Description

My name is Willem.

I help startups, SaaS companies and growing businesses turn information security, data protection and compliance into a business enabler — not a blocker.

I am an Information Security Consultant and former Director / Acting CISO with 5+ years of hands-on experience building and operating security programs in fast-moving European tech companies. I have led and supported ISO 27001, SOC 2, TISAX, Cyber Essentials, CyberVadis, supplier security, customer security reviews, risk management, business continuity, awareness, and governance initiatives.

My work is practical, business-oriented and focused on outcomes: helping you win customer trust, answer enterprise security questionnaires, prepare for audits, structure your ISMS, reduce security gaps, and make security understandable for teams and leadership.

I can support you with:

ISO 27001 readiness and implementation

SOC 2 readiness

TISAX and Cyber Essentials preparation

Security policies and ISMS documentation

Risk assessments and treatment plans

Customer security questionnaires and trust documentation

Vendor risk management

GDPR and data protection support

AI governance and practical security controls

Fractional security leadership for startups and SMEs

Through CyberPango, I focus on clear, efficient and tailored security support for companies that need senior information security expertise without hiring a full-time CISO.

My approach is simple: understand your business, identify what matters most, build what is useful, and help you move faster with customers, auditors, investors and partners.

Keywords: Information Security, Cybersecurity, ISO 27001, SOC 2, TISAX, GDPR, ISMS, Security Governance, Risk Management, Vendor Risk, Audit Readiness, CISO, Fractional CISO, Security Questionnaires, SaaS Security, Startup Security.

Languages

English
Native or bilingual
French
Native or bilingual
German
Fluent

Workplace preferences

Can work on-site

Berlin (up to 50km)

CyberPango
Independent Information Security Consultant
February 2021 - Today (5 years and 5 months)
Berlin, Germany
• · Advised B2B SaaS and technology companies as an external consultant on security and compliance readiness across ISO 27001, SOC 2 Type I/II, GDPR, USDP, EU Al Act and customer assurance, including client work for lizzyAl, Staffbase SE and Legal Nodes Ltd.
Hyphe Markets GmbH
VP Information Security Risk & Business Continuity Management / Data Protection Coordinator
January 2026 - April 2026 (3 months)
Berlin, Germany
• · Led information security, risk management, business continuity and data protection coordination in the context of cryptocurrency liquidity solutions for financial institutions.
• · Supported DORA readiness across governance, risk management and operational resilience topics.
• · Worked on security and compliance requirements relevant to institutional financial services customers.
CoachHub GmbH
Director of Information Security / Acting CISO
February 2021 - July 2025 (4 years and 5 months)
Berlin, Germany
• · Led the information security function for a high-growth, cloud-based B2B SaaS company, managing platform security, corporate security governance and a two-person security team.
◦ · Owned the ISMS and audit readiness program, including ISO 27001 certification cycles from 2021 onwards, SOC 2 Type I readiness in 2022 and SOC 2 Type II audits in 2023 and 2024.
◦ · Led TISAX assessments in 2022 and 2025, Cyber Essentials from 2021 onwards, and CyberVadis in 2025. . Built security governance, risk management, vendor security, awareness, business continuity and audit readiness processes in a fast-scaling SaaS environment.
◦ · Oversaw the creation and implementation of a SIEM capability from scratch.
◦ · Supported enterprise customer security reviews, procurement processes and trust-building activities for strategic customers.