You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Adi AbbadiAA

Average response time: 1 hour

About Adi

⭐️ Preparing for ISO 27001 certification?

I offer a focused 3-day ISO 27001 Gap Assessment that identifies compliance gaps, prioritises remediation actions, and provides a practical roadmap toward certification readiness.




🟠 I help regulated organisations strengthen cybersecurity governance, prepare for ISO 27001 audits, and reduce security and compliance risk through practical, audit-ready solutions.

With 15+ years of experience across fintech and regulated industries, I have led ISO 27001 implementations, enterprise security architecture, and GRC programmes, including for BaFin-regulated organisations.

Clients typically engage me when they need an experienced consultant who can quickly identify security and compliance gaps, align stakeholders, and provide practical remediation plans without unnecessary complexity.

Most recently, I supported ISO 27001 certification readiness, resulting in successful audits with no major findings by aligning governance, technical controls, and risk management.

I typically begin with a focused 3 to 5-day ISO 27001 Gap Assessment to identify compliance gaps, prioritise remediation actions, and provide a clear roadmap toward certification.




⭕️ Typical first engagement

A focused 3 to 5-day ISO 27001 Gap Assessment that identifies compliance gaps, prioritizes remediation actions, and provides a practical roadmap toward audit readiness. Clients receive a detailed assessment report and actionable recommendations that can be implemented immediately.





🟡 Typical deliverables

• ISO 27001 Gap Assessment Report

• Prioritised Remediation Roadmap

• Risk Register Review

• Statement of Applicability (SoA) Review

• ISMS Documentation Review

• Executive Presentation of Findings

..............
  • English

    Native or bilingual

  • Arabic

    Native or bilingual

  • French

    Basic

Can work on-site
Paris (up to 50km)

Experience

  • Freelancing
    Independent Information Security & GRC Consultant
    November 2025 - Today (8 months)
    - Advise organisations across fintech, technology, and regulated industries on information security governance, risk management, and regulatory compliance initiatives.
    - Conduct ISO 27001 gap assessments, ISMS implementation, audit readiness reviews, and control maturity assessments to support successful certification and surveillance audits.
    - Support clients with NIS2 and DORA readiness by assessing governance, ICT risk management, third-party risk, and security control effectiveness against regulatory expectations.
    - Perform enterprise and cloud security risk assessments, define risk treatment plans, and develop pragmatic remediation roadmaps aligned with business objectives.
    - Design and enhance security governance frameworks, policies, standards, and procedures based on ISO 27001, ISO 27005, NIST CSF, and industry best practices.
    - Provide executive-level security advisory services, translating technical risks into clear business recommendations for leadership and key stakeholders.
    - Collaborate with engineering, operations, and compliance teams to strengthen security architecture, improve control effectiveness, and embed Security by Design principles across technology initiatives.
    ISO 27001 ISO 27001 ISMS Implementation & Audit ISO 27001 Gap Analysis DORA ISO 27001 consulting
  • Internet of Trust,
    Information Security Consultant
    CONSULTING AND AUDITS
    April 2024 - October 2024 (6 months)
    Paris, France
    • ● Conducted security architecture reviews and cloud security risk assessments for digital service providers, applying Security by Design principles.
    • ● Led ISO 27001 gap assessments and ISMS implementation initiatives using ISO 27005 methodology, supporting clients through certification readiness.
    • ● Prepared governance documentation, risk treatment plans, and audit-committee reporting for multiple client engagements.
    • ● Reviewed vendor security controls and performed third-party risk assessments, delivering prioritised remediation roadmaps.
    ISO 27001 ISMS Implementation & Audit Cloud Security Governance (AWS) Security Architecture & Risk Assessment
  • Zalando Payments,
    Senior Information Security Program Manager
    BANKING AND INSURANCE
    January 2022 - March 2024 (2 years and 2 months)
    Berlin, Germany
    • ● Led enterprise security architecture governance and compliance programme for a BaFin-regulated fintech achieved ISO 27001 certification readiness with zero major audit findings.
    • ● Conducted SAP infrastructure risk assessment, integrating SAP security controls into the ISO 27001 ISMS programme and translating findings into actionable remediation plans.
    • ● Performed enterprise risk assessments across cloud infrastructure (AWS), DevOps pipelines, and security processes, defining mitigation strategies aligned with NIST and ISO 27001.
    • ● Collaborated with engineering teams to define and implement security architecture controls across CI/CD environments.
    ISO 27001 ISMS Implementation & Audit Security Architecture & Risk Assessment

Recommendations

Luis Pose GomezLP
SJ
VM
Luis Pose Gomez and 2 other people have recommended Adi

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Education

  • SABSA Chartered Security Architect – Foundation Certificate (SCF)
    2015
    SABSA Chartered Security Architect – Foundation Certificate (SCF)
  • TOGAF Certification
    2015
    TOGAF Certification

Certifications

  • SABSA Chartered Security Architect – Foundation Certificate (SCF)
    SABSA
    2015
  • TOGAF Certification
    Open Group
    2015

Skill set

Categories