Go to Website
  • en
  • de

Max C.

Cyber Security, Audit, GRC

Amsterdam, Netherlands

Experience

Jan 2024 - Present
1 year 10 months

Cyber Security, Audit, GRC

Freelance

  • Various projects with Wolters Kluwer (Security IT Audit) and Nebius AI (SOC 2, ISO 27001 and SOX controls implementation).
Jan 2022 - Jan 2024
2 years 1 month

Head of Cyber Security

Gorillas / Getir NL

  • Information Security strategy development aligned with the company's goals and the unicorn’s risk appetite.

  • Contributing to higher evaluation of the company targeting investment rounds and IPO. Participation in Tech Due Diligence.

  • Performing risk-based assessments and controls implementation (GDPR, ISO 27002:2022). Development of internal security processes, policies and procedures (ISO 27001, NIST 800-53, CIS 8).

Jan 2021 - Dec 2021
1 year

Information Security Officer

Mollie

  • Information security governance and security operations implementation for the fast-growing fintech scale-up (300–800 employees).

  • PCI DSS, PSD2, KYC and GDPR compliance activities.

  • IT & Security risk assessment according to the DNB requirements.

  • Reporting on threats, security gaps and risk response plans.

Jan 2020 - Dec 2020
1 year

IT Risk & Security Lead

SBM Offshore

  • Leading transformation in IT supporting implementation of a solid IT internal control framework for internal and external audits.
Jan 2019 - Dec 2019
1 year

Group Senior Manager Internal Control - Digital and Technology

VEON

  • Internal control strategy, implementation and testing (SOX, IT).

  • Oracle Fusion internal control implementation (FCPA, SOX and anti-bribery and corruption controls).

  • Internal control reporting to the Board (Risk & Audit Committee).

  • Third-party SOC reporting evaluation (Oracle, Ericsson, Amdocs) including SOC 1/2, ISO 27001, ISO 27017, ISO 27018.

  • Cyber-security risks and controls advisory and project work.

  • Management self-assessment (Internal SOX certification).

Aug 2016 - Dec 2018
2 years 5 months

Manager - Risk Advisory

Deloitte

  • Led an IT SOX audit at the largest national telecom holding (100 M subscribers) and was responsible for revenue and IT processes assessment.
May 2014 - Aug 2016
2 years 4 months

Internal IT Auditor

Megafon

  • Risk-based IT audit to provide reasonable assurance to management on risks which could affect the company’s goals.

  • Effective follow-up and remediation of issues and deviations.

  • Efficiency through optimization.

  • Fraud investigation and management consulting.

  • Advisory to management on building internal control systems.

  • Current analysis of financial and business activities.

Sep 2013 - May 2014
9 months
Remote

Service Delivery Lead

Hewlett-Packard

  • Supervised first and second line 30 FTE technical support (service delivery for 2 000+ office and remote users).

  • Supported server-side hardware and infrastructure software (HP ProLiant bare metal, 3Par, Microsoft, Symantec).

  • Configuration, maintenance and monitoring of on-premises infrastructure (VMware).

  • Implementation of HP ITSM standards.

Sep 2004 - Sep 2013
9 years 1 month

Deputy CIO

Management Academy

  • Support and maintenance of 30 servers (Windows Server 2003/2008, Gentoo Linux servers).

  • Design and implementation of a fail-over VMware 3.5 cluster.

  • Manage a fleet of 350 PCs, terminals, over 2 000 active users.

  • LAN/WAN networking and Linux-based networking services (OSPF, BIND, Apache, MySQL, PHP, Nginx, Samba, iptables, proxy).

  • Maintenance of telecommunication infrastructure, including switches, routers, VoIP.

Summary

I bring over a decade of experience in cyber security, audit, and governance, risk, and compliance, having successfully implemented robust internal control frameworks and security strategies across fintech, tech, and large multinational companies. I focus on risk-based assessments, compliance with standards like ISO 27001, SOC, and GDPR, and building clear security processes that align with business goals.

I have led transformative projects and driven due diligence efforts that enhanced companies’ valuations and operational efficiency. My hands-on experience spans IT risk management, internal controls, and security audits, ensuring that organizations stay secure while achieving strategic objectives.

Languages

Russian
Native
English
Advanced
Dutch
Elementary

Education

Oct 2013 - Jun 2015

HSE University

MSc · Computer Science · Russian Federation

Oct 2003 - Jun 2008

Municipal Management Academy

BSc · Management · Russian Federation

Certifications & licenses

Certified Information Systems Auditor (CISA)

ISACA

Certified Ethical Hacker (CEH)

Certified Internal Auditor (CIA)

Cisco Certified CyberOps Associate

Google Project Management

Need a freelancer? Find your match in seconds.
Try FRATCH GPT
More actions

Similar Freelancers

Discover other experts with similar qualifications and experience

Maxim R.

Information Security Officer

View Profile
Arnd F.

Interim Manager “Head of Risk Management and Audit”

View Profile
Valeri M.

DORA Readiness – Gap Analysis and Implementation for Banks

View Profile
Björn B.

Auditor

View Profile
Federico L.

ISO – Senior Consultant Quality & Information Security

View Profile
Manfred L.

Support for the Chief Security Officer (CSO) and Chief Information Security Officer (CISO)

View Profile
Markus W.

IT security consultant

View Profile
Swetlana L.

IT Audit | Internal Control | SOX

View Profile
Dirk M.

Project Lead

View Profile
Henryk O.

Security Consultant

View Profile
Andreas K.

Lead Auditor, ICT

View Profile
Fabian F.

OT Security Champion Europe

View Profile
Lucas L.

Consultant in Information Security, Data Protection and Business Continuity Management

View Profile
Sascha L.

CEO

View Profile
Stephan S.

IT-Security Manager

View Profile
fratch Part of Bitkom logo
linkedIncrunchbaseyoutube
  • English
  • Deutsch

2025 © FRATCH.IO GmbH. All rights reserved.