Max Chernousov - Cyber Security, Audit, GRC

Q: Where is Max based?

Max is based in Amstelveen, Netherlands and can operate in on-site , hybrid , and remote work models.

Q: What languages does Max speak?

Max speaks the following languages: English (Advanced), Russian (Advanced), Dutch (Elementary) .

Q: How many years of experience does Max have?

Max has at least 22 years of experience. During this time, Max has worked in at least 9 different roles and for 9 different companies . The average length of individual experience is 2 years and 5 months . Note that Max may not have shared all experience and actually has more experience.

Q: What is Max's latest experience?

Max's most recent position is Cyber Security, Audit, GRC at Freelance .

Q: What companies has Max worked for in recent years?

In recent years, Max has worked for Freelance , Gorillas / Getir NL , and Mollie .

Q: Which industries is Max most experienced in?

Max is most experienced in industries like Education , Telecommunication , and Professional Services . Max also has some experience in Banking and Finance , Information Technology , and Retail .

Q: Which business areas is Max most experienced in?

Max is most experienced in business areas like Information Technology , Operations , and Audit . Max also has some experience in Quality Assurance , Finance , and Legal .

Q: Which industries has Max worked in recently?

Max has recently worked in industries like Information Technology , Professional Services , and Retail .

Q: Which business areas has Max worked in recently?

Max has recently worked in business areas like Information Technology , Audit , and Quality Assurance .

Recommended expert

Amstelveen, Netherlands

Check rate

Experience

Jan 2024 - Present

2 years 5 months

Cyber Security, Audit, GRC

Freelance

Various projects with Wolters Kluwer (Security IT Audit) and Nebius AI (SOC 2, ISO 27001 and SOX controls implementation).

Jan 2022 - Jan 2024

2 years 1 month

Head of Cyber Security

Gorillas / Getir NL

Information Security strategy development aligned with the company's goals and the unicorn’s risk appetite.
Contributing to higher evaluation of the company targeting investment rounds and IPO. Participation in Tech Due Diligence.
Performing risk-based assessments and controls implementation (GDPR, ISO 27002:2022). Development of internal security processes, policies and procedures (ISO 27001, NIST 800-53, CIS 8).

Jan 2021 - Dec 2021

1 year

Information Security Officer

Mollie

Information security governance and security operations implementation for the fast-growing fintech scale-up (300->800).
PCI DSS, PSD2, KYC and GDPR compliance activities.
IT & Security Risk assessment according to the DNB requirements.
Reporting on threats, security gaps and risk response plans.

Jan 2020 - Dec 2020

1 year

IT Risk & Security Lead

SBM Offshore

Leading transformation in IT supporting implementation of a solid IT internal control framework for internal and external audits.

Jan 2019 - Dec 2019

1 year

Group Senior Manager Internal Control - Digital and Technology

VEON

Internal control strategy, implementation and testing (SOX, IT).
Oracle Fusion internal control implementation (FCPA, SOX and anti-bribery and corruption controls).
Internal control reporting to the Board (Risk & Audit Committee).
Third-party SOC reporting evaluation (Oracle, Ericsson, Amdocs), including SOC 1/2, ISO 27001, ISO 27017, ISO 27018.
Cyber-security risks and controls advisory and project work.
Management self assessment (Internal SOX certification).

Aug 2016 - Dec 2018

2 years 5 months

Manager - Risk Advisory

Deloitte

Leading an IT SOX audit at the largest national telecom holding (100M subscribers); responsible for revenue and IT processes assessment.
Cyber risk assessments, internal policies development based on ISO 27001/27002 and COBIT5 frameworks; M&A Due Diligence (cybersecurity and IT part) and development of an IT & cyber security roadmap for IPO.
Internal audit advisory (Banking, FinTech, TMT).
Mentored and developed 10 team members, helping them to grow to the next level (grades from Intern to Assistant Manager).

May 2014 - Aug 2016

2 years 4 months

Internal IT Auditor

Megafon

Conducted risk-based IT audits to provide reasonable assurance to management on risks affecting company goals.
Ensured effective follow-up and remediation of issues and deviations.
Improved efficiency through process optimization.
Performed fraud investigation and management consulting.
Advised management on building internal control systems.
Analyzed current financial and business activities.

Sep 2013 - May 2014

9 months

Remote

Service Delivery Lead

Hewlett-Packard

Supervised first and second line technical support teams (30 FTE) for 2000+ office and remote users.
Supported server-side hardware and infrastructure software (HP ProLiant bare metal, 3Par, Microsoft, Symantec).
Configured, maintained and monitored on-premises infrastructure (VMware).
Implemented HP ITSM standards.

Sep 2004 - Sep 2013

9 years 1 month

Deputy CIO

Management Academy

Supported and maintained 30 servers (Windows Server 2003/2008, Gentoo Linux).
Designed and implemented a fail-over VMware 3.5 cluster.
Managed a fleet of 350 PCs, terminals and over 2000 active users.
Administered LAN/WAN networking and Linux-based networking services (OSPF, BIND, Apache, MySQL, PHP, Nginx, Samba, iptables, proxy).
Maintained telecommunication infrastructure, including switches, routers and VoIP.

Industry Experience

See where this freelancer has spent most of their professional time.

Experienced in Education, Telecommunication, Professional Services, Banking and Finance, Information Technology, and Retail.

Education

Telecommunication

Professional Services

Banking and Finance

Information Technology

Retail

Business Area Experience

See which departments and functions this freelancer has contributed to most.

Experienced in Information Technology, Operations, Audit, Quality Assurance, Finance, and Legal.

Information Technology

Operations

Audit

Quality Assurance

Finance

Legal

Skills

Risk Management ★★★★★
Audit & Assurance ★★★★★
Security Operations ★★★★★
Infrastructure Security ★★★★☆
Cloud Security ★★★★☆
Product Security ★★★★★
Iso 27001/2 ★★★★★
Soc Aicpa ★★★★★
Pci Dss ★★★★☆
Gdpr ★★★★☆
Pcaob (It Sox) ★★★★★

Languages

English

Advanced

Russian

Advanced

Dutch

Elementary

Education

Oct 2013 - Jun 2015

HSE University

Computer Science · Computer Science · Moskva, Russian Federation

Oct 2003 - Jun 2008

Municipal Management Academy

Management · Management

Certifications & licenses

Certified Information Systems Auditor (CISA)

VEON | Group Senior Manager Internal Control - Certified Information Systems Digital and Technology

Certified Ethical Hacker (CEH)

Certified Internal Auditor (CIA)

Cisco Certified CyberOps Associate

Google Project Management

Statistics

Experience

Total positions 9

Experience in Education 9 y

Avg length 2 y 4 m

Longest experience 9 y

Expertise

Recent roles Cyber Security, Audit, GRC, Head of Cyber Security, Information Security Officer

Main industries Education, Telecommunication, Professional Services

Main business areas Information Technology, Operations, Audit

Qualifications

Highest degree Master

Certifications earned 5

Profile

Created

October 2025

Need a freelancer? Find your match in seconds.

Try FRATCH GPT

Frequently asked questions

Have questions? Find more information here.

Where is Max based?

Max is based in Amstelveen, Netherlands and can operate in on-site, hybrid, and remote work models.

What languages does Max speak?

Max speaks the following languages: English (Advanced), Russian (Advanced), Dutch (Elementary).

How many years of experience does Max have?

Max has at least 22 years of experience. During this time, Max has worked in at least 9 different roles and for 9 different companies. The average length of individual experience is 2 years and 5 months. Note that Max may not have shared all experience and actually has more experience.

What roles would Max be best suited for?

Based on recent experience, Max would be well-suited for roles such as: Cyber Security, Audit, GRC, Head of Cyber Security, Information Security Officer.

What is Max's latest experience?

Max's most recent position is Cyber Security, Audit, GRC at Freelance.

What companies has Max worked for in recent years?

In recent years, Max has worked for Freelance, Gorillas / Getir NL, and Mollie.

Which industries is Max most experienced in?

Max is most experienced in industries like Education, Telecommunication, and Professional Services. Max also has some experience in Banking and Finance, Information Technology, and Retail.

Which business areas is Max most experienced in?

Max is most experienced in business areas like Information Technology, Operations, and Audit. Max also has some experience in Quality Assurance, Finance, and Legal.

Which industries has Max worked in recently?

Max has recently worked in industries like Information Technology, Professional Services, and Retail.

Which business areas has Max worked in recently?

Max has recently worked in business areas like Information Technology, Audit, and Quality Assurance.

What is Max's education?

Max holds a Master in Computer Science from HSE University and a Bachelor in Management from Municipal Management Academy.

Does Max have any certificates?

Max has 5 certificates. Among them, these include: Certified Information Systems Auditor (CISA), Certified Ethical Hacker (CEH), and Certified Internal Auditor (CIA).