Freelancer profile translated to English.
Back to original languageAbout Mikael
Why Choose Me as Your Data Protection and Information Security Consultant?
In an era of increasing cyberattacks, data loss, and regulatory demands, businesses need a partner who not only understands security and data protection theoretically but can also implement it practically.
As a certified and experienced Data Protection and Information Security Officer, I support organizations in protecting their sensitive data, minimizing legal risks, and building trust with customers, partners, and employees.
I combine expertise in data protection law, technical understanding, and organizational experience into a holistic approach tailored to your company.
Your Benefits at a Glance
- Practice-Oriented Implementation Instead of Bureaucracy
I deliver practical, workable solutions that fit into daily operations – efficient, understandable, and implementable, rather than just theoretical concepts.
- Legal Certainty and Technical Competence Combined
I speak the language of lawyers, IT experts, and managers alike, fostering understanding, clarity, and acceptance at all levels.
- Holistic Approach: Data Protection & Information Security from a Single Source
Instead of parallel structures, I offer integrated solutions that create synergies between GDPR and ISO 27001 – less effort, more impact.
My Goal: Your Security – Your Trust – Your Success!
I view data protection and information security not as a burden, but as a competitive advantage. Companies that take data protection seriously gain trust, reputation, and stability. My commitment is to guide you on this path in a collaborative, pragmatic, and sustainable manner.
German
Native or bilingual
Russian
Native or bilingual
Ukrainian
Native or bilingual
English
Basic
Remote only
Primarily works remotely
Experience
- CYBERTINKER.IOInformation Security and Data Protection ExpertAugust 2025 - Today (10 months)
Information Security (ISO 27001)
- Implementation and Support of the Information Security Management System (ISMS)
Planning, establishment, implementation, and continuous development of the ISMS. Support in defining objectives, responsibilities, and processes in information security.- Risk Management and Assessment
Conducting risk analyses to identify, assess, and prioritize risks related to information assets. Creating risk treatment plans and monitoring the effectiveness of implemented measures.- Emergency and Incident Management
Creation and maintenance of emergency and recovery plans (Business Continuity, Disaster Recovery). Support in assessing and documenting security incidents.- Preparation and Support for Audits
Planning, coordination, and support for internal and external audits. Follow-up on deviations, implementation of corrective actions, and support during certification.Data Protection (ISO 27701)
- Development and Maintenance of the Data Protection Management System (DPMS)
Establishment, implementation, and continuous development of a structured data protection management system. Creation and maintenance of policies, procedures, and evidence documents.- Creation and Maintenance of Records of Processing Activities (ROPA)
Support in capturing, documenting, and regularly updating all relevant processing activities according to Art. 30 GDPR.- Data Protection Impact Assessments (DPIAs)
Consultation and support in conducting Data Protection Impact Assessments for high-risk processing activities. Assessment of risks and development of appropriate protective measures.- Employee Awareness and Training
Planning and delivery of data protection training and awareness measures. Promoting data protection awareness among employees at all hierarchical levels. - Herold Unternehmensberatung GmbHData Protection and Information Security ConsultantDIGITAL AND ITSeptember 2023 - July 2025 (1 year and 10 months)Dresden, Germany
- Strategic Data Protection Consulting in Digital Transformation
Advising on data protection issues in the context of digital transformation and its implementation in companies or the public sector.- Establishment and Development of Data Protection Management Systems (DPMS)
Supporting clients in establishing and further developing Data Protection Management Systems (DPMS).- Implementation of Legal Data Protection Requirements
Consulting on the selection and planning of measures for the implementation of the General Data Protection Regulation, the Federal Data Protection Act, and relevant state laws.- Analysis and Assessment of Data Protection Maturity Level
Conducting maturity assessments of processes, products, organizations, and data protection concepts.- Integration of Data Protection and Information Security
Integrating data protection into system landscapes in collaboration with information security specialists.- Employee Training and Awareness
Conducting data protection training for employees and management.- Communication with Supervisory Authorities
Communication with supervisory authorities in case of data breaches. - DPO Europe GmbHData Protection ConsultantJanuary 2022 - August 2023 (1 year and 7 months)
- Consulting and Support for Companies as an External Data Protection Officer
Assuming the role of DPO according to Art. 37 GDPR for multiple clients. Ongoing advice on data protection law and organizational issues.- Analysis and Assessment of Existing Data Protection Structures
Conducting target-actual analyses, identifying weaknesses, and creating action plans to improve data protection compliance.- Establishment and Maintenance of a Data Protection Management System (DPMS)
Development and implementation of data protection policies, processes, and documentation (e.g., Records of Processing Activities, deletion concepts, employee guidelines).- Creation and Review of Data Processing Agreements (DPAs)
Assessment of contractual relationships with service providers, legally sound structuring, and monitoring compliance with data protection requirements.- Employee Training and Awareness
Planning and delivery of data protection training (in-person & online), development of awareness materials, and practical guides.- Handling Data Subject Requests and Data Breaches
Support with access requests, erasure requests, and reporting data breaches to the supervisory authority.- Regular Reporting to Management
Preparation of data protection reports, risk overviews, and recommendations for action for company management.
Recommendations
Be the first to recommend Mikael
Help this freelancer shine by sharing your experience working together.
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- Clerk in Office ManagementIHK Dresden2010
- Business Administration Bachelor of ArtsHochschule Mittweida2017
Certifications
- Trainer Certificate according to the Vocational Training Act (AEVO)IHK Chemnitz2015
- Certified Data Protection Officer and Certified Specialist according to BDSG and GDPRComplavis Akademie2020