15+ years building, leading and auditing enterprise security programmes across globally distributed organisations. ISO/IEC 27001 Lead Auditor with deep expertise in compliance, risk and zero-trust architecture — driving measurable risk reduction at scale.

Results-driven Information Security and IT leader who has built, run and audited enterprise security programmes for globally distributed SaaS and retail organisations — from zero-trust architecture and endpoint security to ISMS governance and vendor risk.
I pair board-level strategy with the engineering credibility to design the controls myself — then prove they work through independent audit.
Certified to design, run and independently audit management systems — from information security to business continuity and AI governance. Select any credential to view the certificate.
ISMS owner and Compliance Officer for a global SaaS company. Governs full compliance with ISO 27001:2022, SOC 2, PCI-DSS Service Provider Level 2 and NIS2; runs every audit cycle end-to-end and leads the zero-trust, zero-touch MDM programme.
Built the ISO 27001 ISMS and SOC 2 programme from the ground up, owned the full vulnerability lifecycle, and served as Data Protection Officer (DPO) for GDPR — embedding security and privacy by design across engineering, legal and product.
Led global TechOps, DevOps and IT Support. Delivered ISO 27001 and SOC 2 certifications from scratch, established business-continuity controls on Fusion Framework, and drove cloud hardening and privilege segregation.
Led IT strategy and transformation for 1,000+ employees across 300+ locations, including security-zone segregation, Azure cloud migration and a group-wide Office 365 / Azure AD rollout.
Owned infrastructure and security across offices in 11 countries — IT security policies and SOPs, GDPR compliance, complex disaster-recovery solutions and full Azure / Dynamics environments.
Managed Windows Server, AD and Exchange estates and wrote server security standards. Implemented an MS BizTalk EDI solution that cut warehouse picking from 2.5 minutes to 7 seconds per package.
Led the full security audit and recovery response following a RYUK ransomware attack. Designed an emergency “Tango Down” containment procedure, hardened Fortinet infrastructure end-to-end, and deployed centralised monitoring with least-privilege network policies.
Designed and implemented complete information security management systems from the ground up across two global SaaS organisations — scoping, risk assessment, control design and audit management — achieving ISO 27001 and SOC 2 certification and managing every surveillance cycle since.
Built an enterprise server room from scratch — 12× ESXi hosts, SAN arrays, a VMware HA cluster and FortiGate firewalls — and engineered a 400-tunnel VPN connecting every store and HQ across Europe — then built and led the 17-person infrastructure team to run it.
Implemented MS BizTalk integrated with 12 logistics carriers, EDIportal XML, Navision and Consignor — automating the entire warehouse pipeline end-to-end. Picking time per package dropped from 2.5 minutes to 7 seconds.
Security isn't a document set — it's an operating system for the business. I build it to be audited, and run it like it matters.
Founded in 2016, my consultancy has delivered ERP rollouts, IT security audits and ISO certifications for clients across Europe. Today it helps organisations achieve and maintain compliance with international standards — minimising operational and cyber risk through pragmatic, audit-ready implementations.
Visit axperts.pl ↗Six quick questions for an instant maturity read — no email required.
Seeking a senior Information Security leadership role — Head of InfoSec, CISO or Security & Compliance Lead. Always glad to talk security.