Károly Aczél - NIS2 & Risk Strategy Consultant

Q: Where is Károly based?

Károly is based in Zug, Switzerland and can operate in on-site , hybrid , and remote work models.

Q: What languages does Károly speak?

Károly speaks the following languages: German (Native), English (Advanced), Hungarian (Advanced) .

Q: How many years of experience does Károly have?

Károly has at least 19 years of experience. During this time, Károly has worked in at least 14 different roles and for 15 different companies . The average length of individual experience is 1 year and 3 months . Note that Károly may not have shared all experience and actually has more experience.

Q: What is Károly's latest experience?

Károly's most recent position is NIS2 & Risk Strategy Consultant at RRC power solutions GmbH .

Q: What companies has Károly worked for in recent years?

In recent years, Károly has worked for RRC power solutions GmbH , Steigenberger Hotels GmbH , Amer Sports Group , EWE Tel GmbH , and ivv – Informationsverarbeitung für Versicherungen .

Q: Which industries is Károly most experienced in?

Károly is most experienced in industries like Professional Services , Banking and Finance , and Government and Public Administration . Károly also has some experience in Energy , Tourism and Hospitality , and Sport and Recreation .

Q: Which business areas is Károly most experienced in?

Károly is most experienced in business areas like Finance , Information Technology (IT) , and Accounting . Károly also has some experience in Project Management , Audit , Investments, and M&A & Venture Capital .

Q: Which industries has Károly worked in recently?

Károly has recently worked in industries like Professional Services , Energy , and Tourism and Hospitality .

Q: Which business areas has Károly worked in recently?

Károly has recently worked in business areas like Information Technology (IT) , Project Management , and Audit .

Recommended expert

Zug, Switzerland

Experience

Jan 2025 - Dec 2025

1 year

Homburg, Germany

NIS2 & Risk Strategy Consultant

RRC power solutions GmbH

Developed a compliant information security management system (ISMS)
Advanced a modern risk management framework based on NIST for NIS2 compliance

Jan 2025 - Dec 2025

1 year

Frankfurt, Germany

Governance and Data Compliance Head

Steigenberger Hotels GmbH

Implemented a governance framework for hotels in Middle East, Western Europe, and Africa
Focused on regulatory compliance including GDPR
Established ISO 27001-compliant information security management system (ISMS)
Built a modern risk management system
Ensured tax compliance and cross-country IT governance
Addressed PCI DSS requirements

Jan 2024 - Dec 2024

1 year

Munich, Germany

Interim Head of Global IT Security Awareness and Communication

Amer Sports Group

Led and managed the global cybersecurity awareness program
Served as global communication officer for the cybersecurity awareness program aligned with ISO 27001

Jan 2024 - Dec 2024

1 year

Oldenburg, Germany

Risk Handling & Information Security Consultant

EWE Tel GmbH

Conducted risk analysis to identify deficiencies across three legal entities
Recorded and designed processes and established strategic risk management
Developed training concept and empowered employees to handle risk management norms and regulatory compliance
Worked with standards NIS2, ISO 27001, ISO 9001, ISO 50001

Jan 2024 - Dec 2024

1 year

Hanover, Germany

Risk Management Consultant

ivv – Informationsverarbeitung für Versicherungen

Audited internal processes for regulatory compliance
Identified and defined mitigation measures for non-compliant processes
Focused on NIS2 and DORA compliance

Jan 2023 - Dec 2023

1 year

Essen, Germany

Senior Project Manager Cybersecurity

RWE AG

Implemented the cybersecurity strategy for two of five business units (Renewables – OPEA & OFF)
Aligned with KRITIS, NIS2, NIST, and ISO 27001 standards and frameworks
Led the Renewables team and managed budget and project planning
Handled risk management and project management
Provided employee training and served as liaison for Renewables within the RWE Group

Jan 2023 - Dec 2023

1 year

Stäfa, Switzerland

ISO 27001 Certification Consultant

Sensirion Connected Solutions AG

Supported the ISO 27001 certification process
Developed policies, statement of applicability, documentation, and risk matrix
Defined processes and conducted employee training

Jan 2017 - Dec 2022

6 years

Zürich, Switzerland

CISO, Head Risk & Compliance

Bär & Karrer AG

Built and operated an information security unit to achieve ISO 27001 objectives
Developed and maintained security documentation, security policies, and GDPR leadership
Managed information security projects and external service providers
Planned and conducted internal audits, supported customer and certification audits
Coordinated and delivered security awareness training
Developed, implemented, and reviewed risk strategy and risk-related policies
Integrated policies into processes, workflows, and systems
Monitored risk parameters and ensured measures for risk reduction
Directed compliance strategy and enhanced compliance systems

Jul 2014 - Dec 2016

2 years 6 months

Vitznau, Switzerland

Risk & Integrity and Controlling Manager

ZZ Vermögensberatung (Schweiz) AG

Established, implemented, and continuously monitored risk management per FINMA requirements for three funds
Acted as stakeholder contact for banks, authorities, and board of directors
Prepared quarterly risk reports for management, board, and banks
Prepared application for asset manager license (KAG, FINMA)
Introduced an investment compliance system (MIG 21) and compliance processes including policies and regulations
Conducted regular compliance training and managed internal and external training programs
Performed strategic controlling for group companies (hotels, clinic, real estate)
Developed, monitored, and consolidated monthly reporting for group companies
Delivered quarterly and annual strategic guidance and group financial statements

Jun 2012 - May 2014

2 years

Zug, Switzerland

Financial Analyst

P&R Equipment and Finance Corp.

Identified, analyzed, and managed risks using quantitative approaches
Reviewed monthly and quarterly financial statements and results
Prepared, analyzed, and commented on income statements, balance sheets, and contribution margin reports
Designed, implemented, and maintained group controlling for investment pools
Enhanced reporting and key performance indicator systems
Managed budgeting and forecasting including liquidity management
Produced controlling and management reports

Industries Experience

See where this freelancer has spent most of their professional time. Longer bars indicate deeper hands-on experience, while shorter ones reflect targeted or project-based work.

Experienced in Professional Services (11 years), Banking and Finance (9.5 years), Government and Administration (5.5 years), Energy (2 years), Tourism (1 year), and Sport (1 year).

Professional Services

Banking and Finance

Government and Administration

Energy

Tourism

Sport

Business Areas Experience

The graph below provides a cumulative view of the freelancer's experience across multiple business areas, calculated from completed and active engagements. It highlights the areas where the freelancer has most frequently contributed to planning, execution, and delivery of business outcomes.

Experienced in Finance (10.5 years), Information Technology (9 years), Audit (7 years), Project Management (7 years), Accounting (7 years), and Investments and M&A (5.5 years).

Finance

Information Technology

Audit

Project Management

Accounting

Investments and M&A

Summary

Industry-wide recognized expert in information security (ISO 27001/ NIS2 / DORA / KRITIS / (B,K,V)-AIT and risk management)
Many years of leadership experience as CISO & Head Risk and Compliance for various companies in Switzerland & Germany
Certified in ISO 27001 & Auditor, CISM, AI Security, Compliance & Risk, MBA (Finance)
Leader with a strong entrepreneurial and business mindset, multilingual communicator

Skills

Standards: Iso 27001, Nis2, Dora, (B)(k)(v)ait, Bsi It Baseline Protection, Kritis, Nist, Kag (Finma), Iso 9001
Accounting/reporting: Ifrs, Hgb, Us-gaap, Sox, Offshore Tax Law
It: Very Good Knowledge Of Bloomberg, Mig 21, Sage, Rimo R4, Sap R/3 (Co), Ms Word, Excel (Vba, Macros), Powerpoint, Project, Outlook, Lotus Notes, Staroffice, Citrix, Mesonic, Paragon, Mac Os
High Willingness To Learn And Strong Performance Drive
High Degree Of Self-initiative
Detail-oriented, Precise, And Committed Work Style
Strong Communication Skills

Languages

German

Native

English

Advanced

Hungarian

Advanced

Education

Oct 2011 - Jun 2012

Pacific States University

Master of Business Administration, specialization in Finance · Business Administration · Los Angeles, United States

Oct 2004 - Jun 2009

Fachhochschule Rosenheim

Diploma in Business Administration (FH), specialization in Controlling, Taxation & Auditing · Business Administration · Rosenheim, Germany

University of Hertfordshire

Erasmus exchange student · Hatfield, United Kingdom

...and 1 more

Certifications & licenses

Certified AI eMail Security Specialist

CISM

Cyber Crime & Digital Forensics

Forentec GmbH, CH

Cyber Threats

Swiss Infosec, CH

ISO / IEC 27001 Foundation

Digicomp Academy AG, CH

Profile

Created

January 2025

Last Update

December 2025

Need a freelancer? Find your match in seconds.

Try FRATCH GPT

Frequently asked questions

Do you have questions? Here you can find further information.

Where is Károly based?

Károly is based in Zug, Switzerland and can operate in on-site, hybrid, and remote work models.

What languages does Károly speak?

Károly speaks the following languages: German (Native), English (Advanced), Hungarian (Advanced).

How many years of experience does Károly have?

Károly has at least 19 years of experience. During this time, Károly has worked in at least 14 different roles and for 15 different companies. The average length of individual experience is 1 year and 3 months. Note that Károly may not have shared all experience and actually has more experience.

What roles would Károly be best suited for?

Based on recent experience, Károly would be well-suited for roles such as: NIS2 & Risk Strategy Consultant, Governance and Data Compliance Head, Interim Head of Global IT Security Awareness and Communication.

What is Károly's latest experience?

Károly's most recent position is NIS2 & Risk Strategy Consultant at RRC power solutions GmbH.

What companies has Károly worked for in recent years?

In recent years, Károly has worked for RRC power solutions GmbH, Steigenberger Hotels GmbH, Amer Sports Group, EWE Tel GmbH, and ivv – Informationsverarbeitung für Versicherungen.

Which industries is Károly most experienced in?

Károly is most experienced in industries like Professional Services, Banking and Finance, and Government and Public Administration. Károly also has some experience in Energy, Tourism and Hospitality, and Sport and Recreation.

Which business areas is Károly most experienced in?

Károly is most experienced in business areas like Finance, Information Technology (IT), and Accounting. Károly also has some experience in Project Management, Audit, Investments, and M&A & Venture Capital.

Which industries has Károly worked in recently?

Károly has recently worked in industries like Professional Services, Energy, and Tourism and Hospitality.

Which business areas has Károly worked in recently?

Károly has recently worked in business areas like Information Technology (IT), Project Management, and Audit.

What is Károly's education?

Károly holds a Master in Business Administration from Pacific States University and a Bachelor in Business Administration from Fachhochschule Rosenheim.

Does Károly have any certificates?

Károly has 5 certificates. Among them, these include: Certified AI eMail Security Specialist, CISM, and Cyber Crime & Digital Forensics.

What is the availability of Károly?

Károly is immediately available part-time for suitable projects.

What is the rate of Károly?

Károly's rate depends on the specific project requirements. Please use the Meet button on the profile to schedule a meeting and discuss the details.