Navigating the Path to Your Cybersecurity Success
 

Profile

At the time of writing, I am employed as a Technical Security Officer at an organization that is a world leader in specialized chemistry for coatings, processing, and treatments.  

Jan 2023 - Present
Interim Global Technical Information Security Officer

  • Perform risk assessments using qualified threat sources
  • Periodically report the current state of information security within global dashboards
  • Collaborate with our business teams to implement adequate levels of security
  • Independently manage or execute technical IT security projects
  • Manage external security service providers
  • Actively support IT teams in implementing required security controls and provide guidance
  • Participate in improvements of information security policies, processes, and controls
  • Manage and respond to security incidents


Nov 2021 - Dec 2022
Cyber Security Professional/Specialist, Heijmans



The Cyber Security Professional role focuses on the tactical/operational side of security. This includes further ensuring the implementation of security improvements, performing various security procedures, documenting and addressing security risks, assessing system and data classification, guiding security testing, and providing advice to users. The following is an overview of additional tasks included in my job package:

  • Establishing and maintaining cybersecurity standards and guidelines
  • Supporting information security incidents that impact service delivery or violate laws and regulations
  • Serving as a contact person for vulnerability investigations and/or penetration tests conducted
  • Supporting audits related to information security on agreed-upon services
  • Keeping up-to-date with standards, techniques, and practices related to Cybersecurity and actively disseminating knowledge
  • Having insight and overview of current security issues
  • Evaluating the security of technologies and products
  • Providing advice on CIA (Confidentiality, Integrity, Availability) classification of applications, systems, and data
  • Supporting incident, problem, change, and configuration management in support processes
  • Conducting ethical hacking as a form of quality control for technology
  • Ensuring compliance and assurance in partnerships/contracts and following up on them
  • Documenting and addressing risks (and risk acceptances)


Apr 2019 - Nov 2021
Ethical Hacker, de Volksbank


Within Volksbank, I am responsible for conducting technical security assessments (security tests, assessments, reviews, penetration testing, ethical hacking, code reviews) on (mobile) (web) applications and infrastructure of Volksbank. Additionally, I oversee and manage security assessments performed by external specialized security firms. Advising the line organization and senior management of Volksbank on the security of (mobile) (web) applications and infrastructure is also part of my responsibilities.

Lastly, with a proactive focus on tactical and strategic developments, I maintain good relationships and collaborate with other departments within Volksbank, other banks, and specialized security companies in the field of (cyber)security.

Jun 2017 - Mar 2019
Security Analyst, Secura

My work at Secura involves testing the (IT) security of clients and preparing reports that include network vulnerabilities as well as advice on how to address them. My expertise primarily focuses on conducting investigations into web applications, mobile apps, and networks for various clients with different technologies.

As a project leader, I oversee my team to achieve maximum results during the research process and deliver excellent quality to the client. My main focus is assessing the security level of web applications and the (network) infrastructure of clients. Upon completion of the project, I provide the client with an advisory report that describes the conducted tests, testing methods, risks (risk analysis), and potential solutions for the identified risks.

In addition to my daily responsibilities, I am also involved in standardizing and improving business processes through R&D projects. One of my significant contributions is the "crystal-box infrastructure" research, which focused on comparing the results of client audits with the baseline established by Secura. This enables obtaining a clearer picture of the security level of the infrastructure.


7 yrs 2 mos
Senior systeembeheerder- and support engineer


In my role as a system administrator, I was responsible for ensuring the optimal functioning of the office network, enabling employees to carry out their daily tasks without any hindrance. My management tasks encompassed both workstations and the server infrastructure that formed part of the office network. I am familiar with various server types, including Windows 2003/2008 servers, domain controllers, Exchange server, SharePoint, and other relevant systems. As a help desk representative, I served as the initial point of contact for customers and it was my responsibility to resolve complex incidents.

Education

  • 2016: HBO bachelor, ICT & Management and Security [Part time]
  • 2014: HBO Associate Degree, IT Service Management [Part time]
  • 2008: MBO level 4 - IT Administrator

Certificates

  • Certificate of Cloud Security Knowledge v.4 (CCSK)
  • Certified Information Systems Security Professional (CISSP)
  • eLearnSecurity Certified Professional Penetration Tester v2
  • eLearnSecurity Web Application Penetration Testing
  • ISO/IEC 27001 Provisional Implementer
  • AWS Certified Cloud Practitioner
  • ITIL version 3 - Foundation