Henryk Orantek - Security Consultant

Q: Where is Henryk based?

Henryk is based in Blankenfelde-Mahlow, Germany and prefers 100% remote projects.

Q: What languages does Henryk speak?

Henryk speaks the following languages: English (Advanced), German (Intermediate) .

Q: How many years of experience does Henryk have?

Henryk has at least 26 years of experience. During this time, Henryk has worked in at least 15 different roles and for 20 different companies . The average length of individual experience is 1 year and 11 months . Note that Henryk may not have shared all experience and actually has more experience.

Q: What is Henryk's latest experience?

Henryk's most recent position is Security Consultant at Daimler AG .

Q: What companies has Henryk worked for in recent years?

In recent years, Henryk has worked for Daimler AG , Thyssenkrupp AG , Hochschule für Technik und Wirtschaft , Kertos GmbH , and Alte Leipziger Lebensversicherung .

Q: Which industries is Henryk most experienced in?

Henryk is most experienced in industries like Aerospace and Defense , Information Technology , and Education . Henryk also has some experience in Professional Services , Media and Entertainment , and Insurance .

Q: Which business areas is Henryk most experienced in?

Henryk is most experienced in business areas like Information Technology , Strategy , and Project Management . Henryk also has some experience in Quality Assurance , Customer Service , and Sales .

Q: Which industries has Henryk worked in recently?

Henryk has recently worked in industries like Information Technology , Professional Services , and Media and Entertainment .

Q: Which business areas has Henryk worked in recently?

Henryk has recently worked in business areas like Information Technology , Project Management , and Quality Assurance .

Recommended expert

Blankenfelde-Mahlow, Germany

Experience

Jun 2024 - Dec 2024

7 months

Security Consultant

Daimler AG

Development of a cloud security strategy
Implementation of cloud security governance to comply with ISO/IEC 27017 and the CSA CCM
Creation of a management system to control cloud security with a focus on process design as well as roles and responsibilities
Definition of security measures to safeguard cloud solutions
Conducting requirements analyses and defining the scope for cloud security projects
Achievements: Established an effective NIS2-compliant cloud security governance that meets industry-specific requirements and effectively minimizes cloud security risks

May 2024 - Jun 2024

2 months

Security Consultant

Thyssenkrupp AG

Requirements analysis and concept development for a security master data platform
Stakeholder management
Achievements: Systematic capture of relevant requirements and development of a clear concept for centralized management of security-relevant data

Nov 2023 - Dec 2024

1 year 2 months

University Lecturer

Hochschule für Technik und Wirtschaft

Information Security, Data Governance, Data Security and Privacy (in English)

Nov 2023 - Dec 2024

1 year 2 months

Strategic Business Advisor

Kertos GmbH

Consulting on the design and development of an ISMS tool to support security processes
Development of templates for key documents
Achievements: Co-developed a practical ISMS tool that helps companies efficiently implement security management systems

Jul 2023 - Feb 2024

8 months

Security Consultant

Alte Leipziger Lebensversicherung

Addressed findings from a BaFin audit and implemented improvement measures
Created and revised key documents to meet regulatory requirements
Advised management on security-related decision-making
Achievements: Improved audit compliance through clear guidelines and efficient implementation of security measures

Nov 2022 - Mar 2024

1 year 5 months

Security Consultant

Messe Berlin GmbH

Integration of a managed incident response service (SOC+SIEM as a Service)
Preparation of requirements specifications and support for the tender process, including selecting suitable vendors
Planning and coordination of the implementation of the new service
Achievements: Introduction of an efficient incident response system that significantly improved security monitoring

Jul 2022 - Dec 2022

6 months

Security Consultant

HABA Group B.V. & Co.KG

Conducting internal and external vulnerability scans
Performing penetration tests and providing follow-up recommendations
Implementing the program in cooperation with the tester, Pavel Andreyeu
Presenting results to management
Achievements: Strengthened the IT security infrastructure through detailed vulnerability analysis and targeted measures

Apr 2022 - Dec 2024

2 years 9 months

Coordinator Technical Security Assessment Program

Messe Berlin GmbH

Developing a Technical Assessment Program consisting of internal and external vulnerability scans, penetration tests, technical security audits, as well as re-checks, re-scans, and re-tests
Implementing the program in cooperation with the tester, Pavel Andreyeu
Providing recommendations for measures
Creating reports and presenting them to management
Preparing a risk-based annual report
Achievements: Creating visibility of the entire IT attack surface, generating a clear understanding of issues at the senior management level, and highlighting possible actions

Apr 2022 - Dec 2022

9 months

Security Consultant

Messe Berlin GmbH

Conducting internal and external vulnerability scans
Planning and executing penetration tests of critical systems with subsequent recommendations
Implementing the program in cooperation with the tester, Pavel Andreyeu
Presenting results to management
Achievements: Identifying and remediating critical vulnerabilities to improve IT security

Mar 2022 - Sep 2022

7 months

Interim Manager – CISO

HABA Group B.V. & Co.KG

Building and implementing an information security management system (establishing processes and structures, creating policies and security concepts)
Handling security incidents
Conducting penetration tests to identify and remediate vulnerabilities
Implementing the program in cooperation with the tester, Pavel Andreyeu
Assessing and improving overall information security levels
Developing a training and awareness program and delivering awareness activities
Developing system hardening measures
Procuring a managed incident response service (SOC+SIEM as a Service)
Achievements: Successfully building a structured ISMS that sustainably improved IT security and created clear responsibilities

Mar 2022 - Mar 2022

1 month

Security Consultant

DIB der Messe Berlin GmbH

Planning and conducting a penetration test of a web platform according to OWASP
Creating action catalogs and result reports
Implementing the program in cooperation with the tester, Pavel Andreyeu
Achievements: Identified critical vulnerabilities and developed countermeasures to improve security

Oct 2021 - Oct 2021

1 month

Security Consultant

Smart Country Convention (Messe Berlin GmbH)

Conducting a customized technical test to evaluate the IT in use
Identifying and assessing vulnerabilities
Recommending countermeasures
Achievements: Comprehensive penetration tests with vulnerability assessments

Jul 2021 - Dec 2021

6 months

Security Consultant

Messe Berlin GmbH

Developing a custom, tailored audit format
Assessing the technical and physical structures of the IT department based on ISO 20000
Developing improvement and optimization approaches
Creating a custom report according to client needs and presenting the results
Achievements: Identified improvement measures and optimized the IT department through tailored audits

Nov 2020 - Sep 2021

11 months

Security Consultant, IT Project Manager

Daimler AG

Replacing a COBOL-based legacy application (time and performance management system)
Developing security requirements
Supporting the procurement process and POCs, evaluating proposals, advising on vendor selection, assisting with contract drafting
Supporting the rollout of a cloud-based time management system
Advising on cloud security and guiding the cloud risk process
Achievements: Successful rollout of a secure cloud solution

Oct 2020 - Sep 2023

3 years

Information Security Officer

Messe Berlin GmbH

Handling information security incidents and developing a comprehensive incident response process
Designing and implementing an awareness program to train employees
Advising senior management on information security matters and assisting in decision-making
Achievements: Established a security culture that led to noticeable improvements in security levels

Mar 2020 - Dec 2023

3 years 10 months

Security Consultant

Messe Berlin GmbH

Building a governance structure for information security (role structures and processes) according to ISO/IEC 27001 and BSI IT-Grundschutz
Risk management
Business continuity management
IT emergency management
Awareness management
Auditing and test management
Conducting training sessions and workshops
Achievements: Building an effective information security governance that meets industry-specific requirements and effectively reduces security risks

Feb 2020 - Apr 2020

3 months

Security Consultant

Versicherungskammer Bayern

Supporting the setup of a Security Operations Center (SOC)
Writing and quality-assuring runbooks
Supporting the procurement process and vendor selection
Coordinating and planning penetration tests
Achievements: Successfully supported the setup of a SOC

Sep 2019 - Dec 2020

1 year 4 months

Security Consultant

Zertificon Solutions GmbH

Leading cryptography projects for secure data transmission and encryption
Implementing a project management structure for efficient handling of IT security projects
Preparing approvals for classified information (VS) and CC certifications for security-critical IT systems
Achievements: Successfully optimized security architectures through clear project management and reliable encryption solutions

Mar 2019 - Dec 2024

5 years 10 months

Freelance Security Consultant

APASEC Consulting

Advising on information security and cyber security
Security interim management
Security coaching
Supporting procurement and IT projects
Coordinating security tests

Mar 2019 - Jan 2020

11 months

Interim Management – Risk Manager

Versicherungskammer Bayern

Establishing a VAIT-compliant risk management system with clear roles and processes
Conducting protection needs analyses and creating structured risk reports
Supporting a KRITIS audit and implementing corresponding security measures
Achievements: Establishing a robust risk management system that met regulatory requirements and optimized security processes

Mar 2019 - Aug 2019

6 months

Security Consultant

Douglas / Softline Solutions GmbH

Implementation of an ISMS
Creation of security policies and facilitation of workshops
Advice on cloud security and cyber insurance
Achievements: Successful introduction of an ISMS to streamline security processes

Oct 2018 - Aug 2019

11 months

University Lecturer

Hochschule für Wirtschaft und Recht in Berlin

Organizational Design (eng.)

Aug 2016 - Feb 2019

2 years 7 months

Sales Management Cyber Security

Consist Software Solutions GmbH

Development of a service portfolio
Customer support
Contract negotiation and closing

Jun 2015 - Jul 2016

1 year 2 months

IT Account Manager

Ferchau Engineering GmbH

Recruitment and team leadership
Customer support
Contract negotiation and closing

Oct 2014 - Aug 2018

3 years 11 months

University Lecturer

Beuth Hochschule für Technik in Berlin

Basics of business management
Operations and personnel management

Jan 2014 - May 2015

1 year 5 months

Account Manager

Euro Engineering AG

Recruiting and managing staff
Customer support
Contract negotiation and closing

Jan 2013 - Dec 2015

3 years

Scientific project work in corporate management

Institut für Wertorientierte Unternehmensführung, Beuth Hochschule für Technik, Nordatlantische Doktorandenakademie

Oct 2010 - Sep 2012

2 years

Tutor for financial accounting and cost and performance accounting

Hochschule für Wirtschaft und Recht in Berlin

Sep 1998 - Aug 2010

12 years

Officer in the German Air Force (Captain)

Bundeswehr

IT officer
Data processing and programming officer
Officer in the air force security unit

Industry Experience

See where this freelancer has spent most of their professional time.

Experienced in Aerospace and Defense, Education, Information Technology, Professional Services, Media and Entertainment, and Automotive.

Aerospace and Defense

Education

Information Technology

Professional Services

Media and Entertainment

Automotive

Business Area Experience

See which departments and functions this freelancer has contributed to most.

Experienced in Information Technology, Strategy, Project Management, Quality Assurance, Research and Development, and Customer Service.

Information Technology

Strategy

Project Management

Quality Assurance

Research and Development

Customer Service

Summary

Your specialist for governance structures and security management

Skills

Management Of Cyber Security Projects
Establishment Of Information Security Management Systems (Isms)
Creation Of Security Concepts
Information Risk Management; Development Of Bait And Vait Compliant Risk Management
Project Management For Soc Implementations
Consulting: Siem And Soar, Identity Management And Privileged Access Management, Cloud Security, Etc.
Consulting: Isms – Iso/iec 27001, Bsi It Baseline Protection, Zdv A 960/1, Cisis12
Internal Audits, Awareness Training, Protection Needs And Protection Level Assessment, Structural Analyses
Process Design And Modeling
Agile Project Management
Management And Organizational Concepts
Bait, Kait And Vait Compliance
Dora, Nis2 And Kritis Compliance

Languages

English

Advanced

German

Intermediate

Education

Oct 2012 - Jun 2013

Beuth University of Applied Sciences Berlin

Master of Science · Industrial Engineering (Mechanical Engineering) · Berlin, Germany

Oct 2009 - Sep 2012

Berlin School of Economics and Law in cooperation with Beuth University of Applied Sciences Berlin

Bachelor of Engineering · Industrial Engineering: Environment and Sustainability (Process Engineering) · Berlin, Germany

Certifications & licenses

Certified Cyber Security Incident Manager SOC/CDC CERT/CSIM

Certified ISMS-Lead Implementer ISO/IEC 27001

Certified IT-Risk Manager ISO/IEC 27005/31000

Certified Information Security Officer ISO/IEC 27001

Certified Information Systems Security Professional (CISSP)

Certified Lead Auditor ISO/IEC 27001

Certified TISAX Implementer and Lead Auditor

Certified TISAX Professional

Certified Technical Security Analyst CERT/TSA

DORA Foundation

SCRUM, agilePM (DSDM), ITIL

Certified BSI IT Baseline Protection Expert, Certified CISO, and IT Security Officer

Certified Business Continuity Manager ISO 22301/27031

Statistics

Experience

Total positions 29

Experience in Aerospace and Defense 12 y

Avg length 1 y 9 m

Longest experience 11 y 11 m

Expertise

Recent roles Security Consultant, University Lecturer, Strategic Business Advisor

Main industries Aerospace and Defense, Education, Information Technology

Main business areas Information Technology, Strategy, Project Management

Qualifications

Highest degree Master

Certifications earned 13

Profile

Created

January 2025

Last Update

January 2026

Need a freelancer? Find your match in seconds.

Try FRATCH GPT

Frequently asked questions

Do you have questions? Here you can find further information.

Where is Henryk based?

Henryk is based in Blankenfelde-Mahlow, Germany and prefers 100% remote projects.

What languages does Henryk speak?

Henryk speaks the following languages: English (Advanced), German (Intermediate).

How many years of experience does Henryk have?

Henryk has at least 26 years of experience. During this time, Henryk has worked in at least 15 different roles and for 20 different companies. The average length of individual experience is 1 year and 11 months. Note that Henryk may not have shared all experience and actually has more experience.

What roles would Henryk be best suited for?

Based on recent experience, Henryk would be well-suited for roles such as: Security Consultant, University Lecturer, Strategic Business Advisor.

What is Henryk's latest experience?

Henryk's most recent position is Security Consultant at Daimler AG.

What companies has Henryk worked for in recent years?

In recent years, Henryk has worked for Daimler AG, Thyssenkrupp AG, Hochschule für Technik und Wirtschaft, Kertos GmbH, and Alte Leipziger Lebensversicherung.

Which industries is Henryk most experienced in?

Henryk is most experienced in industries like Aerospace and Defense, Information Technology, and Education. Henryk also has some experience in Professional Services, Media and Entertainment, and Insurance.

Which business areas is Henryk most experienced in?

Henryk is most experienced in business areas like Information Technology, Strategy, and Project Management. Henryk also has some experience in Quality Assurance, Customer Service, and Sales.

Which industries has Henryk worked in recently?

Henryk has recently worked in industries like Information Technology, Professional Services, and Media and Entertainment.

Which business areas has Henryk worked in recently?

Henryk has recently worked in business areas like Information Technology, Project Management, and Quality Assurance.

What is Henryk's education?

Henryk holds a Master in Industrial Engineering (Mechanical Engineering) from Beuth University of Applied Sciences Berlin and a Bachelor in Industrial Engineering: Environment and Sustainability (Process Engineering) from Berlin School of Economics and Law in cooperation with Beuth University of Applied Sciences Berlin.

Does Henryk have any certificates?

Henryk has 13 certificates. Among them, these include: Certified Cyber Security Incident Manager SOC/CDC CERT/CSIM, Certified ISMS-Lead Implementer ISO/IEC 27001, and Certified IT-Risk Manager ISO/IEC 27005/31000.

What is the availability of Henryk?

Henryk is immediately available full-time for suitable projects.

What is the rate of Henryk?

Henryk's rate depends on the specific project requirements. Please use the Meet button on the profile to schedule a meeting and discuss the details.