Volker Jung - Interim CISO (Germany, Austria, US, APAC), Auditor

Q: Where is Volker based?

Volker is based in Gröbenzell, Germany and prefers 100% remote projects.

Q: What languages does Volker speak?

Volker speaks the following languages: German (Native), English (Advanced) .

Q: How many years of experience does Volker have?

Volker has at least 5 years of experience. During this time, Volker has worked in at least 5 different roles and for 5 different companies . The average length of individual experience is 1 year and 2 months . Note that Volker may not have shared all experience and actually has more experience.

Q: What is Volker's latest experience?

Volker's most recent position is Interim CISO (Germany, Austria, US, APAC), Auditor at Vetter Pharma-Fertigung GmbH & Co. KG .

Q: What companies has Volker worked for in recent years?

In recent years, Volker has worked for Vetter Pharma-Fertigung GmbH & Co. KG , METRONOMIA Clinical Research GmbH , and Framatome GmbH .

Q: Which industries is Volker most experienced in?

Volker is most experienced in industries like Pharmaceutical , Energy , and Manufacturing . Volker also has some experience in Insurance , Information Technology (IT) , and Professional Services .

Q: Which business areas is Volker most experienced in?

Volker is most experienced in business areas like Information Technology (IT) , Audit , and Legal and Compliance . Volker also has some experience in Supply Chain Management , Project Management , and Quality Assurance (QA) .

Q: What is Volker's education?

Volker attended education in Power plant electrician .

Q: Does Volker have any certificates?

Volker has 1 certificate : CISM .

Recommended expert

Gröbenzell, Germany

Experience

May 2023 - Oct 2024

1 year 6 months

Interim CISO (Germany, Austria, US, APAC), Auditor

Vetter Pharma-Fertigung GmbH & Co. KG

Planned and initiated BIA/BCM assessment to identify risk mitigation measures and process optimization, and provide risk transparency to the general management
Evaluated KRITIS/NIS-2 status and implemented requirements
Created comprehensive digital roadmap and ISO 27001/NIS-2/Data Privacy KRITIS roadmap
Enhanced crisis management process and documentation
Integrated information security clauses into customer and supplier contracts to ensure compliance with internal and regulatory requirements
Ensured organizational readiness for audits by the Landesbehörde für Aufsicht (LBA) and supported audit processes
Improved asset management processes and classification of sensitive data to strengthen overall security
Planned and ordered regular penetration tests (internal, external) to identify vulnerabilities and improve security measures
Performed compliance checks against EU CER requirements and reporting
Created management status and risk reports to ensure transparent communication of risks and security posture
Managed registration with the German Federal Office for Information Security (BSI) and provided ongoing status updates
Conducted risk assessment of supply chain, enhanced evaluation and reporting processes
Improved IT/OT network segmentation to enhance security and reduce potential audit risks
Strengthened cyber resilience by proactive measures and enhanced security frameworks and KPI reporting
Onboarded SIEM/SOC/EDR to improve cybersecurity monitoring and response
Planned and conducted awareness trainings for employees, administrators, and management
Enhanced incident reporting processes to ensure timely and accurate reporting of cybersecurity events
Created AI policy in cooperation with the Legal department to secure use and governance of Artificial Intelligence within the organization
Scoped and implemented ISO 27001:2022 requirements as part of the Information Security Management System
Served as interim InfoSec team lead
Introduced information security to global KAM and Sales organization
Improved admission and access management including privileged access
Conducted internal audits in collaboration with internal audit department

Mar 2023 - Present

3 years

Interim CISO, Auditor

METRONOMIA Clinical Research GmbH

Prepared for ISO 27001:2013 certification audit
Drafted ISO 27001 implementation roadmap
Scoped and implemented ISO 27001:2013 requirements
Planned and conducted migration from ISO 27001:2013 to ISO 27001:2022
Created comprehensive migration roadmap for ISO 27001:2022
Improved and performed risk assessments and reporting
Enhanced vulnerability scanning, management, and reporting
Managed ISMS documentation and management reporting with monthly updates
Improved supply chain risk assessment and reporting
Enhanced cyber resilience
Improved admission and access management including privileged access
Improved identity and access management process, monitoring, and reporting
Enhanced crisis management process and documentation
Planned and ordered regular penetration tests (internal, external) to identify vulnerabilities and improve security measures
Enhanced external vulnerability scanning and incident management and reporting process
Planned and conducted supplier risk assessments to ensure compliance with internal and regulatory requirements
Enhanced privileged access rights management and monitoring
Conducted internal audits to comply with ISO 27001 Annex A
Provided management status and risk reporting
Improved asset management processes and classification of sensitive data to strengthen overall security
Enhanced information security strategy
Created AI policy in cooperation with the Legal department to secure use and governance of Artificial Intelligence within the organization
Defined and installed CISO-relevant information security KPI reporting
Planned and conducted awareness trainings for employees, administrators, and management
Installed regular joint forums with Quality and IT lead
Set up regular joint forums with external DPO
Prepared and conducted KRITIS/NIS-2 relevance assessment for the enterprise

Apr 2021 - Nov 2022

1 year 8 months

Interim CISO (Germany, Hungary, Spain), Auditor, Deputy DPO

Framatome GmbH

Responsible for information security across the company and its subsidiaries in close cooperation with global and regional CISOs
Conducted BIA/BCM assessment to implement risk mitigation measures and process optimization
Developed awareness and phishing campaigns in Germany, Hungary, and Spain
Drafted security guidelines and processes for data carrier destruction
Reported information security status to the SMC and the Cybersecurity Steering Committee
Created and reviewed ISMS interface documentation and all other relevant documents
Enhanced crisis management process and documentation
Improved identity and access management process
Created budget forecasts for upcoming information security investments (technology, staffing, trainings)
Set up regular joint forums with risk manager and IT lead
Improved asset classification and asset management
Drafted cyber resilience strategy and roadmap
Aligned local strategy with global cybersecurity strategy
Improved risk management and reporting process
Set up SIEM/SOC and incident reporting
Conducted supplier audits
Developed and released cyber resilience guidelines
Drafted internal guidelines for handling VS-NfD information
Improved vulnerability scanning and penetration testing
Improved network segmentation for IT/OT
Reviewed and reworked roles and responsibilities
Sketched audit plan for service providers

May 2020 - Jul 2020

3 months

Consultant Supply Chain Resilience Strategy

Siemens AG

Reviewed Charter of Trust CP documents regarding cybersecurity measures for customers and suppliers
Collaborated with legal department on new and updated information security clauses
Performed protection requirement analysis for contractual cybersecurity measures
Conducted service provider audits (GDPR, processes, cybersecurity) and risk assessments
Developed measures and contractual clauses to improve cybersecurity in the supply chain

Feb 2019 - Apr 2020

1 year 3 months

Deputy Project Manager and Topic Lead, Risk and Efficiency Assessment of the Global Certificate Management Infrastructure

Munich Re

Assessed risk and efficiency of the global certificate management lifecycle infrastructure
Conducted protection requirements analysis according to ISO 27001:2013 and BSI standards
Aligned infrastructure with ISMS requirements
Redesigned resilience measures for the global certificate management process
Designed network segmentation for the new PKI
Optimized, centralized, and standardized global certificate management processes as sub-project manager
Trained external service provider

Skills

Interim Management
Leadership
Management Reporting
Iso/iec 27001
Nis-2 / Cer
Bsi / Kritis
Ai
Risk Management
Audit
Gdpr
Isms
Itil & Itsm
Management
Awareness Trainings

Languages

German

Native

English

Advanced

Education

Power plant electrician

Certifications & licenses

CISM

Profile

Created

January 2025

Last Update

January 2026

Need a freelancer? Find your match in seconds.

Try FRATCH GPT

Frequently asked questions

Do you have questions? Here you can find further information.

Where is Volker based?

Volker is based in Gröbenzell, Germany and prefers 100% remote projects.

What languages does Volker speak?

Volker speaks the following languages: German (Native), English (Advanced).

How many years of experience does Volker have?

Volker has at least 5 years of experience. During this time, Volker has worked in at least 5 different roles and for 5 different companies. The average length of individual experience is 1 year and 2 months. Note that Volker may not have shared all experience and actually has more experience.

What roles would Volker be best suited for?

Based on recent experience, Volker would be well-suited for roles such as: Interim CISO (Germany, Austria, US, APAC), Auditor, Interim CISO, Auditor, Interim CISO (Germany, Hungary, Spain), Auditor, Deputy DPO.

What is Volker's latest experience?

Volker's most recent position is Interim CISO (Germany, Austria, US, APAC), Auditor at Vetter Pharma-Fertigung GmbH & Co. KG.

What companies has Volker worked for in recent years?

In recent years, Volker has worked for Vetter Pharma-Fertigung GmbH & Co. KG, METRONOMIA Clinical Research GmbH, and Framatome GmbH.

Which industries is Volker most experienced in?

Volker is most experienced in industries like Pharmaceutical, Energy, and Manufacturing. Volker also has some experience in Insurance, Information Technology (IT), and Professional Services.

Which business areas is Volker most experienced in?

Volker is most experienced in business areas like Information Technology (IT), Audit, and Legal and Compliance. Volker also has some experience in Supply Chain Management, Project Management, and Quality Assurance (QA).

What is Volker's education?

Volker attended education in Power plant electrician.

Does Volker have any certificates?

Volker has 1 certificate: CISM.

What is the availability of Volker?

Volker is immediately available part-time for suitable projects.

What is the rate of Volker?

Volker's rate depends on the specific project requirements. Please use the Meet button on the profile to schedule a meeting and discuss the details.