Florian Schröder - Information Security Officer / IT Security Architect / Awareness Expert

Q: Where is Florian based?

Florian is based in Norderstedt, Germany and can operate in on-site , hybrid , and remote work models.

Q: What languages does Florian speak?

Florian speaks the following languages: German (Native), English (Advanced), Spanish (Elementary) .

Q: How many years of experience does Florian have?

Florian has at least 14 years of experience. During this time, Florian has worked in at least 5 different roles and for 7 different companies . The average length of individual experience is 2 years . Note that Florian may not have shared all experience and actually has more experience.

Q: What is Florian's latest experience?

Florian's most recent position is Information Security Officer / Designated InfoSec Officer at Oil Company .

Q: What companies has Florian worked for in recent years?

In recent years, Florian has worked for Oil Company , Consumer Bank , and International Industrial Company .

Q: Which industries is Florian most experienced in?

Florian is most experienced in industries like Manufacturing , Energy , and Information Technology (IT) . Florian also has some experience in Aerospace and Defense , Tourism and Hospitality , and Banking and Finance .

Q: Which business areas is Florian most experienced in?

Florian is most experienced in business areas like Information Technology (IT) , Project Management , and Audit . Florian also has some experience in Procurement and Purchasing , Customer Service , and Sales .

Q: Which industries has Florian worked in recently?

Florian has recently worked in industries like Manufacturing , Energy , and Banking and Finance .

Q: Which business areas has Florian worked in recently?

Florian has recently worked in business areas like Information Technology (IT) , Project Management , and Procurement and Purchasing .

Recommended expert

Norderstedt, Germany

Experience

Jul 2023 - Present

2 years 8 months

Information Security Officer / Designated InfoSec Officer

Oil Company

Complete overhaul of the ISMS according to ISO 27001
Conducted a comprehensive gap analysis
Reduced ISMS documentation by 30% through consolidation and process optimization
Introduced a full PDCA cycle for continuous improvement
Established the ISMS within the company
Implemented the necessary processes
Managed and conducted internal and external audits
Developed and implemented a company-wide risk management system
Deployed an ISMS tool including process design and training
KRITIS compliance: Prepared and provided required evidence, liaised with regulatory authorities, planned, documented, and implemented an attack detection system (SIEM), co-led the BCMS/ITSCM implementation subproject
NIS-2 implementation: Gap analysis, risk assessments, training for executives and staff
Led a cybersecurity team of 3 members
Conducted various internal and external audits, managed providers, introduced continuous improvement
Project consulting: closely coordinated with business and system owners, launched an online shop, a mobile app, and a customer portal
Redesigned the security architecture, reducing administrative efforts by 20%
Implemented ITIL processes (e.g., change management)
Revised service agreements with internal and external providers
Developed a security awareness strategy, ran social engineering tests, introduced and monitored phishing simulations, created various awareness materials, gave presentations
Managed a budget of one million euros

Nov 2022 - Apr 2023

6 months

IT-Security Coordinator

Consumer Bank

Established a vulnerability management process, reducing vulnerabilities by about 60%
Developed and implemented the necessary processes
Introduced tracking and internal SLAs
Coordinated between CISO and IT
Managed internal and external providers in provider management
Updated policies to be BAIT compliant

Oct 2019 - Oct 2022

3 years 1 month

IT Security Engineer

International Industrial Company

Led the project to deploy endpoint protection on approx. 54,000 systems: market analysis, negotiations, service agreements, project planning, admin training, rollout planning
Threat hunting reducing false positive alerts by about 80% and enabling earlier detection of cyber attacks
Automation with SOAR: reduced threat detection response time to around 2 seconds, introduced automated ticket handling without manual intervention, integrated international service providers using standardized forms
Designed a cloud proxy architecture and automated ticket processing for web proxy approvals
Managed international providers with multi-provider coordination, reducing costs by about 10% through contract management
Co-led the TISAX implementation subproject: gap analysis, policy implementation, development of security concepts
Managed a budget of about 10 million euros

Aug 2018 - Sep 2019

1 year 2 months

World Trip

Jul 2016 - Jul 2018

2 years 1 month

IT Security Architect

International Defense Contractor

Deployed SIEM/SOC solution (contractual, procedural, and technological) improving attack detection by 90%, trained SOC analysts, developed and implemented use cases
Redesigned the network infrastructure: created a security concept, reducing administrative efforts by about 25%
Liaised with authorities for approval processes on handling classified data
Deployed security hardware approved for classified data: market analysis, service contracts, negotiations, implementation, operational handover, and regulatory approval
Conducted industry-standard audits
Implemented ISMS/ISO 27001: gap analysis, policies, implementation, user training, successful certification

Sep 2013 - Mar 2016

2 years 7 months

IT Security Manager

International industrial company

Introduction of firewall management ensuring compliance for about 25 systems, simplifying administrative processes, enabling self-service for users, automating and reducing ticket handling times by about 60%, cutting firewall rules by around 25%
Project consulting: SharePoint, secure connection of international sites (approx. 190), incident response
Establishment and leadership of a CERT with execution of international alert drills
Implementation of cloud security solutions (Azure): security architecture and administration
Development and rollout of request processes
Multi-year budget planning
International provider management with cost reduction of about 5%, shortening ticket handling times by 10%, adjustment of service contracts

Jul 2011 - Aug 2013

2 years 2 months

IT Security Engineer

IT security service provider

Planning and implementation of large network security architectures: security concepts, firewall, web proxy, NAC, secure DNS, MFA
Conducting administrator training for clients
Pre-sales support

Industries Experience

See where this freelancer has spent most of their professional time. Longer bars indicate deeper hands-on experience, while shorter ones reflect targeted or project-based work.

Experienced in Manufacturing (5.5 years), Energy (2.5 years), Aerospace and Defense (2 years), Information Technology (2 years), Tourism (1 year), and Banking and Finance (0.5 years).

Manufacturing

Energy

Aerospace and Defense

Information Technology

Tourism

Banking and Finance

Business Areas Experience

The graph below provides a cumulative view of the freelancer's experience across multiple business areas, calculated from completed and active engagements. It highlights the areas where the freelancer has most frequently contributed to planning, execution, and delivery of business outcomes.

Experienced in Information Technology (13 years), Project Management (8 years), Audit (4.5 years), Procurement (3 years), Legal (2 years), and Customer Service (2 years).

Information Technology

Project Management

Audit

Procurement

Legal

Customer Service

Summary

I bring extensive experience in information and IT security, having designed and implemented robust security systems in industries ranging from consumer banking to defense and industrial enterprises. I have successfully optimized security processes and reduced risks by implementing ISMS frameworks, SIEM systems, and cloud and endpoint security solutions. My focus has always been on practical improvements, such as reducing administrative overheads and streamlining complex processes.

I have led cybersecurity teams, managed large-scale budgets, and coordinated efforts to ensure compliance with industry standards and regulations. I thrive on turning challenging security tasks into streamlined operations that enhance both efficiency and protection.

Skills

Information Security Iso 27001, Iso 27002
★★★★★ Critical Infrastructure (Kritis)
It Security Nis-2/bsig
★★★★☆ Bcms/itscm
Project Management
It Law
★★★★☆ Bsi It Baseline Protection
Gdpr Compliance
Risk Management
Tisax
Regulations
Policies
★★★★☆ Network Security
Security Architectures
Endpoint Protection
Security Operations Center (Soc)
Siem
Firewalls
Soar
Vulnerability Management
Threat Hunting
Cloud Security
Security Awareness
It Security Management
Speaker
Provider Management
Itil
Process Development & Implementation
Service Agreements
Project Leadership
Gap Analysis
Strategy Development
Availability
Audit Management
Budget Planning
Team Leadership
Compliance

Languages

German

Native

English

Advanced

Spanish

Elementary

Education

Oct 2009 - Jun 2011

State Technical Academy Weilburg

Bachelor Professional · IT Security Management · Weilburg, Germany

Oct 2003 - Jun 2006

Deutsche Telekom AG

IT Systems Electronics Technician · Bielefeld, Germany

Certifications & licenses

ITIL Foundation v4

tba

Information Security Officer

TÜV

Profile

Created

February 2026

Need a freelancer? Find your match in seconds.

Try FRATCH GPT

Frequently asked questions

Do you have questions? Here you can find further information.

Where is Florian based?

Florian is based in Norderstedt, Germany and can operate in on-site, hybrid, and remote work models.

What languages does Florian speak?

Florian speaks the following languages: German (Native), English (Advanced), Spanish (Elementary).

How many years of experience does Florian have?

Florian has at least 14 years of experience. During this time, Florian has worked in at least 5 different roles and for 7 different companies. The average length of individual experience is 2 years. Note that Florian may not have shared all experience and actually has more experience.

What roles would Florian be best suited for?

Based on recent experience, Florian would be well-suited for roles such as: Information Security Officer / Designated InfoSec Officer, IT-Security Coordinator, IT Security Engineer.

What is Florian's latest experience?

Florian's most recent position is Information Security Officer / Designated InfoSec Officer at Oil Company.

What companies has Florian worked for in recent years?

In recent years, Florian has worked for Oil Company, Consumer Bank, and International Industrial Company.

Which industries is Florian most experienced in?

Florian is most experienced in industries like Manufacturing, Energy, and Information Technology (IT). Florian also has some experience in Aerospace and Defense, Tourism and Hospitality, and Banking and Finance.

Which business areas is Florian most experienced in?

Florian is most experienced in business areas like Information Technology (IT), Project Management, and Audit. Florian also has some experience in Procurement and Purchasing, Customer Service, and Sales.

Which industries has Florian worked in recently?

Florian has recently worked in industries like Manufacturing, Energy, and Banking and Finance.

Which business areas has Florian worked in recently?

Florian has recently worked in business areas like Information Technology (IT), Project Management, and Procurement and Purchasing.

What is Florian's education?

Florian holds a Bachelor in IT Security Management from State Technical Academy Weilburg.

Does Florian have any certificates?

Florian has 2 certificates. These include: ITIL Foundation v4 and Information Security Officer.

What is the availability of Florian?

Florian will be available from June 2026.

What is the rate of Florian?

Florian's rate depends on the specific project requirements. Please use the Meet button on the profile to schedule a meeting and discuss the details.