carmasec is a consulting boutique for Cyber Security and Data Protection, founded in 2018 in Germany with offices in Cologne and Essen.

Hintergrund Gitternetz

Service fields

Icon Security Offensive

Offensive Security

Using a proactive attack-simulated approach, our experts check the usability of IT systems and the implementation of security measures in your company.

Cloud Security

Cloud Security

We support you in implementing security measures for your data in the cloud.


Information Security Management

We help you set up your information security management system (ISMS).

Agile Security / DecSecOps

DevSecOps / Agile Security

We support you in setting up a DevSecOps organisation and integrate security into your CI/CD pipelines.

Identity & Access Management

Identity & Access Management

We support you in the implementation of identity and access management, independent of the provider.


Risk Management

We help establish processes and structures for your risk management.

Icon Security Awareness

Security Awareness

We sensitise your employees through awareness training and campaigns


Data Privacy / GDPR

We advise you on the management of personal data in the context of the GDPR.

Our Management Team

Hintergrund Gitternetz

Introducing ourselves

carmasec Team

carmasec is a cybersecurity consulting boutique, founded in Germany in 2018. As a “trusted advisor” in the field of cyber resilience, we provide professional consulting services and solutions to our national and international clients. Our expertise lies in the areas of cloud security, information security, DevSecOps, identity & access management, risk management, security architecture, security awareness, security automation and data protection.

Our team of experts with many years of relevant consulting experience has successfully implemented more than 100 customer projects in the telecommunications, logistics, financial services, healthcare and energy sectors.

Our association memberships and networks

Logo EuroCloud Native

EuroCloud Native

EuroCloud Native (ECN) is a specialist forum aimed at providers of public cloud-based solutions and services and is the point of contact for media issues.

Logo TeleTrusT - Bundesverbsand IT-Sicherheit

TeleTrusT – Bundesverband IT-Sicherheit e.V.

The Bundesverband IT-Sicherheit e.V. (TeleTrusT) is a competence network with members from industry, administration, and science.

Logo BVMW - Bundesverband mittelständische Wirtschaft - Unternehmerverband Deutschlands

BVMW – Bundesverband der mittelständischen Wirtschaft e.V.

The BVMW is the largest, politically independent, and cross-sectoral association of German SMEs.

Logo Bundesfachverband der IT-Sachverständigen und Gutachter e.V.

BISG – Bundesfachverband der IT-Sachverständigen und Gutachter e.V.

The Federal Association of IT Experts and Consultants (BISG e.V.) is a lobbyist, mediator and service provider.

Logo eco - Verband der Internetwirtschaft

eco – Verband der Internetwirtschaft e.V.

With more than 1,100 members, eco is the largest Internet industry association in Germany and Europe, helping to shape the Internet.

Logo Cyber Security Cluster Bonn

Cyber Security Cluster Bonn e.V.

The cluster combines business, politics, and research competencies to create innovative IT security solutions.

Button Teilnehmer der Allianz für Cyber-Sicherheit

Allianz für Cybersicherheit e.V.

The Alliance for Cyber Security, founded in 2012, aims to strengthen resilience against cyber attacks.

Logo Networker NRW

networker NRW e.V.

The networker NRW is a network of personal contacts in the IT industry and bundles the competence of 190 members.

Logo Netzwerk Zenit

ZENIT Netzwerk e.V.

The ZENIT Network, founded in 1984, is a forum of entrepreneurs for entrepreneurs. The goal is to create cross-border networking.

Logo EuroCloud Deutschland eco

EuroCloud e.V.

EuroCloud Deutschland_eco e. V. is the association of the cloud computing industry and promotes the provision of cloud services.



The Competence Center for Cyber Physical Systems is an innovation driver in CPS enabling technologies for research, development and industry.

There are only two types of companies: those, that have been hacked, and those, that don’t know they have been hacked.

John T. Chambers
Hintergrund Gitternetz
Timm Börgers, Carsten Marmulla und Jan Sudmeyer - Geschäftsführer der carmasec

Test us in a first
non-binding consultation

Describe your current challenges to us during a no-obligation initial phone consultation, and we will provide you with direct solutions that we will be happy to implement together with you!

Icon Tel +49 (0)201 426 385 905

Contact us