Recommended expert
Robert Vattig
Freelance Consultant Information Security and Business Continuity
Experience
Jul 2020 - Present
5 years 7 monthsFreelance Consultant Information Security and Business Continuity
Freelance Business Consulting
- Provide consulting services nationwide in both private and public sectors
- Advise on information security management systems, IT Baseline Protection, KRITIS compliance, TISAX, business continuity and crisis management
- Support introduction of policies, risk management methods, asset registers and supplier management
- Conduct internal audits, training workshops and support audit preparations
Jan 2011 - Jun 2020
9 years 6 monthsSenior Consultant Information Security, Quality and Business Continuity
One of the largest IT service providers in Europe
- Conducted risk, security and IT emergency assessments of diverse technologies for individual IT services and entire infrastructures of various companies
- Audited and designed security for proprietary and standard software, including databases, operating systems, enterprise service bus, middleware, networks, web applications, cloud computing, IoT use cases, SAP, BI, MDM, SharePoint
- Gained over 14 years of experience in auditing and building management systems according to ISO 27001, ISO 22301, IT Baseline Protection and other standards
- Led projects responsible for creating policies, introducing risk management methods according to ISO 27001, ISO 27005 & ISO 31000, awareness measures, internal audits and support for initial, recertification and surveillance audits
Summary
As a Senior Consultant in Information Security, Quality and Business Continuity since 2011 for one of Europe's largest IT service providers. This involved conducting risk, security and IT emergency assessments of various technologies, both for individual IT services and entire infrastructures of different companies. Auditing and security design for various proprietary and standard software, e.g., databases, operating systems, enterprise service bus, middleware, networks, web applications, cloud computing, IoT use cases, SAP, BI, MDM, SharePoint etc.
This has provided over 14 years of experience in auditing and building management systems according to ISO 27001, ISO 22301, IT Baseline Protection and other standards. As project manager responsible for creating policies, implementing risk management methods according to ISO 27001, ISO 27005 & ISO 31000, awareness measures, internal auditing and support for initial, recertification and surveillance audits.
Since mid-2020 working as a freelance consultant across Germany in both the private and public sectors.
Skills
Technical Focus Areas
- Information Security Management System (Iso 27001)
- It Baseline Protection (Bsi Standards 200-1 To 200-3 And 200-4)
- It Security Catalog Per §11 (1a) Enwg (08/2015)
- Trusted Information Security Assessment Exchange (Tisax)
- Business Continuity & Crisis Management (Iso 22301, Bci Gpg)
- It-service Management System (Iso 20000)
- Quality Management System (Iso 9001)
- Risk Analyses (Iso 27001, Iso 27005, Iso 31000, Ms Stride)
- Security, Authorization And Data Protection Concepts For Various It Services
- Project Management
Methodical Competencies
- Risk Analyses (Iso 31000, Iso 27005, Cramm, Marisk, Ms Stride, Nist)
- Business Impact Analyses (Iso 22301, Iso 22317, Bsi 200-4 And Bci Gpg)
- Scoping And Asset Management (Iso 27003, Iso 27005, Cmdb)
- Creating Policies, Procedures And Security Concepts
- It Security Concepts (Segregation, Segmentation, Cia, Layered Security, Etc.)
- Audits According To Iso 19011, Awareness Measures And Presentations
- Workshop Facilitation And Project Management (Traditional And Agile, E.g., Scrum)
- It Baseline Protection (Bsi Standards 200-1 To 200-3 And 200-4)
- It Service Management And Governance (Iso 20000, Itil, Spice, Cobit, Coso)
- Quality Management (Iso 9001 And Iso/ts 16949)
- Data Protection Management (Bdsg, Gdpr)
- Kritis: B3s, Oha Sza, Specification Bsi §8a
- Current Regulations: Dora, Nis2, Ai Act, Cra, Kritis
Technological Competencies
- Hardening, Patch & Vulnerability Management, Network Security
- Cloud Computing, Big Data, Business Intelligence
- Sap Security & Compliance
- Iot & Iiot, Industrial Security, Industry 4.0
- Web Technologies
- Cryptographic Technologies
- Access Management
- Test Data Anonymization
- Software Development Processes, E.g., Waterfall, Scrum
- Standard Software, E.g., Ms Sharepoint, Apache Http Server, Etc.
- Programming Languages (C, C++, C+, Java, Vb, Html)
- Security Services, E.g., Siem, Soc Etc.
Tools
- Microsoft Office Including Vba And Openoffice
- Ms Project
- Verinice, Docsetminder
- Document Management Systems, E.g., Sharepoint
- Jira, Confluence
- Task Management Tools, Ticketing Tools
- Bizagi Bpmn Modeler, Aris
Soft Skills
- Communication Skills - Presenting Complex Topics
- Problem-solving Skills
- Resilience
- Analytical Thinking
- Teamwork
- Self-management And Sense Of Responsibility
Languages
German
AdvancedEnglish
AdvancedEducation
Lorem ipsum dolor sit amet
Master of Science, Diploma in Computer Science · Computer Science
Certifications & licenses
Additional Audit Procedure Competence §8a (3) BSIG
Lead Auditor ISO/IEC 27001:2022 Transition course
Lead Auditor ISO/IEC 22301:2019 Transition course
Crisis Management Essentials
First Aid Refresher Training
Emotional Leadership Practitioner
German Red Cross First Aid Course
IT Training: Successfully Planning, Designing and Conducting
Lead Auditor ISO/IEC 9001:2008
Internal Auditor Training
Lead Auditor ISO/IEC 27001:2013 Transition course
Auditor ISO 20000
Internal Auditor Training
Experience Workshop for Auditors
Lead Auditor ISO/IEC 27001:2005
Lead Auditor ISO 22301:2012
Implementation Course ISO/IEC 27001:2005
"Classified - For Official Use Only" (VS-NfD)
Need a freelancer? Find your match in seconds.
Try FRATCH GPT More actions
Similar Freelancers
Discover other experts with similar qualifications and experience
Björn Bausch
Project Manager NIS-2
View Profile
Sandra Klinkenberg
Webinar Leader - Blackout Prevention and Preparation
View Profile
Alexander Sänn
Owner and Managing Director
View Profile
Henryk Orantek
Security Consultant
View Profile
Maxim Ribakowski
Information Security Officer
View Profile
Christian Gebhardt
Deputy Chief Information Security Officer
View Profile
Christian Heutger
Lead Auditor
View Profile
Stephan Selnerat
IT-Security Manager
View Profile
Fabian Flock
OT Security Champion Europe
View Profile
Thomas Kupfer
Consultant/Coach ISO/SAE 21434 / UNECE R-155
View Profile
Volker Jung
Interim CISO (Germany, Austria, US, APAC), Auditor
View Profile
Federico Leefhelm
ISO – Senior Consultant Quality & Information Security
View Profile
Jörg Iffländer
External Information Security Officer
View Profile
Thomas Ullrich
Senior Consultant / PM Infrastructure Services & Workplace Migration
View Profile
Lucas Löcken
Consultant in Information Security, Data Protection and Business Continuity Management
View Profile
Matthias Steinmann
Senior Consultant Security (freelance)
View Profile
Markus Willems
KRITIS Consultant
View Profile
Bianca-beata Blaj
Consultant
View Profile
Günther Eufinger
Senior Consultant
View Profile
Volkmar Jaekel
Consultant
View Profile
Nikolaus Betzler
ICT Risk Management and Information Security
View Profile
Oliver Frömel
Senior IT Enterprise Security Architect | Project Bank Migration
View Profile
Friederike Balaz
Information Security Manager
View Profile
Mirko Haucke
Cybersecurity Manager
View Profile
Daniel Jüntgen
Information Security Consultant
View Profile
Michael Schwendemann
Compliance Consultant
View Profile
Valeri Milke
Associate Partner - Information Security Consulting
View Profile
Wilhelm Haupt
Project Manager / Senior Consultant
View Profile
Jörg Hoffmann
Managing Director; Data Protection Officer; Information Security Officer
View Profile
Pierre Gronau
Ansible Automation, Windows Third Level Support
View Profile
