Security that works. For people who work.
About us
Systems that stand up in an emergency.
Cybersecurity delivers impact where it meets real threats. carmasec combines regulatory requirements with technical depth so that safeguards work when it matters.
Measures that are often not enough
Policies are defined. Audits passed. Tools implemented. Yet one question remains. Whether all of this will hold up in an emergency. The gap is not in the effort. It lies between documented compliance and real effectiveness. That is exactly where we come in.
Impact instead of proof
Cybersecurity is not created by individual measures. It is created by a system that works together.
- Compliance sets the direction.
- Defense implements it.
- Attack verifies whether it holds.
Only together does what matters emerge: safeguards that work in the real world. That is the #carmasec effect.
Drei Perspektiven. Ein Ziel.
- Compliance und Informationssicherheit: Wir schaffen Strukturen, die Orientierung geben. Somit ist klar, was getan werden muss und warum.
- Defense: Wir setzen Maßnahmen technisch um. Pragmatisch, sauber und auf eure Systeme abgestimmt.
- Offensive: Wir testen unter realen Bedingungen. Damit sichtbar wird, ob eure Sicherheitsmaßnahmen wirklich tragen.
Since 2018, we’ve been helping companies in the DACH region transform cybersecurity from a work in progress into a solid foundation. Compliance, defense, and attack. Not as three separate projects. But as a cohesive whole.
Reliable, solution-oriented, and committed to delivering on our promises. Not someday. Today.
We say what others avoid. We stick with it when things get tough. And we never stop getting better.
That’s security. done. right.
Security.
We build trust and provide guidance in an environment that is constantly and rapidly changing. With deep expertise in cybersecurity, we support our partners in managing risks consciously.
Done.
We create transparency to enable informed decisions. As a reliable partner, we develop sustainable, holistic solutions from a single source and take responsibility.
Right.
Our expertise is the foundation for high-quality results. Enthusiasm and curiosity drive us to do the right thing the right way. We use our technical and methodological expertise to develop effective and creative solutions.
Our vision
A world in which our employees can fulfil their potential and our customers can securely focus on their core business.
Founded. With a conviction.
Carsten Marmulla founded carmasec in Essen. The idea is simple: cybersecurity and information security that actually works – not just exists on paper.
First projects. First community.
Jan Sudmeyer joins the team. The first client projects get underway. The friends of carmasec community meets for the first time in Cologne.
The team is now complete.
Timm Börgers rounds out the leadership team. The community is growing. Over 100 members meet quarterly to share ideas.
International. And eager to learn.
First international assignments. Open Friday kicks off—monthly, open to all, with no set agenda.
Taking a stand.
carmasec becomes a training partner. The first CSR campaign, “cleaning. done. right.,” brings responsibility to the forefront.
New leadership. A growing community.
Jan and Timm are taking over day-to-day operations. Carsten Marmulla is focusing on his role as brand ambassador. The #foc: Cyber Circle is firmly establishing itself in Cologne and Essen.
Who We Work For
We support companies that take responsibility. CISOs who need clarity, not more reports. IT leaders who want to implement solutions, not just manage concepts. Compliance officers who need to know whether their measures are effective. Executives who view cybersecurity as a strategic priority.
Often in regulated industries: banking & insurance, telecommunications, logistics, healthcare, energy, and mechanical engineering.
Our focus is on long-term partnerships. Not on individual projects.
Room for development
Open Friday
Every first Friday of the month. The format thrives on the mix. Spontaneous sessions where anyone can contribute their own ideas meet planned talks on current security topics. Open to the team and external guests.
Cyber Circle Meetup
With the Cyber Circle Meetup (#foc), we have established a permanent platform for industry dialogue. Decision-makers and experts from the security community meet quarterly in Cologne.
CSR Day
Once a year, the entire company puts laptops away. The team gets stuck in together. Media literacy workshops at schools, environmental initiatives, charitable engagement. Ideas come from the team.
The People Behind carmasec
At carmasec, there isn’t one department that does the thinking and another that does the implementing. Penetration testers, security engineers, auditors, compliance consultants, analysts, strategists, sales, HR, and back-office staff don’t just work side by side. They work together.
Everyone brings a unique perspective. Everyone takes responsibility. And that’s exactly what our clients feel—from the first conversation to the final deliverable.
Our management
Timm Börgers
Managing Partner & Trusted Advisor
Jan Sudmeyer
Managing Partner & Trusted Advisior
Make cybersecurity possible
You do not just want to write concepts, but to see whether they hold up. You want to take on responsibility early. For real topics. At real companies. At carmasec, you do not work on the theory of cybersecurity. You work on its reality.
Your future
at carmasec
security. done. right.
Structured thinking.
Cleanly implemented.
Realistically tested.
If you would like to know where your team stands and what is truly necessary: Let us talk.
Schedule an appointmentLocations. Close by.
Cologne and Essen. Remote where possible. On site where it matters.
