Christian Hassert

IT-Security & GRC Consultant

Avatar placeholder
Wisła, Poland

Experience

Apr 2024 - Present
1 year 10 months

IT-Security & GRC Consultant

Self-employed

  • Planning and conducting information security audits, including gap analyses and risk assessments
  • Designing security and governance frameworks: policies, processes, ISO 27001-compliant ISMS structures
  • Advising on IT security strategy, governance, and regulatory compliance for clients in the financial sector
Oct 2020 - Mar 2024
3 years 6 months

Senior Consultant / Assistant Manager

KPMG Deutschland

  • Advising banks and insurers on ISMS, IT governance, and ICS (ISO 27001, MaRisk, BAIT, VAIT, DORA)
  • End-to-end coordination of on-site BaFin audits: stakeholder management, documentation, preparation and support of fieldwork, as well as follow-up on action implementation
  • Developing target operating models for SOCs and security architectures for a large bank, focusing on vulnerability and incident management, process design, and governance alignment
  • Reviewing risk management and ICS frameworks and contributing to ISAE 3000/3402 assurance reports
Nov 2015 - Sep 2020
4 years 11 months

Senior IT Auditor / Audit Manager

KPMG Deutschland

  • Planning and conducting IT audits at banks (MaRisk, BAIT, GDPR, IDW RS FAIT 1)
  • Leading IT audit teams and testing IT general controls (e.g., access management and change management), application controls, and enterprise-wide controls
  • Presenting key findings and recommendations to management

Summary

9+ years of experience advising DAX companies and leading financial services providers in the DACH region (10+ banks and insurers) on ISMS/ISO 27001, regulatory compliance (MaRisk, BAIT, VAIT, DORA), as well as BaFin/ECB audits.

CISM & CISA certified.

Skills

  • Isms & Governance: Iso 27001, It Controls, Internal Control System (Ics), Security Architecture
  • Regulatory Compliance: Marisk, Bait, Vait, Dora, Gdpr, On-site Bafin Audits
  • Audits & Assurance: It Audits, Idw Rs Fait 1, Isae 3000/3402, Maturity Assessments
  • Risk Management: Gap Analyses, Follow-up Of Actions, Stakeholder Management
  • Standards & Frameworks: Iso 27001, Marisk/bait/vait, Dora, Idw (Rs Fait 1, Ps 330), Isae 3000/3402
  • Tools: Jira, Servicenow; Basic Knowledge Of Splunk, Sailpoint, Python (Scripting), Tableau

Languages

German
Native
English
Advanced

Education

Oct 2011 - Jun 2014

University of Heidelberg

B.A. in Sociology · Sociology · Heidelberg, Germany

Oct 2011 - Jun 2013

Tilburg University

M.Sc. in Finance · Finance · Netherlands

Oct 2009 - Jun 2012

University of Heidelberg

B.Sc. in Economics · Economics · Heidelberg, Germany

Certifications & licenses

CISA

ISACA

CISM

ISACA

Need a freelancer? Find your match in seconds.
Try FRATCH GPT
More actions

Similar Freelancers

Discover other experts with similar qualifications and experience

Alexander Sänn
Alexander Sänn

Owner and Managing Director

View Profile
Federico Leefhelm
Federico Leefhelm

ISO – Senior Consultant Quality & Information Security

View Profile
Markus Willems
Markus Willems

KRITIS Consultant

View Profile
Sascha Leitner
Sascha Leitner

CEO

View Profile
Maxim Ribakowski
Maxim Ribakowski

Information Security Officer

View Profile
Károly Aczél
Károly Aczél

NIS2 & Risk Strategy Consultant

View Profile
Dirk Meissner
Dirk Meissner

Project Manager AOS

View Profile
Nikolaus Betzler
Nikolaus Betzler

ICT Risk Management and Information Security

View Profile
Stephan Selnerat
Stephan Selnerat

IT-Security Manager

View Profile
Björn Bausch
Björn Bausch

Project Manager NIS-2

View Profile
Christian Gebhardt
Christian Gebhardt

Deputy Chief Information Security Officer

View Profile
Stefan Radushev
Stefan Radushev

ISO27001 Certification

View Profile
Stefan Laager
Stefan Laager

Senior Manager, Project Manager, Auditor and Consultant

View Profile
Lucas Garzarolli
Lucas Garzarolli

Business Consultant

View Profile
Matthias Steinmann
Matthias Steinmann

Senior Consultant Security (freelance)

View Profile
Henryk Orantek
Henryk Orantek

Security Consultant

View Profile
Oliver Frömel
Oliver Frömel

Senior IT Enterprise Security Architect | Project Bank Migration

View Profile
Volker Jung
Volker Jung

Interim CISO (Germany, Austria, US, APAC), Auditor

View Profile
Markus Marschollek
Markus Marschollek

Project Manager / Senior Consultant (multiple projects)

View Profile
Jörg Hoffmann
Jörg Hoffmann

Managing Director; Data Protection Officer; Information Security Officer

View Profile
Wilhelm Haupt
Wilhelm Haupt

Project Manager / Senior Consultant

View Profile
Robert Vattig
Robert Vattig

Freelance Consultant Information Security and Business Continuity

View Profile
Thomas Ullrich
Thomas Ullrich

Senior Consultant / PM Infrastructure Services & Workplace Migration

View Profile
Jörg Iffländer
Jörg Iffländer

External Information Security Officer

View Profile
Klaus Kilvinger
Klaus Kilvinger

Consultant and Trainer, Managing Partner

View Profile
Lucas Löcken
Lucas Löcken

Consultant in Information Security, Data Protection and Business Continuity Management

View Profile
Matthias Kühnlein
Matthias Kühnlein

Risk Analyst

View Profile
Günther Eufinger
Günther Eufinger

Senior Consultant

View Profile
Sandra Klinkenberg
Sandra Klinkenberg

Webinar Leader - Blackout Prevention and Preparation

View Profile
Swetlana Liebig
Swetlana Liebig

IT Audit; Internal Control; SOX

View Profile