Freelancer profile translated to English.

Description

Are you looking for an experiencedSecurity Consultant and Project Managerwho combines strategic consulting with operational implementation?

I support companies, from SMEs to corporations, in theassessment,development, andimplementationof theirCyber Security Strategyand stand for pragmatic, implementation-oriented cyber security consulting that doesn't end with concepts but createsmeasurable added value.

I translate complex technical risks intoclear, business-relevant recommendations for actionand support organizations in their implementation.

My focus is on:

Cyber Security Assessments & Maturity Analyses
M&A Due Diligence (Buy-Side / Sell-Side)
ISMS & Governance (ISO 27001, NIST, BSI)
Cloud Security (AWS, Azure, Microsoft 365)
KRITIS & regulated environments

My Top Skills

20+ years of experience in IT infrastructure and cyber security
Combination of strategy, architecture, and operational implementation
Experience in international corporate structures and M&A projects
Expertise in Cloud Security, Zero Trust, and Governance
Leadership and management of complex security projects

Focus Areas

Cyber Security Assessments & Due Diligence
ISMS setup and further development (ISO 27001, BSI IT-Grundschutz)
Security Roadmaps and Target Architectures
Cloud Security & Identity and Access Management (IAM)
Risk and measures management
Operationalization of security processes (Vulnerability, Patch, Hardening)
Security Transformation and Project Management

Certifications and Methods

ISMS ISO/IEC 27001:2022 Officer - 2025
ISMS ISO/IEC 27001:2022 Foundation - 2025
Palo Alto Networks Certified Cybersecurity Practitioner - 2025
Certified Cloud Security Professional (CCSP) - 2025
Certificate of Cloud Security Knowledge (CCSK) - 2023
AWS Certified Cloud Practitioner - 2023, 2026
BSI-Grundschutz, NIST, PCI DSS, ITIL, ITSM, COBIT, PRINCE, PMI, SCRUM

Industry field of expertise

Languages

German
Native or bilingual
English
Fluent

Workplace preferences

Can work on-site

Frankfurt am Main (up to 50km)

Kroll Strategieberatung
Information Security & Operational IT Security (KRITIS)
April 2026 - Today (2 months)
Consulting for medium-sized and KRITIS companies in setting up and further developing information security
Setup and optimization of ISMS structures according to ISO 27001 and BSI IT-Grundschutz
Execution of risk analyses and management of measures programs
Combination of governance topics with operational IT security (state of the art)
Implementation and optimization of security measures such as Vulnerability Management, Patch Management, IAM, and Hardening
Consulting on regulatory requirements (e.g., NIS2)
Support in the operationalization of security processes
Conducting workshops and coordination meetings with IT, business departments, and management
BSI IT-Grundschutz ISO 27001 IT Security NIST Project Management
OMMAX GmbH
Cyber Security Consulting & Due Diligence
CONSULTING AND AUDITS
March 2026 - Today (3 months)
Execution of Cyber Security Assessments and Maturity Analyses across Governance, Cloud, Identity, Data Protection, and Infrastructure
Execution of Cyber Security Due Diligence in the context of M&A transactions (Buy-Side / Sell-Side)
Identification of risks, vulnerabilities, and value creation potentials
Translation of technical findings into business-relevant risks and recommendations for action for management and investors
Development of Cyber Security Roadmaps, Target Architectures, and Measures Programs
Consulting on ISMS, Governance, and Cloud Security (Microsoft 365 / Azure)
Support in the implementation of security measures and security transformations
Conducting workshops and presentations at management level
Cyber Security Cloud Security BSI IT-Grundschutz IT Security Due Diligence
Palo Alto Networks
IT & Cybersecurity Project Manager
CONSULTING AND AUDITS
June 2025 - Today (1 year)
Planning, management, and implementation of IT security projects with a focus on Palo Alto solutions (e.g., Next-Gen Firewalls, Prisma Access, Cortex).
Coordination of interdisciplinary teams and resources across all project phases.
Management of project scope, schedule, budget, and quality according to customer goals.
Active stakeholder management and ensuring transparency and communication.
Risk management: Identification, assessment, and management of project-related risks.
Creation and maintenance of project plans, budget overviews, and reports.
Ensuring customer satisfaction through high-quality project and relationship management.
Application of established project management methods such as PMI, PRINCE2, or SCRUM for structured project implementation.
IT Security Project Management Palo Alto Risk Management