Alexander Sänn - Owner and Managing Director

Q: Where is Alexander based?

Alexander is based in Bayreuth, Germany and can operate in on-site , hybrid , and remote work models.

Q: What languages does Alexander speak?

Alexander speaks the following languages: German (Native), English (Advanced) .

Q: How many years of experience does Alexander have?

Alexander has at least 21 years of experience. During this time, Alexander has worked in at least 24 different roles and for 24 different companies . The average length of individual experience is 1 year and 10 months . Note that Alexander may not have shared all experience and actually has more experience.

Q: What is Alexander's latest experience?

Alexander's most recent position is Lead Audit Conformity & IT Security Catalog at DAX Group Energy Supplier in the Renewable Energy Sector .

Q: What companies has Alexander worked for in recent years?

In recent years, Alexander has worked for DAX Group Energy Supplier in the Renewable Energy Sector , E-commerce and Closed-Loop Provider , Critical Infrastructure in International Energy Supply , Mechanical Engineering , and International Mobility Provider .

Q: Which industries is Alexander most experienced in?

Alexander is most experienced in industries like Energy , Information Technology , and Tourism . Alexander also has some experience in Manufacturing , Education , and Transportation .

Q: Which business areas is Alexander most experienced in?

Alexander is most experienced in business areas like Project Management , Information Technology , and Research and Development . Alexander also has some experience in Marketing , Product Development , and Strategy .

Q: Which industries has Alexander worked in recently?

Alexander has recently worked in industries like Energy , Manufacturing , and Information Technology .

Q: Which business areas has Alexander worked in recently?

Alexander has recently worked in business areas like Audit , Information Technology , and Quality Assurance .

Recommended expert

Bayreuth, Germany

Experience

Jan 2025 - Dec 2025

1 year

Lead Audit Conformity & IT Security Catalog

DAX Group Energy Supplier in the Renewable Energy Sector

Support in implementing the requirements of §8a of the BSI Act for critical infrastructures.
Systematic preparation and support for internal and external audits, resolution of previous deviations (HA, NA, VP).
Implementation of the specific requirements of the IT security catalog.
Development of trainings, creation of run books and conducting assessments to ensure operational effectiveness.

Jan 2025 - Dec 2025

1 year

External Information Security Officer

E-commerce and Closed-Loop Provider

Conduct risk analyses and vulnerability assessments
Support implementing an information security management system (ISMS) as a basis to meet the criteria of the Digital Operational Resilience Act (DORA)
Prepare software development for the requirements of the Cyber Resilience Act (CRA)
Set up a management system for vulnerabilities and security threats

Jan 2025 - Dec 2025

1 year

Workstream Lead for Log Collection, Extraction & Aggregation to enable a SIEM according to SzA

Critical Infrastructure in International Energy Supply

Implement a central log management system to meet KRITIS requirements in energy supply.
Act as workstream lead for collecting, extracting and aggregating log data from selected power plants.
Install and configure security components such as the genua Cyber-Diode and SYSLOG to ensure logging.

Jan 2025 - Dec 2025

1 year

Consulting on Strategic Implementation of the Cyber Resilience Act

Mechanical Engineering

Take inventory and conduct a gap analysis according to IEC 62443
Develop recommendations to ensure CRA compliance

Jan 2024 - Dec 2025

2 years

Project Consulting in the Field of Innovation

International Mobility Provider

Horizon scan: project planning of a trend analysis for IT emergency management using prelead

Jan 2024 - Dec 2025

2 years

Project Consultant for Security Concept and NIS2 Compliance

Water Supply

Consulting on implementing NIS2 and network segmentation in a critical infrastructure environment
Developing a security concept for a technical monitoring system including early warning logic, considering hybrid IT environments
Creating concepts and action plans to meet security requirements according to ISO 27001 and BSI IT Baseline Protection

Jan 2023 - Dec 2024

2 years

Project Manager for Establishing a Cybersecurity Program

DAX Energy Group

Assuming responsibility for setting up the project and managing delivery through to the finish line
Analyzing the program and project challenges and risks
Defining an effective approach
Restructuring and mobilizing colleagues and partner staff
Supporting the newly organized cybersecurity department on its path to the next level of operational maturity (e.g., evolving into a customer-focused, standardized, and sustainable organization)

Jan 2022 - Dec 2025

4 years

Lead for Cybersecurity Standards and Regulatory Requirements

DAX Machinery and Plant Engineering Group

Lead for a DAX-listed company and the largest industrial manufacturing firm in Europe. Spearheading certification and vendor self-certification according to IEC 62443-4-2 and GDPR.

Analyzing, aggregating, and assessing the regulatory impact of the EU Cyber Resilience Act (CRA), EU AI Act, EU Data Act, and NIS2
Developing a preparation and implementation plan and executing the necessary steps for compliance
Managing stakeholders and coordinating with external auditors
Representing the company in industry-specific internal and external committees

Jan 2022 - Dec 2025

4 years

§8a KRITIS Audit Support

International Mobility Provider

Audit support for the world's second-largest transport company. Assessing and completing the IS policies and documentation framework for IDW and BSI audit standards.

Supporting the 2nd Line of Defense in building and operating an Information Security Management System (ISMS) according to ISO 27001
Creating and maintaining policies, processes, and other governance documents (e.g., work instructions and manuals)
Contributing to information security strategy development
Supporting information security risk management
Implementing measures to eliminate or mitigate information security risks and deficiencies
Preparing for the next §8a audit cycle (2023)
Coordinating with departments to identify KRITIS-relevant assets
Creating a scoping document for KRITIS-relevant assets
Collecting and preparing evidence

Jan 2022 - Dec 2023

2 years

Project Consulting for 'ISALIP – Information Security Awareness, Literacy and Privacy'

Research Project

The project aimed to improve European citizens' readiness for the digital age. It addressed individual information security awareness, related skills, and risk management in professional and personal contexts.

Building networks of experts from partner countries and across Europe
Providing project consulting to define requirement, training, and qualification profiles, as well as content topics in cybersecurity

Jan 2021 - Dec 2022

2 years

Germany

Development and implementation of BSI IT baseline security projects

State Administration

Development and implementation of several BSI IT baseline security projects for state ministries in North Rhine-Westphalia and for federal agencies.

Jan 2021 - Dec 2022

2 years

Introduction of BSI IT baseline security

Public Sector

Introduction of BSI IT baseline security within a joint, coordinated maritime security control center.

Jan 2020 - Dec 2022

3 years

Manager with Prokura

Big4 Consulting

Project Manager for the implementation and maintenance of a quality management system according to ISO 9001 for consulting, auditing, and training in the fields of information security, risk management, data protection, and BCM
Transition Manager for the team transfer of 120 employees
Key Expert for OT security and general advisor on technical aspects of cybersecurity in the energy sector and other industries

Jan 2020 - Dec 2022

3 years

Project Manager for the technical implementation of a cyber security program in the OT area

DAX-listed chemical industry group

Technical implementation of a cyber security program in the OT area for the company's global sites.

Network scanning
Vulnerability management
Access management
Endpoint protection
Asset management
Awareness and tactical alignment of further measures to develop the cyber security maturity level

Jan 2020 - Dec 2022

3 years

Lead for privacy assessments within the Microsoft Supplier Security and Privacy Assurance (SSPA) program

Digital Company

Jan 2020 - Dec 2022

3 years

Technical Lead for the Implementation of ISO 27001

Mechanical Engineering

Technical lead for the implementation of ISO 27001 at a former DAX precision mechanical engineering company and the world's leading manufacturer of sheet-fed offset printing presses.

Jan 2017 - Dec 2020

4 years

Information Security Officer (ISO)

International TSO

Support in requirements engineering and technical implementation for the document management system OneDMS
Managing organizational change to develop a cybersecurity interface (policy development, implementation of technical requirements, awareness training, ticket management, supporting business projects with cybersecurity aspects and requirements)
Managing internal and external audits as well as supplier audits according to ISO 27001, ISO 27002 and ISO 27019 (as per IT security catalog)
Assisting the CISO, assessing protection requirements and monitoring cybersecurity aspects for IT and OT

Jan 2017 - Dec 2018

2 years

Senior Consultant

Consulting Company

Implementation of ISMS and GDPR-based PMS in subsidiaries of a consulting company (500+ employees), advisor for ISO 27001-based ISMS and GDPR

Jan 2017 - Dec 2018

2 years

Project Manager

Research & Development

Study on 'ISMS in the Energy Sector 2018'
In-house implementation of GDPR and ITIL-oriented services

Jan 2017 - Dec 2018

2 years

Senior Consultant

Real Estate Start-up

Implementation of an ISMS according to ISO 27001 in a real estate management company

Jan 2017 - Dec 2018

2 years

Senior Consultant

Municipal Supply and Transport Company

Support the Group CISO in governance, processes and awareness, incident management, strategic management and technical questions in the energy sector

Jan 2015 - Dec 2017

3 years

Bayreuth, Germany

Postdoc

University of Bayreuth, Chair of Innovation & Marketing

Industry study on "ISMS in the energy sector" with Energieforen Leipzig
Public study on the EU regulation on digital content for consumer protection (Bavarian State Ministry for the Environment and Consumer Protection)

Jan 2009 - Dec 2017

9 years

Cottbus, Germany

Doctoral Candidate

Brandenburg University of Technology Cottbus, Chair of Marketing and Innovation Management

Study on location management to overcome vacancies in industrial parks in the Lusatia energy region. Study commissioned by Vattenfall Europe Generation AG and the Lusatia-Spreewald Energy Region
Market analysis of the Bavarian, Brandenburg and Saxon tourism markets to derive suitable market entry strategies
Fundraising for the 20th anniversary event of Brandenburg University of Technology Cottbus
Lectures on eBusiness, international marketing and market-oriented product development

Jan 2009 - Dec 2015

7 years

Innovation Lead

IHP GmbH – Innovation for High Performance Microelectronics

Innovation management in the "Enhanced Security for Critical Infrastructures" project and project leadership for research and development in information security in critical infrastructures (KRITIS) for "Security in Sensor Networks"
Requirements engineering with IC-104, PROFINET, Profibus and other fieldbus communications to prepare for IDS/IPS implementation
Drafting several research proposals on 5G for tactile internet applications, information security architecture in future automotive developments, communication protocols and real-time requirements for information security in industrial applications
Various workshops with the BSI, BMI and BBK on UP-KRITIS, LÜKEX and KRITIS

Jan 2007 - Dec 2009

3 years

Technical Staff

Fraunhofer Application Center for Logistics Management ALI and Information Systems

Part of the Fraunhofer Institute for Material Flow and Logistics IML.

Implementation of real-time tracking systems in complex industrial environments with ubisense
Assessment of physical security at Sheremetyevo Cargo Airport in Moscow, Russia
User support for the Fraunhofer Public Key Infrastructure
Application development for a digital anamnesis for online and offline use by emergency services using .NET/C#/HTML and PRINCE2 (ADAC)
Development and promotion of an EU-wide injury database (IDB)
Event management for the "Night of Creative Minds" – a science roadshow
Organizational and technical assistance at the affiliated Chair for Industrial IT

Jan 2005 - Dec 2009

5 years

Cottbus, Germany

Founder

PC-Hilfe Cottbus

Various office IT projects for clients: websites, marketing and web design projects
Installation and maintenance of infrastructure and IT solutions in the tourism industry, e.g., implementation of Amadeus (Sabre) and Bistro Portal
Custom software development in the insurance sector
Various information security services

Industry Experience

See where this freelancer has spent most of their professional time.

Experienced in Energy, Information Technology, Manufacturing, Tourism, Education, and Transportation.

Energy

Information Technology

Manufacturing

Tourism

Education

Transportation

Business Area Experience

See which departments and functions this freelancer has contributed to most.

Experienced in Project Management, Information Technology, Research and Development, Marketing, Strategy, and Product Development.

Project Management

Information Technology

Research and Development

Marketing

Strategy

Product Development

Summary

ad2b-solutions GmbH protects companies in the supply chain of critical infrastructures from cyber security incidents, production failures and personal liabilities. To achieve this, organization-fit management systems are developed, certified and continuously improved based on established standards. This covers information security, handling of Artificial Intelligence (AI) and IT project management in general.

Example requirements for using a management system come from areas such as:

Cyber security according to ISO 27001, IEC 62443 and BSI IT baseline protection, privacy according to ISO 27001, quality management according to ISO 9001, business continuity management according to ISO 22301, risk management according to ISO 27005 and ISO 31000.
Project management according to PRINCE2, SCRUM, agile stage gate, lead user and open innovation, as well as taking into account established ITIL processes.

Under the brand prelead, innovation management in information security is methodically combined. This leads to the introduction and maintenance of information security while ensuring user-friendliness.

“Cyber Security as an Enabler” helps to develop processes, optimize the entire organization and align new projects from the start with requirements from regulations, market standards and customers.

By applying the practical prelead method, the right customer requirements are implemented. This avoids expensive rework and lack of compliance in target markets.

Skills

Certified Cyber Security Auditor Isa/iec 62443 (Ccsa) (Ul)
Certified Cyber Security Professional Iec 62443 (Ccsp) (Ul)
Certified Information System Security Professional (Cissp) (Isc2)
Certified Program Management Professional (Pgmp) Candidate (Pmmi)
Certified Information Security Manager (Cism)
Quality Systems Manager By German Society For Quality (Dgq)
Bsi-certified It Baseline Protection Consultant
Certified Senior Lead Auditor Iso 27001 (Pecb)
Certified It-service Management (Itil)
Certified Itil It-service Management Expert (Pwc Certification Services)
Certified Data Protection Officer (Pwc Certification Services)
Leading Across A Distance (Quadriga)
Certified Ethical Hacking And Countermeasures (Ceh)
Prince2 And Itil-related Project Management (Maxpert)
Various Critical Infrastructure Workshops By The German Society For Computer Science (Gi)
Certified Scrum Master (Ismf)
Leading At A Distance (Quadriga) And In Projects And Project Management Iso 21500 (Tiba)

Languages

German

Native

English

Advanced

Education

Oct 2009 - Jun 2017

Brandenburg University of Technology Cottbus

Dr. rer. pol., The Preference-Driven Lead User Method for New Product Development · Cottbus, Germany

Brandenburg University of Technology Cottbus

eBusiness program, specialization: application and operation of eBusiness systems · eBusiness · Cottbus, Germany

Certifications & licenses

BSI-certified IT Baseline Protection Consultant

Certified Cyber Security Auditor ISA/IEC 62443

Certified Cyber Security Professional IEC 62443 (CCSP)

pwc Certification Services

Certified Ethical Hacking And Countermeasures (CEH) Candidate

PMMI

Certified IT-Service Management (ITIL) (CCSA) (UL)

Certified ITIL IT-Service Management Expert

Certified Information Security Manager (CISM)

Certified Information System Security Professional (CISSP)

pwc Certification Services

Certified Program Management Professional (PgMP)

Leading at a Distance

Quadriga

Leading Across a Distance

quadriga

PRINCE2 And ITIL-related Project Management

maxpert

Project Management ISO 21500

TiBa

Quality Systems Manager

DGQ

Certified Data Protection Officer

Certified SCRUM Master

ISMF

Certified Senior Lead Auditor ISO 27001

PECB

Statistics

Experience

Total positions 26

Experience in Energy 17 y

Avg length 2 y 10 m

Longest experience 8 y 11 m

Global Experience

Countries worked in 1 (Germany)

Primary country Germany

Expertise

Recent roles Lead Audit Conformity & IT Security Catalog, External Information Security Officer, Workstream Lead for Log Collection, Extraction & Aggregation to enable a SIEM according to SzA

Main industries Energy, Information Technology, Manufacturing

Main business areas Project Management, Information Technology, Research and Development

Qualifications

Highest degree Doctorate

Certifications earned 17

Profile

Created

December 2025

Last Update

March 2026

Need a freelancer? Find your match in seconds.

Try FRATCH GPT

Frequently asked questions

Do you have questions? Here you can find further information.

Where is Alexander based?

Alexander is based in Bayreuth, Germany and can operate in on-site, hybrid, and remote work models.

What languages does Alexander speak?

Alexander speaks the following languages: German (Native), English (Advanced).

How many years of experience does Alexander have?

Alexander has at least 21 years of experience. During this time, Alexander has worked in at least 24 different roles and for 24 different companies. The average length of individual experience is 1 year and 10 months. Note that Alexander may not have shared all experience and actually has more experience.

What roles would Alexander be best suited for?

Based on recent experience, Alexander would be well-suited for roles such as: Lead Audit Conformity & IT Security Catalog, External Information Security Officer, Workstream Lead for Log Collection, Extraction & Aggregation to enable a SIEM according to SzA.

What is Alexander's latest experience?

Alexander's most recent position is Lead Audit Conformity & IT Security Catalog at DAX Group Energy Supplier in the Renewable Energy Sector.

What companies has Alexander worked for in recent years?

In recent years, Alexander has worked for DAX Group Energy Supplier in the Renewable Energy Sector, E-commerce and Closed-Loop Provider, Critical Infrastructure in International Energy Supply, Mechanical Engineering, and International Mobility Provider.

Which industries is Alexander most experienced in?

Alexander is most experienced in industries like Energy, Information Technology, and Tourism. Alexander also has some experience in Manufacturing, Education, and Transportation.

Which business areas is Alexander most experienced in?

Alexander is most experienced in business areas like Project Management, Information Technology, and Research and Development. Alexander also has some experience in Marketing, Product Development, and Strategy.

Which industries has Alexander worked in recently?

Alexander has recently worked in industries like Energy, Manufacturing, and Information Technology.

Which business areas has Alexander worked in recently?

Alexander has recently worked in business areas like Audit, Information Technology, and Quality Assurance.

What is Alexander's education?

Alexander holds a Doctorate from Brandenburg University of Technology Cottbus.

Does Alexander have any certificates?

Alexander has 17 certificates. Among them, these include: BSI-certified IT Baseline Protection Consultant, Certified Cyber Security Auditor ISA/IEC 62443, and Certified Cyber Security Professional IEC 62443 (CCSP).

What is the availability of Alexander?

Alexander will be available part-time from April 2026.

What is the rate of Alexander?

Alexander's rate depends on the specific project requirements. Please use the Meet button on the profile to schedule a meeting and discuss the details.