Burak G. - Senior Consultant

Tallinn, Estonia

Experience

Jan 2025 - Present

1 year

Senior Consultant

Gucer O.U.

Developed and implemented DORA-compliant resilience frameworks
Designed and implemented NIS2 requirements
Conducted ICT risk assessments and scenario-based resilience tests
Integrated incident reporting according to DORA and EBA guidelines
Established third-party governance structures for outsourcing and cloud services
Developed strategic IT and business plans
Performed gap analyses and implementations of ISMS/DSMS
ISO/IEC 27001 lead auditing and multi-standard integration
Developed enterprise-wide information security and service management frameworks for international clients
Project management for GIZ (German Corporation for International Cooperation) GmbH in Bonn, Germany
Gap analysis based on the BSI IT Baseline Protection catalog and design and implementation of global ISO 27001 and ISO 27701 management systems
Advised local ISMS teams in the APLAK and EMEA regions
Management consulting, SMS consulting, and service design, transition, and delivery processes at AXA Insurance (Oct 2018 – Dec 2020)
Incident and problem management, configuration and change management, relationship management, and service reporting
Service budgeting and cost accounting, gap analysis according to ISO 27001 and global InfoSec policies, and evaluation of PCI-DSS compliance and data privacy
Management consulting and SMS consulting at Borusan Enerji – EnBW Turkey (Nov 2019 – Dec 2020)
Gap analysis based on ISO 27019 (OT Security), development and implementation of an OT security concept
Evaluated the BCM program, validated the business impact analysis, and developed concepts for BCM and business resilience
Management consulting, SMS consulting, and service processes at ISKEN (STEAG 1 Beteiligungs-GmbH) (Sep 2019)
Conducted ISO 27001 and ISO 27002 training
Management consulting, SMS consulting, and service processes at Odelo (Mar 2020 – Dec 2020)
TISAX assessment and improvement of controls to achieve AL 3 certification based on ISO 27001
CIS CSAT assessment and SMS consulting at Sabiha Gökçen International Airport (SAW) (Oct 2021 – Dec 2021)
Vulnerability analysis and roadmap to close identified gaps at InCyTect GmbH (Jun 2021)
Vulnerability analysis with monetary evaluation of measures
Performed certification audits on behalf of certification bodies such as SGS Turkey (May 2016 – Nov 2019) and CFE Certification (UK)

Jul 2022 - Present

3 years 6 months

Sub-Contractor / Senior Cybersecurity Consultant

EY GmbH Deutschland

Strategic IT and business consulting
Gap analyses and implementation of ISMS/DSMS
Executive advisory
Established a global ISMS based on ISO 27001 at GIZ GmbH

May 2016 - Nov 2019

3 years 7 months

Principal Auditor

SGS Türkei

Performed over 140 audits (ISO 27001, ISO 27701, ISO 20000-1, ISO 22301) as lead auditor
Conducted training and seminars on information security, cybersecurity, and BCM, and maintained computers

Apr 2010 - May 2012

2 years 2 months

Partner

Consulting Associates International, LLC

Consulting in IT governance, risk management, business continuity, and PCI-DSS

Nov 2007 - Mar 2010

2 years 5 months

CISO

H.C. Starck Gruppe

Led group-wide information security initiatives
Developed global security policies

Sep 2001 - Oct 2007

6 years 2 months

CISO

Audi AG

Strategic direction of information security
Leading the CERT team

Aug 2000 - Aug 2001

1 year 1 month

Information Security Officer

Turkcell A.S.

Developing security policies, standards, and awareness programs

Sep 1987 - Jun 2000

12 years 10 months

Managing Director

Simpleks A.S.

Establishing a system integrator and IT security company

Summary

I am a consultant for information security, compliance, and AI governance, helping companies build and optimize their ISMS, PIMS, and AI management systems according to European and international standards.

My focus areas: ISO 27001, ISO 27701, ISO 27005, ISO 20000-1, ISO 22301, ISO 27032, ISO 31000, ISO 42001, DORA, NIS2, EASA Part-IS, and TISAX – aiming to guide organizations towards greater security, compliance, and digital and AI-related resilience.

With experience in aviation, finance, automotive, and technology, I combine technical security expertise with strategic business management to turn complex requirements into practical, value-adding measures.

Result-driven consultant – focused on certification, regulatory compliance, and building digital trust.

Skills

Cisa
Iso 27001
Iso 27005
Iso 27000
Iso 31000
Iso 22301
Bcm
Bsi It Baseline Protection
Dora
Nis 2
Iso 42001
Artificial Intelligence
Grc
Microsoft Office
Organizational And Planning Skills
Developing Problem-solving Strategies
Giving Constructive Feedback
Negotiating With Stakeholders
Prioritizing Tasks
Working In A Team
Iso 31000
Implementing Quality Management Systems
Security Threats
Cybersecurity
Establishing An Information Security Management System
Cyber Defence
Content Fundamentals Of Cybersecurity

Languages

Turkish

Native

German

Advanced

English

Advanced

Education

Sep 1985 - Jul 1992

Technical University of Istanbul

Electrical Engineering, B.Eng · Electricity and Energy · İstanbul, Turkey

Certifications & licenses

Cfe Certification (Uk)

Need a freelancer? Find your match in seconds.

Try FRATCH GPT

Similar Freelancers

Discover other experts with similar qualifications and experience

Experience

Senior Consultant

Gucer O.U.

Sub-Contractor / Senior Cybersecurity Consultant

EY GmbH Deutschland

Principal Auditor

SGS Türkei

Partner

Consulting Associates International, LLC

CISO

H.C. Starck Gruppe

CISO

Audi AG

Information Security Officer

Turkcell A.S.

Managing Director

Simpleks A.S.

Summary

Skills

Languages

Education

Technical University of Istanbul

Electrical Engineering, B.Eng · Electricity and Energy · İstanbul, Turkey

Certifications & licenses

Cfe Certification (Uk)

Similar Freelancers

ISO – Senior Consultant Quality & Information Security

KRITIS Consultant

Owner and Managing Director

Project Manager AOS

Security Consultant

ICT Risk Management and Information Security

ISO27001 Certification

Information Security Officer

Information Security Consultant

Project Manager NIS-2

Project Manager / Senior Consultant

CEO

NIS2 & Risk Strategy Consultant

IT-Security Manager

Webinar Leader - Blackout Prevention and Preparation

Senior Consultant

Interim CISO (Germany, Austria, US, APAC), Auditor

Deputy Chief Information Security Officer

OT Security Champion Europe

Freelance Consultant Information Security and Business Continuity

Senior Consultant Security (freelance)

Senior Consultant / PM Infrastructure Services & Workplace Migration

Compliance Consultant

Senior IT Enterprise Security Architect | Project Bank Migration

Senior Manager, Project Manager, Auditor and Consultant

Ansible Automation, Windows Third Level Support

Senior Security Architect

Managing Director and Senior Consultant

Cybersecurity Manager

Associate Partner - Information Security Consulting