Paweł Srebnicki
Independent Strategic Advisor | Cyber Resilience & Business Transformation | vCISO & GRC Expert
Helping organizations turn security and compliance into business resilience, trust, and competitive advantage
Discover my experience

Meet me in social media:
BIO

I am a Security & Strategy Expert with 10+ years of experience spanning IT audits, ISMS, GRC frameworks, program management, and strategic consulting, helping organizations navigate cyber, operational, and regulatory risk. As an independent advisor and CISO as a Service (vCISO), I support clients in designing governance frameworks, managing complex programs, and aligning security practices with business goals.

Having delivered 30+ projects across telecom, finance, energy, and IT services, I bring hands-on leadership and cross-functional expertise. My client work has ranged across EU, the UK, the US, and Ukraine, supporting both private and public sector institutions.

COMPETENCES
CISO as a service (vCISO)
Strategy & GRC
Program & Project Management
Standards & Management Systems
Supply Chain Security & TPRM
Information Security Audits
WORKING WITH
Business
Media
Public sector
INDUSTRIES
Financial sector
Telecoms
IT services
MY PAST EMPLOYERS
CERTIFICATES
Certified Information Systems Auditor (CISA)
June 2017
ISO/IEC 42001:2023 Lead Auditor (AI Management System)
June 2025
ISO/IEC 42001:2023 Lead Implementer (AI Management System)
June 2025
ISO/IEC 22989:2023 Understanding AI Concepts and Terminology
September 2025
ISO/IEC 27001:2022 Auditor Transition Training Course (Information Security Management System)
June 2025
ISO/IEC 27001:2013 Lead Auditor (Information Security Management System)
June 2015
PRINCE2® Practitioner Certificate in Project Management
June 2018
PRINCE2® Foundation Certificate in Project Management
June 2018
ITIL® Foundation Certificate in IT Service Management
March 2017
Business English
May 2012
EDUCATION
Military University of Technology
MBA, Cybersecurity
SGH Warsaw School of Economics
Master’s degree, Law & Economics
Lazarski University
Bachelor’s degree, International Relations and Affairs
ARTICLES
03.04.2026

Ustawa KSC weszła w życie. Czy Twoja firma jest gotowa?

KSC samoidentyfikacja: dziś, 3 kwietnia 2026 roku, weszła w życie znowelizowana ustawa o Krajowym Systemie Cyberbezpieczeństwa (KSC) — polska…

Read more
01.03.2026

4 Leadership Habits Behind Consistent Project Delivery | Paweł Srebnicki

Consistent project delivery doesn’t come from luck or methodology alone — it comes from disciplined leadership habits, applied daily.…

Read more
04.01.2026

2025 review: From corporate comfort zone to freelance chaos universe

In 2025, I made the leap from corporate cybersecurity strategist to full-time freelance cybersecurity consultant — and it turned…

Read more
21.07.2025

ISO 27001:2022 – lessons learnt from the front-line of deployment of an evolving Standard

By a Cybersecurity Strategy Consultant | ISO 27001 Lead Auditor (BSI Certified since 2015) Editorial note (April 2026): This…

Read more
 All posts
SOCIALS
ask me question