NIS2 Security Audits Consulting Training About Legal Notice Privacy Policy Contact Free Consultation →
IT Security Consultant & Lecturer · Northern Germany

IT Security
that actually
works.

No corporate overhead, no sales pressure – just direct consulting from a certified expert. I make IT security understandable, actionable and sustainable. For SMEs, trades and public authorities across Germany.

Free Initial Consultation → What I offer
15+
Years IT Experience
100+
Systems audited & secured
100%
Personal Support
🏆
CISSP Certified
The highest international certification for IT security – awarded by ISC².
🚫🏢
No Corporation
Freelancer – you pay for expertise, not for overhead and sales structures.
Direct & Personal
No ticket system, no hold music. You reach me directly – always.
📍
On-site & Remote
Northern Germany – and available remotely throughout Germany.
⚖️
NIS2 · ISO 27001 · BSI · GDPR
All relevant standards from one source – hands-on, documented, audit-ready.
Industries
KMU Mid-size Business Trades Public Sector Education
Qualifications
CISSP (ISC²) NIS2-Experte IHK-Certified Trainer
Why this matters

Most companies
wait
too long.

Cyberattacks no longer only target large corporations. Phishing, ransomware and compliance gaps are the reality for SMEs, trades and public authorities – often unnoticed until it's too late. I help you change that. Before it becomes a problem.

📧
Phishing and Social Engineering
90% of all cyberattacks start with an email. One click is all it takes – and the entire network is compromised.
⚖️
NIS2 and Compliance Requirements
Non-compliance risks fines of up to €10 million. Many companies don't even know if they're affected.
🔓
Unknown Vulnerabilities
Outdated systems, weak passwords, open ports – attackers find these gaps faster than you think.
🤷
Employees as a Risk Factor
Without awareness training, every employee is a potential vulnerability. Knowledge protects better than any firewall.
Services

What I do for you

Four core areas – all from one source, all from real-world practice.

01
🛡️
NIS2 Compliance

Are you affected by the new EU requirements? I assess your exposure, create a gap analysis and guide you step by step to audit-ready implementation – calmly and with a clear plan.

  • Scope assessment for your sector
  • Gap analysis and prioritized action plan
  • Documentation and evidence management
  • Preparation for regulatory audits
Learn more →
02
🔍
Security Audits

Where are your real vulnerabilities? I audit networks, cloud environments and Microsoft 365 – and deliver not lengthy reports, but concrete, prioritized recommendations.

  • Network and infrastructure audit
  • Microsoft 365 & Azure Security Review
  • Penetration testing to recognised standards
  • Clear action plan – sorted by urgency
Learn more →
03
📋
Consulting & Concepts

No off-the-shelf solutions. I develop IT security strategies tailored to your company size, industry and resources – based on ISO 27001 and BSI IT baseline protection.

  • ISMS implementation to ISO 27001
  • BSI IT baseline protection modelling
  • Risk analysis and incident response
  • Privacy by Design
Learn more →
04
🎓
Training & Workshops

As an IHK-certified trainer and lecturer at adult education centres and universities, I get IT security to the point – for everyone, regardless of technical background.

  • Awareness training for all staff
  • Phishing simulations and evaluation
  • Courses at adult education centres & universities
  • Workshops for IT teams and management
Learn more →
Andreas Grammlich – IT-Sicherheitsberater
15+
Years IT Experience
About me

I am Andreas.
No corporation.
Full expertise.

After more than 15 years in IT – from support to project management to security consulting in SMEs and corporations – I went independent as a freelancer. My mission: bringing IT security from theory into practice. Clearly explained. Directly implemented.

01
You always speak with me
No passing you on, no junior consultants, no phone trees. Direct, personal, continuous.
02
I understand your reality
Small IT budgets, no in-house security team, business running – I work with that, not against it.
03
Certified & always up to date
CISSP and further active certifications. Continuous professional development is a matter of course for me.
CISSP ISO 27001 BSI Baseline NIS2 IHK-Certified Trainer
"Security is not a product you buy – it's a process I actively shape with you."
🎓
Also available as a lecturer
Alongside corporate consulting, I teach IT security at educational institutions – hands-on, up-to-date and tailored to every audience.
VHS Evening School University In-house Training
Learn more →
Why Andreas Grammlich

Freelancer means:
you get
the expert.

No overhead costs, no intermediary layers. You invest in expertise – not in corporate structures.

01
Personal continuity
You always speak directly with me – from the first conversation to the final implementation.
02
Hands-on, not theoretical
15 years of IT practice in SMEs and corporations. I deliver not textbook solutions, but what actually works.
03
Plain language
As a lecturer, I'm used to explaining complex topics so that everyone – from management to staff – understands what's at stake.
04
Flexible engagement
Remote, on-site in Northern Germany, or nationwide. Hourly or as project support.
🏆
CISSP Certified
Certified Information Systems Security Professional – eines der renommiertesten IT-Sicherheitszertifikate weltweit
🏢
SME Focus
Solutions that fit your budget
📡
Remote & On-site
Flexible across Germany
🇩🇪
DACH Region
German law, GDPR, NIS2
🎓
IHK-Certified Trainer
Recognised teaching qualification

Ready for an
honest conversation?

30 minutes. Free. No sales pitch – just an honest first call
to find out if and how I can genuinely help you.

Request appointment → More about me