Cybersecurity  ·  Law  ·  Wrocław, Poland

Hi, I'm Hubert.

I build systems that detect threats – and understand the law that demands them.

For over fifteen years I have worked in cybersecurity – designing and implementing monitoring and response systems (SIEM, SOAR) across IT and industrial environments. I went on to earn a law degree because I wanted to understand not only how to protect organisations, but why – and what exactly the law requires of them. I bring those two worlds together in my day-to-day consulting work.

Hubert Kromer – portrait

Three things I do really well.

Detection architecture

I design, implement and tune SIEM and SOAR platforms – Splunk Enterprise Security, IBM QRadar, Wazuh, Cortex XSOAR. From concept and architecture, through integrations, to correlation rules that detect what genuinely matters.

OT security

I secure industrial environments – from risk analysis and architecture to visibility and detection across OT networks, using solutions such as Nozomi Networks, Radiflow, Suricata and Zeek, in line with IEC 62443.

Law & compliance

With formal legal training, I translate the NIS2 Directive, the Polish KSC Act, the GDPR and ISO standards into requirements an engineer can implement and a board can understand.

From the terminal to the statute book – and back.

An engineer who spent fifteen years building security systems for large organisations, and then completed a law degree to understand the regulatory side of the field as well. The full career history is on LinkedIn.

2006–2010

Computer Science, Opole University of Technology

An engineering degree and the beginning of a fascination with GNU/Linux that continues to this day.

2009–2013

GlaxoSmithKline, Poznań

IT security in a global pharmaceutical corporation – learning to work at scale and within mature processes.

2013–2017

IBM – Wrocław and Munich

From security specialist to on-site consultant: L3 incident analysis, digital forensics, security assessments and my first large SIEM deployments.

2017–2023

IBM – Advisory IT Security Architect

SIEM and SOAR architecture for strategic clients, development of the managed services portfolio, product training and cybersecurity lectures at Wrocław University of Science and Technology.

2021–2026

Law, University of Wrocław

A master's degree completed alongside full-time work, complemented by postgraduate studies in criminal law and new technologies at the Jagiellonian University.

since 2023

Independent consulting practice

Advisory work and implementations for regulated industries – cybersecurity compliant with the law and standards, from the KSC Act to IEC 62443.

Tools and standards I work with daily.

Technologies

  • SIEM – Splunk Enterprise Security, IBM QRadar, Wazuh
  • SOAR – QRadar SOAR, Palo Alto Cortex XSOAR
  • OT / NIDS – Nozomi Networks, Radiflow, Suricata, Zeek
  • Systems – GNU/Linux, all shapes and sizes

Standards & certifications

  • ISO/IEC 27001 · ISO 22301 · IEC 62443 · NIST CSF · MITRE ATT&CK
  • (ISC)² CISSP – since 2020, no. 493962
  • Splunk Enterprise Certified Architect – 2021
  • Cambridge C1 Advanced – 2024; previously CompTIA Security+ and RHCE

What keeps me going after I close the terminal.

Law and criminalistics

An interest that began with my professional work and, over time, became a passion in its own right.

AI in cybersecurity

I test and deploy new applications of artificial intelligence, watching how AI reshapes both defence and attack.

GNU/Linux and FOSS

Gentoo is my daily working environment. For me, free software is not merely a tool – it is a philosophy. This is the way.

Saddle and barbell

Horseback riding gives me a sense of freedom, and strength training stills my mind.

Let's talk.

The best way to reach me is by email or on LinkedIn. I am glad to reply to messages about collaboration and topics close to my heart – cybersecurity, law or free software. Unsolicited sales offers go unanswered.

Wrocław, Poland