Alexander Sänn - Owner and Managing Director

Q: Where is Alexander based?

Alexander is based in Bayreuth, Germany and can operate in on-site , hybrid , and remote work models.

Q: What languages does Alexander speak?

Alexander speaks the following languages: German (Native), English (Advanced) .

Q: How many years of experience does Alexander have?

Alexander has at least 21 years of experience. During this time, Alexander has worked in at least 24 different roles and for 25 different companies . The average length of individual experience is 1 year and 10 months . Note that Alexander may not have shared all experience and actually has more experience.

Q: What is Alexander's latest experience?

Alexander's most recent position is Lead Audit Conformity & IT Security Catalog at DAX-listed energy company in the renewable energy sector .

Q: What companies has Alexander worked for in recent years?

In recent years, Alexander has worked for DAX-listed energy company in the renewable energy sector , E-commerce and closed-loop provider , Critical infrastructure in international energy supply , Mechanical engineering company , and International mobility provider .

Q: Which industries is Alexander most experienced in?

Alexander is most experienced in industries like Energy , Information Technology , and Tourism . Alexander also has some experience in Manufacturing , Education , and Transportation .

Q: Which business areas is Alexander most experienced in?

Alexander is most experienced in business areas like Project Management , Information Technology , and Research and Development . Alexander also has some experience in Marketing , Product Development , and Strategy .

Q: Which industries has Alexander worked in recently?

Alexander has recently worked in industries like Energy , Manufacturing , and Information Technology .

Q: Which business areas has Alexander worked in recently?

Alexander has recently worked in business areas like Audit , Information Technology , and Quality Assurance .

Recommended expert

Bayreuth, Germany

Experience

Jan 2025 - Dec 2025

1 year

Lead Audit Conformity & IT Security Catalog

DAX-listed energy company in the renewable energy sector

Support for implementing the requirements of § 8a of the BSI Act for critical infrastructures.
Systematic preparation and support for internal and external audits, resolution of previous deviations (HA, NA, VP).
Implementation of the specific requirements of the IT security catalog.
Development of training, creation of run books and conducting assessments to ensure operational effectiveness.

Jan 2025 - Dec 2025

1 year

External Information Security Officer

E-commerce and closed-loop provider

Conducting risk analyses and vulnerability assessments
Supporting the implementation of an information security management system (ISMS) as a basis for meeting the criteria of the Digital Operational Resilience Act (DORA)
Preparing software development for the requirements of the Cyber Resilience Act (CRA)
Establishing a management system for vulnerabilities and security threats

Jan 2025 - Dec 2025

1 year

Workstream Lead for Log Collection, Extraction & Aggregation to enable a SIEM under SzA

Critical infrastructure in international energy supply

Implementation of a central log management system to meet KRITIS requirements in the energy sector
Responsibility as workstream lead for collecting, extracting and aggregating log data from selected power plants
Installation and configuration of security components, such as the genua cyber-diode and SYSLOG, to ensure logging

Jan 2025 - Dec 2025

1 year

Consulting on strategic implementation of the Cyber Resilience Act

Mechanical engineering company

Inventory and gap analysis according to IEC 62443
Development of recommendations to ensure CRA compliance

Jan 2024 - Dec 2025

2 years

Project consulting in innovation

International mobility provider

Horizon scan: planning a trend analysis for IT emergency management using prelead

Jan 2024 - Dec 2025

2 years

Project consulting for security concept and NIS2 compliance

Water utility

Advising on implementing NIS2 and network segmentation in a critical infrastructure environment
Developing a security concept for a technical monitoring system including early warning logic, taking into account hybrid IT environments
Creating concepts and action plans within the security requirements of ISO 27001 and BSI IT-Grundschutz

Jan 2023 - Dec 2024

2 years

Project manager for establishing a cybersecurity program

DAX-listed energy provider

Taking responsibility for setting up the project and managing delivery to the finish line
Analyzing the challenges and risks of the program and project
Defining an effective approach
Restructuring and mobilizing colleagues and partner employees
Supporting the newly organized cybersecurity department on its path to the next level of operational maturity (e.g., evolving into a customer-focused, standardized, and sustainable organization)

Jan 2022 - Dec 2025

4 years

Lead for cybersecurity standards and regulatory requirements

DAX-listed machinery and plant engineering group

Lead for a DAX-listed company, the largest industrial manufacturing firm in Europe. Responsible for certification and manufacturer self-certification under IEC 62443-4-2 and GDPR.

Analyzing, aggregating, and assessing the regulatory impact of the EU Cyber Resilience Act (CRA), the EU AI Acts, the EU Data Act, and NIS2
Developing a preparation and implementation plan and implementing the necessary steps to achieve compliance
Stakeholder management and coordination with external auditors
Representation in industry-specific internal and external committees

Jan 2022 - Dec 2025

4 years

§8a KRITIS audit support

International mobility provider

Audit support for the second-largest transport company in the world. Evaluating and completing the information security policies and documentation framework for IDW and BSI audit standards.

Supporting the 2nd line of defense in establishing and operating an information security management system (ISMS) according to ISO 27001
Creating and maintaining policies, processes, and other framework documents (e.g., work instructions and manuals)
Contributing to the information security strategy
Supporting information security risk management
Implementing measures to eliminate or reduce information security risks and gaps
Preparing for the next §8a audit cycle (2023)
Coordination with departments to identify KRITIS-relevant assets
Creating a scope document for KRITIS-relevant assets
Collecting and preparing evidence

Jan 2022 - Dec 2023

2 years

Project consulting for "ISALIP – Information Security Awareness, Literacy and Privacy"

Research project

The project aimed to improve European citizens' readiness for the digital age. It addressed individual awareness of information security, related skills, and risk management in professional and private contexts.

Building a network of experts from partner countries and at the European level
Providing project consulting to define requirement, training, and qualification profiles as well as content topics in the field of cyber security

Jan 2021 - Dec 2022

2 years

Germany

Development and Execution of BSI IT-Grundschutz Projects

State Administration

Developed and executed multiple BSI IT-Grundschutz projects for state ministries in North Rhine-Westphalia and for federal agencies.

Jan 2021 - Dec 2022

2 years

Implementation of BSI IT-Grundschutz

Public Sector

Implemented BSI IT-Grundschutz in a joint, coordinated maritime security command center.

Jan 2020 - Dec 2022

3 years

Manager with Power of Attorney

Big4 Consulting

Project manager for the implementation and maintenance of a quality management system according to ISO 9001 for consulting, auditing and training in information security, risk management, data protection and BCM
Transition manager for moving a team of 120 employees
Key expert for OT security and general consultant on technical aspects of cyber security in the energy sector and other industries

Jan 2020 - Dec 2022

3 years

Project Manager for the Technical Implementation of a Cyber Security Program in the OT Area

DAX Chemical Industry Group

Technical implementation of a cyber security program in the OT area for the company's global sites.

Network scanning
Vulnerability management
Access management
Endpoint protection
Asset management
Awareness and tactical alignment of further measures to develop the cyber security maturity level

Jan 2020 - Dec 2022

3 years

Lead for Data Protection Assessments within the Microsoft Supplier Security and Privacy Assurance (SSPA) Program

Digital Company

Jan 2020 - Dec 2022

3 years

Technical Lead for ISO 27001 implementation

Mechanical Engineering

Technical Lead for ISO 27001 implementation at a former DAX precision engineering company and a world-leading manufacturer of sheetfed offset printing presses.

Jan 2017 - Dec 2020

4 years

Information Security Officer (ISO)

International TSO

Support in requirements engineering and the technical implementation of the OneDMS document management system
Manage organizational change to develop a cybersecurity interface (policy development, technical requirements implementation, awareness training, ticket management, support for business projects on cybersecurity aspects and requirements)
Manage internal and external audits and supplier audits according to ISO 27001, ISO 27002 and ISO 27019 (based on the IT security catalogue)
Support the CISO, assess protection needs and monitor cybersecurity aspects for IT and OT

Jan 2017 - Dec 2018

2 years

Senior Consultant

Consulting firm

Implementation of ISMS and GDPR-based PMS in subsidiaries of a consulting firm (500+ employees); consultant for ISO 27001-based ISMS and GDPR

Jan 2017 - Dec 2018

2 years

Project Manager

Research & Development

Study on "ISMS in the Energy Sector 2018"
In-house implementation of GDPR and ITIL-oriented services

Jan 2017 - Dec 2018

2 years

Senior Consultant

Real Estate Startup

Implementation of an ISMS according to ISO 27001 in a property management company

Jan 2017 - Dec 2018

2 years

Senior Consultant

Municipal Utility and Transportation Company

Support for the Group CISO in governance, processes and awareness, incident management, strategic management and technical issues in the energy sector

Jan 2015 - Dec 2017

3 years

Bayreuth, Germany

Postdoc

University of Bayreuth, Chair of Innovation & Marketing

Industry study on “ISMS in the energy sector” with Energieforen Leipzig
Public study on the EU regulation on digital content for consumer protection (Bavarian State Ministry for the Environment and Consumer Protection)

Jan 2009 - Dec 2017

9 years

Cottbus, Germany

Doctoral Candidate

Brandenburg University of Technology Cottbus, Chair of Marketing and Innovation Management

Study on site management to overcome vacancies in industrial parks in the Lausitz energy region. Study commissioned by Vattenfall Europe Generation AG and Energieregion Lausitz Spreewald
Market analysis of the Bavarian, Brandenburg, and Saxon tourism markets to derive suitable market entry strategies
Fundraising for the "20 Years of Brandenburg University of Technology Cottbus" event
Lectures on eBusiness, international marketing, and market-oriented product development

Jan 2009 - Dec 2015

7 years

Innovation Lead

IHP GmbH – Innovation for High-Performance Microelectronics

Innovation management in the project “Enhanced Security for Critical Infrastructures” and project manager for research and development in information security for critical infrastructures (KRITIS) on “Security in Sensor Networks”
Requirements engineering with IC-104, PROFINET, Profibus and other fieldbus communications to prepare implementation in IDS/IPS
Drafted several research proposals on 5G for tactile internet applications, information security architecture in future automotive developments, communication protocols, and real-time requirements for industrial information security
Various workshops with BSI, BMI, BBK on UP-KRITIS, LÜKEX and KRITIS

Jan 2007 - Dec 2009

3 years

Technical Associate

Fraunhofer Application Center for Logistics Management ALI and Information Systems

Part of the Fraunhofer Institute for Material Flow and Logistics IML.

Implementation of real-time tracking systems in complex industrial environments using Ubisense
Assessment of physical security at Sheremetyevo Cargo Airport in Moscow, Russia
User support for the Fraunhofer Public Key Infrastructure
Application development for a digital medical history tool for online and offline use by emergency services with .NET/C#/HTML and PRINCE2 (ADAC)
Development and promotion of an EU-wide injury database (IDB)
Event management for the "Night of Creative Minds" – a science roadshow
Organizational and technical assistance at the affiliated Chair of Industrial IT

Jan 2005 - Dec 2009

5 years

Cottbus, Germany

Founder

PC-Hilfe Cottbus

Various on-site Office IT projects: websites, marketing and web design projects
Installation and maintenance of infrastructure and IT solutions in the tourism industry, e.g. implementation of Amadeus (Sabre) and Bistro Portal
Custom software development in the insurance sector
Various information security services

Industry Experience

See where this freelancer has spent most of their professional time.

Experienced in Energy, Information Technology, Manufacturing, Tourism, Education, and Transportation.

Energy

Information Technology

Manufacturing

Tourism

Education

Transportation

Business Area Experience

See which departments and functions this freelancer has contributed to most.

Experienced in Project Management, Information Technology, Research and Development, Marketing, Strategy, and Product Development.

Project Management

Information Technology

Research and Development

Marketing

Strategy

Product Development

Summary

ad2b-solutions GmbH protects companies in the supply chain of critical infrastructures from cyber security incidents, production downtime and personal liability issues. Based on established standards, management systems tailored to each organization are developed, certified and continuously improved. This covers information security, the use of artificial intelligence (AI), as well as IT project management in general.

Sample requirements for using a management system include:

Cyber security according to ISO 27001, IEC 62443 and BSI IT Baseline Protection, data protection according to ISO 27001, quality management according to ISO 9001, business continuity management according to ISO 22301, risk management according to ISO 27005 and ISO 31000.
Project management according to PRINCE2, SCRUM, agile Stage Gate, lead user and Open Innovation, taking into account established ITIL processes.

Under the prelead brand, innovation management in the field of information security is methodically combined. This leads to the introduction and maintenance of information security while ensuring user-friendliness.

“Cyber security as an enabler” helps to develop processes, optimize the whole organization and align new projects from the start with requirements from regulations, market standards and customers.

By applying the practical method according to prelead, the right customer requirements are implemented. This avoids costly rework and lack of compliance in target markets.

Skills

Certified Cyber Security Auditor Isa/iec 62443 (Ccsa) (Ul)
Certified Cyber Security Professional Iec 62443 (Ccsp) (Ul)
Certified Information System Security Professional (Cissp) (Isc2)
Certified Program Management Professional (Pgmp) Candidate (Pmmi)
Certified Information Security Manager (Cism)
Quality Systems Manager By German Society For Quality (Dgq)
Bsi-certified It Baseline Protection Consultant
Certified Senior Lead Auditor Iso 27001 (Pecb)
Certified It-service Management (Itil)
Certified Itil It-service Management Expert (Pwc Certification Services)
Certified Data Protection Officer (Pwc Certification Services)
Leading Across A Distance (Quadriga)
Certified Ethical Hacking And Countermeasures (Ceh)
Prince2 And Itil-related Project Management (Maxpert)
Various Critical Infrastructure Workshops By The German Informatics Society (Gi)
Certified Scrum Master (Ismf)
Leadership At A Distance (Quadriga) And In Projects And Project Management Iso 21500 (Tiba)

Languages

German

Native

English

Advanced

Education

Oct 2009 - Jun 2017

Brandenburg University of Technology Cottbus

Dr. rer. pol., The Preference-Driven Lead User Method for New Product Development · Cottbus, Germany

Brandenburg University of Technology Cottbus

eBusiness degree program, specialization: application and operation of eBusiness systems · eBusiness · Cottbus, Germany

Certifications & licenses

BSI-certified IT Baseline Protection Consultant

Certified Cyber Security Auditor ISA/IEC 62443

Certified Cyber Security Professional IEC 62443 (CCSP)

pwc Certification Services

Certified Ethical Hacking And Countermeasures (CEH) Candidate

PMMI

Certified IT-Service Management (ITIL) (CCSA) (UL)

Certified ITIL IT-Service Management Expert

Certified Information Security Manager (CISM)

Certified Information System Security Professional (CISSP)

pwc Certification Services

Certified Program Management Professional (PgMP)

Leadership at a Distance

Quadriga

Leading Across a Distance

quadriga

PRINCE2 And ITIL-related Project Management

maxpert

Project Management ISO 21500

TiBa

Quality Systems Manager

DGQ

Certified Data Protection Officer

Certified SCRUM Master

ISMF

Certified Senior Lead Auditor ISO 27001

PECB

Statistics

Experience

Total positions 26

Experience in Energy 17 y

Avg length 2 y 10 m

Longest experience 8 y 11 m

Global Experience

Countries worked in 1 (Germany)

Primary country Germany

Expertise

Recent roles Lead Audit Conformity & IT Security Catalog, External Information Security Officer, Workstream Lead for Log Collection, Extraction & Aggregation to enable a SIEM under SzA

Main industries Energy, Information Technology, Manufacturing

Main business areas Project Management, Information Technology, Research and Development

Qualifications

Highest degree Doctorate

Certifications earned 17

Profile

Created

December 2025

Last Update

February 2026

Need a freelancer? Find your match in seconds.

Try FRATCH GPT

Frequently asked questions

Do you have questions? Here you can find further information.

Where is Alexander based?

Alexander is based in Bayreuth, Germany and can operate in on-site, hybrid, and remote work models.

What languages does Alexander speak?

Alexander speaks the following languages: German (Native), English (Advanced).

How many years of experience does Alexander have?

Alexander has at least 21 years of experience. During this time, Alexander has worked in at least 24 different roles and for 25 different companies. The average length of individual experience is 1 year and 10 months. Note that Alexander may not have shared all experience and actually has more experience.

What roles would Alexander be best suited for?

Based on recent experience, Alexander would be well-suited for roles such as: Lead Audit Conformity & IT Security Catalog, External Information Security Officer, Workstream Lead for Log Collection, Extraction & Aggregation to enable a SIEM under SzA.

What is Alexander's latest experience?

Alexander's most recent position is Lead Audit Conformity & IT Security Catalog at DAX-listed energy company in the renewable energy sector.

What companies has Alexander worked for in recent years?

In recent years, Alexander has worked for DAX-listed energy company in the renewable energy sector, E-commerce and closed-loop provider, Critical infrastructure in international energy supply, Mechanical engineering company, and International mobility provider.

Which industries is Alexander most experienced in?

Alexander is most experienced in industries like Energy, Information Technology, and Tourism. Alexander also has some experience in Manufacturing, Education, and Transportation.

Which business areas is Alexander most experienced in?

Alexander is most experienced in business areas like Project Management, Information Technology, and Research and Development. Alexander also has some experience in Marketing, Product Development, and Strategy.

Which industries has Alexander worked in recently?

Alexander has recently worked in industries like Energy, Manufacturing, and Information Technology.

Which business areas has Alexander worked in recently?

Alexander has recently worked in business areas like Audit, Information Technology, and Quality Assurance.

What is Alexander's education?

Alexander holds a Doctorate from Brandenburg University of Technology Cottbus.

Does Alexander have any certificates?

Alexander has 17 certificates. Among them, these include: BSI-certified IT Baseline Protection Consultant, Certified Cyber Security Auditor ISA/IEC 62443, and Certified Cyber Security Professional IEC 62443 (CCSP).

What is the availability of Alexander?

Alexander is immediately available part-time for suitable projects.

What is the rate of Alexander?

Alexander's rate depends on the specific project requirements. Please use the Meet button on the profile to schedule a meeting and discuss the details.