FRATCH

Recommended expert

Lauta, Germany

Experience

Jul 2020 - Present

5 years 9 months

Freelance Consultant Information Security and Business Continuity

Freelance Business Consulting

Provide consulting services nationwide in both private and public sectors
Advise on information security management systems, IT Baseline Protection, KRITIS compliance, TISAX, business continuity and crisis management
Support introduction of policies, risk management methods, asset registers and supplier management
Conduct internal audits, training workshops and support audit preparations

Jan 2011 - Jun 2020

9 years 6 months

Senior Consultant Information Security, Quality and Business Continuity

One of the largest IT service providers in Europe

Conducted risk, security and IT emergency assessments of diverse technologies for individual IT services and entire infrastructures of various companies
Audited and designed security for proprietary and standard software, including databases, operating systems, enterprise service bus, middleware, networks, web applications, cloud computing, IoT use cases, SAP, BI, MDM, SharePoint
Gained over 14 years of experience in auditing and building management systems according to ISO 27001, ISO 22301, IT Baseline Protection and other standards
Led projects responsible for creating policies, introducing risk management methods according to ISO 27001, ISO 27005 & ISO 31000, awareness measures, internal audits and support for initial, recertification and surveillance audits

Industry Experience

See where this freelancer has spent most of their professional time.

Experienced in Information Technology and Professional Services.

Information Technology

Professional Services

Business Area Experience

See which departments and functions this freelancer has contributed to most.

Experienced in Information Technology, Project Management, Quality Assurance, Audit, and Operations.

Information Technology

Project Management

Quality Assurance

Audit

Operations

Summary

As a Senior Consultant in Information Security, Quality and Business Continuity since 2011 for one of Europe's largest IT service providers. This involved conducting risk, security and IT emergency assessments of various technologies, both for individual IT services and entire infrastructures of different companies. Auditing and security design for various proprietary and standard software, e.g., databases, operating systems, enterprise service bus, middleware, networks, web applications, cloud computing, IoT use cases, SAP, BI, MDM, SharePoint etc.

This has provided over 14 years of experience in auditing and building management systems according to ISO 27001, ISO 22301, IT Baseline Protection and other standards. As project manager responsible for creating policies, implementing risk management methods according to ISO 27001, ISO 27005 & ISO 31000, awareness measures, internal auditing and support for initial, recertification and surveillance audits.

Since mid-2020 working as a freelance consultant across Germany in both the private and public sectors.

Skills

Technical Focus Areas

Information Security Management System (Iso 27001)
It Baseline Protection (Bsi Standards 200-1 To 200-3 And 200-4)
It Security Catalog Per §11 (1a) Enwg (08/2015)
Trusted Information Security Assessment Exchange (Tisax)
Business Continuity & Crisis Management (Iso 22301, Bci Gpg)
It-service Management System (Iso 20000)
Quality Management System (Iso 9001)
Risk Analyses (Iso 27001, Iso 27005, Iso 31000, Ms Stride)
Security, Authorization And Data Protection Concepts For Various It Services
Project Management

Methodical Competencies

Risk Analyses (Iso 31000, Iso 27005, Cramm, Marisk, Ms Stride, Nist)
Business Impact Analyses (Iso 22301, Iso 22317, Bsi 200-4 And Bci Gpg)
Scoping And Asset Management (Iso 27003, Iso 27005, Cmdb)
Creating Policies, Procedures And Security Concepts
It Security Concepts (Segregation, Segmentation, Cia, Layered Security, Etc.)
Audits According To Iso 19011, Awareness Measures And Presentations
Workshop Facilitation And Project Management (Traditional And Agile, E.g., Scrum)
It Baseline Protection (Bsi Standards 200-1 To 200-3 And 200-4)
It Service Management And Governance (Iso 20000, Itil, Spice, Cobit, Coso)
Quality Management (Iso 9001 And Iso/ts 16949)
Data Protection Management (Bdsg, Gdpr)
Kritis: B3s, Oha Sza, Specification Bsi §8a
Current Regulations: Dora, Nis2, Ai Act, Cra, Kritis

Technological Competencies

Hardening, Patch & Vulnerability Management, Network Security
Cloud Computing, Big Data, Business Intelligence
Sap Security & Compliance
Iot & Iiot, Industrial Security, Industry 4.0
Web Technologies
Cryptographic Technologies
Access Management
Test Data Anonymization
Software Development Processes, E.g., Waterfall, Scrum
Standard Software, E.g., Ms Sharepoint, Apache Http Server, Etc.
Programming Languages (C, C++, C+, Java, Vb, Html)
Security Services, E.g., Siem, Soc Etc.

Tools

Microsoft Office Including Vba And Openoffice
Ms Project
Verinice, Docsetminder
Document Management Systems, E.g., Sharepoint
Jira, Confluence
Task Management Tools, Ticketing Tools
Bizagi Bpmn Modeler, Aris

Soft Skills

Communication Skills - Presenting Complex Topics
Problem-solving Skills
Resilience
Analytical Thinking
Teamwork
Self-management And Sense Of Responsibility

Languages

German

Advanced

English

Advanced

Education

Master of Science, Diploma in Computer Science · Computer Science

Certifications & licenses

Additional Audit Procedure Competence §8a (3) BSIG

Lead Auditor ISO/IEC 27001:2022 Transition course

Lead Auditor ISO/IEC 22301:2019 Transition course

Crisis Management Essentials

First Aid Refresher Training

Emotional Leadership Practitioner

German Red Cross First Aid Course

IT Training: Successfully Planning, Designing and Conducting

Lead Auditor ISO/IEC 9001:2008

Internal Auditor Training

Lead Auditor ISO/IEC 27001:2013 Transition course

Auditor ISO 20000

Internal Auditor Training

Experience Workshop for Auditors

Lead Auditor ISO/IEC 27001:2005

Lead Auditor ISO 22301:2012

Implementation Course ISO/IEC 27001:2005

"Classified - For Official Use Only" (VS-NfD)

Statistics

Experience

Total positions 2

Experience in Information Technology 9.5 y

Avg length 7 y 7 m

Longest experience 9 y 5 m

Expertise

Recent roles Freelance Consultant Information Security and Business Continuity, Senior Consultant Information Security, Quality and Business Continuity

Main industries Information Technology, Professional Services

Main business areas Information Technology, Project Management, Quality Assurance

Qualifications

Highest degree Master

Certifications earned 18

Profile

Created

July 2025

Need a freelancer? Find your match in seconds.

Try FRATCH GPT

Frequently asked questions

Do you have questions? Here you can find further information.

Where is Robert based?

Robert is based in Lauta, Germany.

What languages does Robert speak?

Robert speaks the following languages: German (Advanced), English (Advanced).

How many years of experience does Robert have?

Robert has at least 15 years of experience. During this time, Robert has worked in at least 2 different roles and for 2 different companies. The average length of individual experience is 8 years and 7 months. Note that Robert may not have shared all experience and actually has more experience.

What roles would Robert be best suited for?

Based on recent experience, Robert would be well-suited for roles such as: Freelance Consultant Information Security and Business Continuity, Senior Consultant Information Security, Quality and Business Continuity.

What is Robert's latest experience?

Robert's most recent position is Freelance Consultant Information Security and Business Continuity at Freelance Business Consulting.

What companies has Robert worked for in recent years?

In recent years, Robert has worked for Freelance Business Consulting.

Which industries is Robert most experienced in?

Robert is most experienced in industries like Information Technology and Professional Services.

Which business areas is Robert most experienced in?

Robert is most experienced in business areas like Information Technology, Project Management, and Quality Assurance. Robert also has some experience in Audit and Operations.

Which industries has Robert worked in recently?

Robert has recently worked in industries like Professional Services.

Which business areas has Robert worked in recently?

Robert has recently worked in business areas like Audit, Information Technology, and Operations.

What is Robert's education?

Robert holds a Master in Computer Science.

Does Robert have any certificates?

Robert has 18 certificates. Among them, these include: Additional Audit Procedure Competence §8a (3) BSIG, Lead Auditor ISO/IEC 27001:2022 Transition course, and Lead Auditor ISO/IEC 22301:2019 Transition course.

What is the availability of Robert?

Robert is immediately available for suitable projects.

What is the rate of Robert?

Robert's rate depends on the specific project requirements. Please use the Meet button on the profile to schedule a meeting and discuss the details.