of Execution & Services Delivered:• Regulatory-to-Technical Translation: Converting complex compliance mandates (GDPR/RODO, DORA, NIS2) into production-ready software architectures, secure API lifecycles, and hardened SQL database schemas.• Privacy by Design Implementation: Leading structural audits of active development pipelines to ensure data minimization, pseudonymization, and secure access controls are baked into the core code, rather than patched on top.• Data Loss Prevention (DLP) & Governance: Designing robust information protection strategies using Microsoft Purview to safeguard proprietary enterprise data, regulate cloud communication, and mitigate exposure risks related to corporate AI/LLM integrations.• Industry Thought Leadership & Research: Actively producing deep-dive technical articles and architectural blueprints focused on emerging European cybersecurity frameworks and practical Data Governance for modern tech stacks.Operating as a high-end, agile B2B partner for European organizations requiring immediate, executive-level technical authority without the bureaucratic overhead of traditional big-four consulting firms.
- Software MindSENIOR SOFTWARE ENGINEERDecember 2022 - Today (3 years and 8 months)Security Outreach (Frontend Guild): Promoting "security first" culture and sharing frontend knowledge byconducting Threat Modelling workshops and expertsessions on SBOM and Software Supply Chain Security (npm). Engineering & Privacy:Architecting secure React/Next.js systems for US/DACH markets; implementing Privacy by Design (GDPR) in frontend data flows and caching strategies. Technical Stack: Leveraging Vite-based monorepos, Storyblok (headless CMS), and React Queryfor high performance, scalableweb applications.
- Shiji PolandFRONTEND DEVELOPERNovember 2021 - November 2022 (1 year)Quality & Code Review: Conducted rigorous Code Reviewswithin the React ecosystem to identify logical flaws and vulnerabilities; mastered debugging to achieve a 50% reduction in production defects. Standards Alignment: Successfullyelevated team engineering standards, aligning software qualitywith organizational benchmarks.
Recommendations
Be the first to recommend Mateusz
Help this freelancer shine by sharing your experience working together.
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- IAPP CIPP/E (Certified Information Privacy Professional/Europe)IAPP CIPP/E (Certified Information Privacy Professional/Europe)
- CompTIA Security+CompTIA Security+
Certifications
- IAPP Certified Privacy Professional/Europe (CIPP/E)IAPP
- CompTIA Security+CompTIA