About Adi
I help organisations prepare for ISO 27001 certification, pass audits, and close critical security and compliance gaps quickly.
I specialise in turning ISO 27001 requirements into audit-ready, operational security systems that hold up under real regulatory and enterprise scrutiny.
I have led ISO 27001 implementations, enterprise security architecture, and GRC programmes across fintech and regulated environments in Europe, including BaFin-regulated organisations where audit readiness and control effectiveness were critical.
Most recently, I supported ISO 27001 certification readiness at scale, resulting in successful audits with no major findings by aligning governance, technical controls, and risk management into a single coherent system.
I typically start with a focused 3–10 day ISO 27001 gap assessment or security review, designed as a low-risk entry point to quickly validate your current state before any larger engagement.
English
Native or bilingual
Arabic
Native or bilingual
French
Basic
Remote only
Primarily works remotely
Experience
- Internet of Trust,Information Security ConsultantCONSULTING AND AUDITSApril 2024 - October 2024 (6 months)Paris, France• ● Conducted security architecture reviews and cloud security risk assessments for digital service providers, applying Security by Design principles.• ● Led ISO 27001 gap assessments and ISMS implementation initiatives using ISO 27005 methodology, supporting clients through certification readiness.• ● Prepared governance documentation, risk treatment plans, and audit-committee reporting for multiple client engagements.• ● Reviewed vendor security controls and performed third-party risk assessments, delivering prioritised remediation roadmaps.
- Zalando Payments,Senior Information Security Program ManagerBANKING AND INSURANCEJanuary 2022 - March 2024 (2 years and 2 months)Berlin, Germany• ● Led enterprise security architecture governance and compliance programme for a BaFin-regulated fintech achieved ISO 27001 certification readiness with zero major audit findings.• ● Conducted SAP infrastructure risk assessment, integrating SAP security controls into the ISO 27001 ISMS programme and translating findings into actionable remediation plans.• ● Performed enterprise risk assessments across cloud infrastructure (AWS), DevOps pipelines, and security processes, defining mitigation strategies aligned with NIST and ISO 27001.• ● Collaborated with engineering teams to define and implement security architecture controls across CI/CD environments.
- Oat and Skillet,Security Programme Manager — Digital PlatformBANKING AND INSURANCEApril 2020 - December 2021 (1 year and 8 months)Berlin, Germany• ● Designed and implemented end-to-end security architecture and governance framework for a cloud-based digital platform, applying Security by Design principles.• ● Conducted cloud infrastructure risk assessments and security architecture reviews to support audit readiness and compliance.• ● Assessed vendor risk exposure and executed structured remediation planning; implemented GDPR-compliant data protection controls.
Recommendations
SJ
VM
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- SABSA Chartered Security Architect – Foundation Certificate (SCF)2015SABSA Chartered Security Architect – Foundation Certificate (SCF)
- TOGAF Certification2015TOGAF Certification
Certifications
- SABSA Chartered Security Architect – Foundation Certificate (SCF)SABSA2015
- TOGAF CertificationOpen Group2015