Recommended expert
Lucas Löcken
Consultant in Information Security, Data Protection and Business Continuity Management
Experience
Jan 2020 - Present
6 years 1 monthGermany
Consultant in Information Security, Data Protection and Business Continuity Management
Consulting and support in gathering information security requirements (IT-SIG 2.0, KRITIS, TISAX, industry standards, ISO 27001, A-960/1)
Acting as data protection officer and auditor as well as information security auditor
Conducting employee training
Updating risk analyses with risk treatment
Designing information security concepts based on BSI IT Baseline Protection, KRITIS, ISO 27001, A-960/1 and TISAX
Identifying information security requirements for IT systems (WAN, LAN, clouds) and overseeing implementation
Administering the ISMS using Verinice and SAVe
Integrating security concepts into existing management systems according to ISO 9001 and ISO 27001
Process management and modeling according to ITIL
Management consulting for integrating an ISMS into integrated management systems
Advising on data protection (GDPR, BDSG)
Planning and conducting data protection audits
Designing risk management processes and methodologies according to ISO 27005, ISO 31000 and BSI 200-3
Developing and setting up training programs for employees
Jan 2020 - Present
6 years 1 monthGermany
Lecturer / Trainer for Information Security
- Planning and conducting seminars, training sessions and webinars
- Training future BSI IT Baseline Protection practitioners and consultants as well as ISOs and CISOs
- Teaching BSI IT Baseline Protection, ITIL, ISO 27001, risk management, integrated management systems and business continuity management
Jul 2017 - Dec 2023
6 years 6 monthsHeilbronn, Germany
Chief Information Security Officer
Chief Information Security Officer
- Strategic consulting for the board of directors and executive management
- Adapting the national ISMS for international sites (India, USA, France, Poland, Italy)
- Creating audit programs, audit planning and execution
- Maintaining and continuously improving the ISMS
- Identifying information security requirements for IT systems and applications
- Supporting implementation, testing effectiveness and monitoring results
Oct 2015 - Dec 2023
8 years 3 monthsHeilbronn, Germany
Data Protection Auditor
Data Protection Auditor
- Responsibility for data protection nationally and internationally
- Creating data protection concepts, impact assessments and protection needs analyses
- Conducting audits
- Updating technical and organizational measures
- Advising the board of directors and executive management on data protection law issues
- Planning and conducting data protection audits
- Continuing technical and organizational measures (TOMs)
Aug 2014 - Dec 2023
9 years 5 monthsHeilbronn, Germany
Data Protection Officer
Data Protection Officer
- Creating data protection concepts, impact assessments and protection needs analyses
- Conducting audits
- Updating technical and organizational measures
- Advising the board of directors and executive management on data protection law issues
- Creating data protection policies on access control concepts, security zones, authorization concepts, role concepts and awareness training
Oct 2013 - Jun 2017
3 years 9 monthsTeublitz, Germany
Information Security Officer
Information Security Officer
- Establishment, implementation, operation and monitoring of an ISMS based on BSI IT-baseline protection and ISO 27001, TISAX
- Development of security concepts for networks, user permissions, and emergency management plans
- Audit planning and execution
- Expansion of the scope to all national sites
Jan 2013 - Jul 2013
7 monthsSchüttorf, Germany
Consultant Information Security
Consultant Information Security
- Establishment and implementation of multiple ISMS in line with BSI IT-baseline protection and ISO 27001
- Development of information security concepts according to A-960/1
- Collection of requirements through interviews and document reviews
- Creation of policies, process descriptions, procedural instructions, and work instructions
- Monitoring of the ISMS and performance checks
- Integration of security concepts and processes into an existing management system according to ISO 9001 and ISO 27001
- Process management of information security processes in line with ITIL
Skills
- International Projects
- Development Of Information Security Management Systems
- Iso 27001 - Isms
- Trusted Information Security Assessment Exchange - Tisax
- Bsi It Baseline Protection
- Security Concepts
- Audits
- Isms Tools
- Eu General Data Protection Regulation Gdpr
- German Federal Data Protection Act Bdsg
- Integrated Management Systems
- Iso 22301 - Business Continuity Management Bcms
- Iso 31000 Risk Management
- Iso 27005 Is Risk Management Lean Management
- Iso 9001 Quality Management
- Continuous Improvement Process - Cip
- Kritis
- A-960/1
- Employee Training
Languages
German
NativeEnglish
AdvancedEducation
Oct 2010 - Jun 2013
Düsseldorf University of Applied Sciences
Degree in Computer Science · Computer Science · Düsseldorf, Germany
Certifications & licenses
Information Security Lead Auditor
TÜV
Information Security Officer
TÜV
Data Protection Auditor
TÜV
EFQM Foundation
Data Protection Officer
TÜV
Need a freelancer? Find your match in seconds.
Try FRATCH GPT More actions
Similar Freelancers
Discover other experts with similar qualifications and experience
Alexander Sänn
Owner and Managing Director
View Profile
Björn Bausch
Project Manager NIS-2
View Profile
Federico Leefhelm
ISO – Senior Consultant Quality & Information Security
View Profile
Markus Willems
KRITIS Consultant
View Profile
Christian Heutger
Lead Auditor
View Profile
Jörg Iffländer
External Information Security Officer
View Profile
Michael Schwendemann
Compliance Consultant
View Profile
Christian Gebhardt
Deputy Chief Information Security Officer
View Profile
Burkhard Hinz
Consultant for Data Protection, AI, Compliance and Organizational Development
View Profile
Volkmar Jaekel
Consultant
View Profile
Fabian Flock
OT Security Champion Europe
View Profile
Nikolaus Betzler
ICT Risk Management and Information Security
View Profile
Sandra Klinkenberg
Webinar Leader - Blackout Prevention and Preparation
View Profile
Dirk Meissner
Project Manager AOS
View Profile
Maxim Ribakowski
Information Security Officer
View Profile
Stephan Selnerat
IT-Security Manager
View Profile
Bianca-beata Blaj
Consultant
View Profile
Jörg Hoffmann
Managing Director; Data Protection Officer; Information Security Officer
View Profile
Ina Rothe
Consultant
View Profile
Károly Aczél
NIS2 & Risk Strategy Consultant
View Profile
Volker Jung
Interim CISO (Germany, Austria, US, APAC), Auditor
View Profile
Thomas Ullrich
Senior Consultant / PM Infrastructure Services & Workplace Migration
View Profile
Najat Diamante
Data Protection Officer, Auditor and ICT Risk Control Function
View Profile
Henryk Orantek
Security Consultant
View Profile
Daniel Jüntgen
Information Security Consultant
View Profile
Pierre Gronau
Ansible Automation, Windows Third Level Support
View Profile
Christian Decker
Managing Director and Senior Consultant
View Profile
Thomas Kupfer
Consultant/Coach ISO/SAE 21434 / UNECE R-155
View Profile
Vladimir Mildenberger
IT & Cybersecurity Project Manager
View Profile
Peter Dittkuhn
Project coordination, consulting, IT security, ISMS, NIS2, continuous improvement
View Profile
