AVAILABLE FOR SENIOR INFOSEC LEADERSHIP

Dariusz
Zalewski

Head of Information Security

15+ years building, leading and auditing enterprise security programmes across globally distributed organisations. ISO/IEC 27001 Lead Auditor with deep expertise in compliance, risk and zero-trust architecture — driving measurable risk reduction at scale.

15+
YEARS
4×
ISO LEAD AUDITOR
2
ISMS ZERO→CERTIFIED
300+
SITES SECURED
Dariusz Zalewski
SECURITY POSTURE
ISO 27001COMPLIANT
SOC 2ACTIVE
NIS2READY
ID // CISOVERIFIED
ISO/IEC 27001  ◆  SOC 2 TYPE II  ◆  PCI-DSS  ◆  NIS2  ◆  ISO 22301  ◆  ISO 42001  ◆  GDPR  ◆  ZERO-TRUST  ◆  INCIDENT RESPONSE  ◆  ISO/IEC 27001  ◆  SOC 2 TYPE II  ◆  PCI-DSS  ◆  NIS2  ◆  ISO 22301  ◆  ISO 42001  ◆  GDPR  ◆  ZERO-TRUST  ◆  INCIDENT RESPONSE  ◆  ISO/IEC 27001  ◆  SOC 2 TYPE II  ◆  PCI-DSS  ◆  NIS2  ◆  ISO 22301  ◆  ISO 42001  ◆  GDPR  ◆  ZERO-TRUST  ◆  INCIDENT RESPONSE  ◆  ISO/IEC 27001  ◆  SOC 2 TYPE II  ◆  PCI-DSS  ◆  NIS2  ◆  ISO 22301  ◆  ISO 42001  ◆  GDPR  ◆  ZERO-TRUST  ◆  INCIDENT RESPONSE  ◆  
00 / PROFILE

Strategic leadership with hands-on technical depth.

Results-driven Information Security and IT leader who has built, run and audited enterprise security programmes for globally distributed SaaS and retail organisations — from zero-trust architecture and endpoint security to ISMS governance and vendor risk.

I pair board-level strategy with the engineering credibility to design the controls myself — then prove they work through independent audit.

BASED IN
Warzymice, PL
FOCUS
InfoSec · CISO
STATUS
Available
// LIVE ISMS TELEMETRYMONITORING
A.5 Policies100%
A.8 Asset Mgmt96%
A.9 Access Control98%
BCM Readiness93%
[OK] ISO 27001 A.8.16 monitoring active[OK] SOC 2 CC6.1 access review passed[OK] Risk register reconciled — 0 overdue[SCAN] Vulnerability sweep complete[OK] NIS2 incident playbook validated[OK] BCM failover test — RTO met[OK] ISO 27001 A.8.16 monitoring active[OK] SOC 2 CC6.1 access review passed[OK] Risk register reconciled — 0 overdue[SCAN] Vulnerability sweep complete[OK] NIS2 incident playbook validated[OK] BCM failover test — RTO met
01 / CREDENTIALS

Lead Auditor across four ISO standards

Certified to design, run and independently audit management systems — from information security to business continuity and AI governance. Select any credential to view the certificate.

FURTHER VERIFIED CREDENTIALS
C)ISSO — Mile2NSE 4 — FortiGateAgilePM® FoundationMongoDB AdministratorNSE 4 · Azure · System Center
02 / EXPERTISE

Core competencies

GOVERNANCE & AUDIT
  • ISO 27001 ISMS design & audit
  • SOC 2 Type I & II
  • PCI-DSS & NIS2 compliance
  • GDPR & DPO function
RISK & CONTINUITY
  • Risk management & gap analysis
  • Business continuity (ISO 22301)
  • Fusion Framework GRC platform
  • Vendor & supply-chain risk
ARCHITECTURE & CLOUD
  • Zero-trust & zero-touch MDM
  • Cloud security (Azure, AWS)
  • Identity — Okta, AD, Jamf
  • Network security — FortiGate
OPERATIONS & LEADERSHIP
  • Incident response & recovery
  • Security awareness programmes
  • Budget & procurement
  • Globally distributed teams

Years on the tools

IN IT SINCE 2008
SECURITY & ISO CERTIFICATIONS
Cybersecurity12 yrs
ISO 27001 · Lead Auditor11 yrs
ISO 22301 · Lead Auditor7 yrs
ISO 42001 · Lead Auditor3 yrs
Risk management11 yrs
SOC 25 yrs
LEADERSHIP & DELIVERY
IT management8 yrs
Leadership8 yrs
Project management8 yrs
ITIL processes8 yrs
IT budget & procurement8 yrs
Vendor management7 yrs
INFRASTRUCTURE & CLOUD
Networking12 yrs
Windows Server12 yrs
Virtualization11 yrs
Office 365 / Azure7 yrs
Active Directory12 yrs
FortiGate firewalls8 yrs
PLATFORMS & DATA
MS Exchange11 yrs
MS SQL Server9 yrs
MS Dynamics AX / 3655 yrs
Okta / Jamf5 yrs
Synology storage10 yrs
MongoDB4 yrs
03 / TRACK RECORD

Experience

Feb 2023 — PresentGLOBAL · SAAS

Director of IT & Security

Alokai Inc. (formerly Vue Storefront)

ISMS owner and Compliance Officer for a global SaaS company. Governs full compliance with ISO 27001:2022, SOC 2, PCI-DSS Service Provider Level 2 and NIS2; runs every audit cycle end-to-end and leads the zero-trust, zero-touch MDM programme.

Feb 2024 — Mar 2026GLOBAL · SOFTWARE

Head of Security & Compliance

KeyShot ApS

Built the ISO 27001 ISMS and SOC 2 programme from the ground up, owned the full vulnerability lifecycle, and served as Data Protection Officer (DPO) for GDPR — embedding security and privacy by design across engineering, legal and product.

Aug 2021 — Aug 2023GLOBAL · TECHOPS

VP, Head of IT Operations

Zoovu Limited

Led global TechOps, DevOps and IT Support. Delivered ISO 27001 and SOC 2 certifications from scratch, established business-continuity controls on Fusion Framework, and drove cloud hardening and privilege segregation.

Feb 2020 — Oct 2021CENTRAL EUROPE

IT Director — Central Europe

Ramirent S.A.

Led IT strategy and transformation for 1,000+ employees across 300+ locations, including security-zone segregation, Azure cloud migration and a group-wide Office 365 / Azure AD rollout.

Jul 2018 — Feb 202011 COUNTRIES

Group IT Infrastructure Manager / Interim CIO

Change of Scandinavia

Owned infrastructure and security across offices in 11 countries — IT security policies and SOPs, GDPR compliance, complex disaster-recovery solutions and full Azure / Dynamics environments.

2015 — 2018POLAND

IT Systems Administrator / Deputy Infra Manager

Change of Scandinavia · Prime Cargo

Managed Windows Server, AD and Exchange estates and wrote server security standards. Implemented an MS BizTalk EDI solution that cut warehouse picking from 2.5 minutes to 7 seconds per package.

// BY THE NUMBERS
2008
IN IT SINCE
11
COUNTRIES OPERATED IN
17
PERSON TEAM BUILT
1000+
USERS SUPPORTED
400
VPN TUNNELS ENGINEERED
7s
PICKING TIME · FROM 2.5 MIN
04 / FIELD WORK

Notable security projects

INCIDENT RESPONSE

RYUK Ransomware Recovery

Carlsberg Breweries A/S

Led the full security audit and recovery response following a RYUK ransomware attack. Designed an emergency “Tango Down” containment procedure, hardened Fortinet infrastructure end-to-end, and deployed centralised monitoring with least-privilege network policies.

RYUK
CONTAINED & RECOVERED
ISMS BUILD

Zero-to-Certified ISMS

Zoovu & Alokai

Designed and implemented complete information security management systems from the ground up across two global SaaS organisations — scoping, risk assessment, control design and audit management — achieving ISO 27001 and SOC 2 certification and managing every surveillance cycle since.

ISO 27001 + SOC 2
INFRASTRUCTURE

Pan-European Secure Network

Change of Scandinavia A/S

Built an enterprise server room from scratch — 12× ESXi hosts, SAN arrays, a VMware HA cluster and FortiGate firewalls — and engineered a 400-tunnel VPN connecting every store and HQ across Europe — then built and led the 17-person infrastructure team to run it.

400
VPN TUNNELS
AUTOMATION

Warehouse EDI Automation

Prime Cargo A/S

Implemented MS BizTalk integrated with 12 logistics carriers, EDIportal XML, Navision and Consignor — automating the entire warehouse pipeline end-to-end. Picking time per package dropped from 2.5 minutes to 7 seconds.

7s
FROM 2.5 MIN / PKG
// OPERATING PRINCIPLE

Security isn't a document set — it's an operating system for the business. I build it to be audited, and run it like it matters.

05 / CONSULTANCY
AAxperts

Compliance & security, delivered.

Founded in 2016, my consultancy has delivered ERP rollouts, IT security audits and ISO certifications for clients across Europe. Today it helps organisations achieve and maintain compliance with international standards — minimising operational and cyber risk through pragmatic, audit-ready implementations.

Visit axperts.pl ↗
ISO 27001
Information security implementation & audit
NIS2
Directive readiness & gap remediation
ISO 22301
Business continuity management
ISO 42001
AI management systems & governance
06 / LANGUAGES
EnglishC2
PROFICIENT
PolishNATIVE
MOTHER TONGUE
GermanB2
INDEPENDENT
// READINESS CHECK

Are you NIS2 & ISO 27001 ready?

Six quick questions for an instant maturity read — no email required.

QUESTION 1 / 60%

Do you have a documented, board-approved information security policy (ISMS)?

OPEN TO OPPORTUNITIES

Let's secure
what matters.

Seeking a senior Information Security leadership role — Head of InfoSec, CISO or Security & Compliance Lead. Always glad to talk security.