Lucas Löcken - Consultant in Information Security, Data Protection and Business Continuity Management

Q: Where is Lucas based?

Lucas is based in Nordwalde, Germany .

Q: What languages does Lucas speak?

Lucas speaks the following languages: German (Native), English (Advanced) .

Q: How many years of experience does Lucas have?

Lucas has at least 13 years of experience. During this time, Lucas has worked in at least 7 different roles and for 5 different companies . The average length of individual experience is 2 years and 10 months . Note that Lucas may not have shared all experience and actually has more experience.

Q: What is Lucas's latest experience?

Lucas's most recent position is Consultant in Information Security, Data Protection and Business Continuity Management .

Q: What companies has Lucas worked for in recent years?

In recent years, Lucas has worked for Chief Information Security Officer , Data Protection Auditor , and Data Protection Officer .

Q: Which industries is Lucas most experienced in?

Lucas is most experienced in industries like Information Technology (IT) , Professional Services , and Education .

Q: Which business areas is Lucas most experienced in?

Lucas is most experienced in business areas like Information Technology (IT) , Legal and Compliance , and Audit . Lucas also has some experience in Quality Assurance (QA) .

Q: Which industries has Lucas worked in recently?

Lucas has recently worked in industries like Professional Services , Information Technology (IT) , and Education .

Q: Which business areas has Lucas worked in recently?

Lucas has recently worked in business areas like Legal and Compliance , Audit , and Information Technology (IT) .

Recommended expert

Nordwalde, Germany

Experience

Jan 2020 - Present

6 years 3 months

Germany

Consultant in Information Security, Data Protection and Business Continuity Management

Consulting and support in gathering information security requirements (IT-SIG 2.0, KRITIS, TISAX, industry standards, ISO 27001, A-960/1)
Acting as data protection officer and auditor as well as information security auditor
Conducting employee training
Updating risk analyses with risk treatment
Designing information security concepts based on BSI IT Baseline Protection, KRITIS, ISO 27001, A-960/1 and TISAX
Identifying information security requirements for IT systems (WAN, LAN, clouds) and overseeing implementation
Administering the ISMS using Verinice and SAVe
Integrating security concepts into existing management systems according to ISO 9001 and ISO 27001
Process management and modeling according to ITIL
Management consulting for integrating an ISMS into integrated management systems
Advising on data protection (GDPR, BDSG)
Planning and conducting data protection audits
Designing risk management processes and methodologies according to ISO 27005, ISO 31000 and BSI 200-3
Developing and setting up training programs for employees

Jan 2020 - Present

6 years 3 months

Germany

Lecturer / Trainer for Information Security

Planning and conducting seminars, training sessions and webinars
Training future BSI IT Baseline Protection practitioners and consultants as well as ISOs and CISOs
Teaching BSI IT Baseline Protection, ITIL, ISO 27001, risk management, integrated management systems and business continuity management

Jul 2017 - Dec 2023

6 years 6 months

Heilbronn, Germany

Chief Information Security Officer

Strategic consulting for the board of directors and executive management
Adapting the national ISMS for international sites (India, USA, France, Poland, Italy)
Creating audit programs, audit planning and execution
Maintaining and continuously improving the ISMS
Identifying information security requirements for IT systems and applications
Supporting implementation, testing effectiveness and monitoring results

Oct 2015 - Dec 2023

8 years 3 months

Heilbronn, Germany

Data Protection Auditor

Responsibility for data protection nationally and internationally
Creating data protection concepts, impact assessments and protection needs analyses
Conducting audits
Updating technical and organizational measures
Advising the board of directors and executive management on data protection law issues
Planning and conducting data protection audits
Continuing technical and organizational measures (TOMs)

Aug 2014 - Dec 2023

9 years 5 months

Heilbronn, Germany

Data Protection Officer

Creating data protection concepts, impact assessments and protection needs analyses
Conducting audits
Updating technical and organizational measures
Advising the board of directors and executive management on data protection law issues
Creating data protection policies on access control concepts, security zones, authorization concepts, role concepts and awareness training

Oct 2013 - Jun 2017

3 years 9 months

Teublitz, Germany

Information Security Officer

Establishment, implementation, operation and monitoring of an ISMS based on BSI IT-baseline protection and ISO 27001, TISAX
Development of security concepts for networks, user permissions, and emergency management plans
Audit planning and execution
Expansion of the scope to all national sites

Jan 2013 - Jul 2013

7 months

Schüttorf, Germany

Consultant Information Security

Establishment and implementation of multiple ISMS in line with BSI IT-baseline protection and ISO 27001
Development of information security concepts according to A-960/1
Collection of requirements through interviews and document reviews
Creation of policies, process descriptions, procedural instructions, and work instructions
Monitoring of the ISMS and performance checks
Integration of security concepts and processes into an existing management system according to ISO 9001 and ISO 27001
Process management of information security processes in line with ITIL

Industries Experience

See where this freelancer has spent most of their professional time. Longer bars indicate deeper hands-on experience, while shorter ones reflect targeted or project-based work.

Experienced in Information Technology (12.5 years), Professional Services (12 years), and Education (6 years).

Information Technology

Professional Services

Education

Business Areas Experience

The graph below provides a cumulative view of the freelancer's experience across multiple business areas, calculated from completed and active engagements. It highlights the areas where the freelancer has most frequently contributed to planning, execution, and delivery of business outcomes.

Experienced in Information Technology (13 years), Legal (11.5 years), Audit (10 years), and Quality Assurance (6 years).

Information Technology

Legal

Audit

Quality Assurance

Skills

International Projects
Development Of Information Security Management Systems
Iso 27001 - Isms
Trusted Information Security Assessment Exchange - Tisax
Bsi It Baseline Protection
Security Concepts
Audits
Isms Tools
Eu General Data Protection Regulation Gdpr
German Federal Data Protection Act Bdsg
Integrated Management Systems
Iso 22301 - Business Continuity Management Bcms
Iso 31000 Risk Management
Iso 27005 Is Risk Management Lean Management
Iso 9001 Quality Management
Continuous Improvement Process - Cip
Kritis
A-960/1
Employee Training

Languages

German

Native

English

Advanced

Education

Oct 2010 - Jun 2013

Düsseldorf University of Applied Sciences

Degree in Computer Science · Computer Science · Düsseldorf, Germany

Certifications & licenses

Information Security Lead Auditor

TÜV

Information Security Officer

TÜV

Data Protection Auditor

TÜV

EFQM Foundation

Data Protection Officer

TÜV

Profile

Created

February 2024

Last Update

January 2026

Need a freelancer? Find your match in seconds.

Try FRATCH GPT

Frequently asked questions

Do you have questions? Here you can find further information.

Where is Lucas based?

Lucas is based in Nordwalde, Germany.

What languages does Lucas speak?

Lucas speaks the following languages: German (Native), English (Advanced).

How many years of experience does Lucas have?

Lucas has at least 13 years of experience. During this time, Lucas has worked in at least 7 different roles and for 5 different companies. The average length of individual experience is 2 years and 10 months. Note that Lucas may not have shared all experience and actually has more experience.

What roles would Lucas be best suited for?

Based on recent experience, Lucas would be well-suited for roles such as: Consultant in Information Security, Data Protection and Business Continuity Management, Lecturer / Trainer for Information Security, Chief Information Security Officer.

What is Lucas's latest experience?

Lucas's most recent position is Consultant in Information Security, Data Protection and Business Continuity Management.

What companies has Lucas worked for in recent years?

In recent years, Lucas has worked for Chief Information Security Officer, Data Protection Auditor, and Data Protection Officer.

Which industries is Lucas most experienced in?

Lucas is most experienced in industries like Information Technology (IT), Professional Services, and Education.

Which business areas is Lucas most experienced in?

Lucas is most experienced in business areas like Information Technology (IT), Legal and Compliance, and Audit. Lucas also has some experience in Quality Assurance (QA).

Which industries has Lucas worked in recently?

Lucas has recently worked in industries like Professional Services, Information Technology (IT), and Education.

Which business areas has Lucas worked in recently?

Lucas has recently worked in business areas like Legal and Compliance, Audit, and Information Technology (IT).

What is Lucas's education?

Lucas attended Düsseldorf University of Applied Sciences for Computer Science.

Does Lucas have any certificates?

Lucas has 5 certificates. Among them, these include: Information Security Lead Auditor, Information Security Officer, and Data Protection Auditor.

What is the availability of Lucas?

Lucas is immediately available full-time for suitable projects.

What is the rate of Lucas?

Lucas's rate depends on the specific project requirements. Please use the Meet button on the profile to schedule a meeting and discuss the details.

How to hire Lucas?

To hire Lucas, click the Meet button on the profile to request a meeting and discuss your project needs.

Average rates for similar positions

Rates are based on recent contracts and do not include FRATCH margin.

1000

750

500

250

Market avg: 800-960 €

The rates shown represent the typical market range for freelancers in this position based on recent contracts on our platform.

Actual rates may vary depending on seniority level, experience, skill specialization, project complexity, and engagement length.

Similar Freelancers

Discover other experts with similar qualifications and experience

Experts recently working on similar projects

Freelancers with hands-on experience in comparable project as a Consultant in Information Security, Data Protection and Business Continuity Management