Michael Boeynaems

Markt · Meerhout, 2450 · +32474 28 02 63 · michael.boeynaems@portasecura.com

I am a cyber security expert and enthusiast, keen on delivering cyber security solutions that provide sustainable benefits to the organization. I combine strong technical knowledge with a focus on risk, allowing me to tackle both high-level architectural challenges as well as complex technical problems.



Building strong access management using open standards

January 2020: A post about the risks of using weak passwords and how they can be countered by up to date security policies and technologies.

Read post

Setting up MS AD FS 2019 as brokered identity provider in Keycloak

October 2019: A post about setting up AD FS as an identity provider in Keycloak.

Read post

Locking down Azure Devops pipeline agents

August 2019: A post about locking down your Azure Devops pipeline.

Read post

HTTP security headers

November 2017: A post about security headers.

Read post


Cyber Security Specialist

Colruyt Group Services

Architected the redesign of the access management landscape based on standards such as OIDC and SAML (starting from scratch, ending with a delivered solution). Co-created the risk-based access control policy based on NIST guidelines.

May 2018 - Present

IT Security Architect

Colruyt Group Services

Security architect in a TOGAF-based environment, using Archimate as modelling language. Areas of experience: eIDAS, PKI, security operations, risk assessments, web application security, IAM, Elastic stack log management

February 2016 - April 2018

Cyber Security Specialist - Advisor

Aspect Analytics NV

Describing the general security requirements for a start-up (Aspect Analytics) who are creating a new application for the pharmaceutical industry, where security standards are high. A phased approach has been taken based on ISO27001/2.

October 2018 - Present

Guest Professor - Software Security

Artesis Plantijn

Guest professor teaching the course 'Software Security'.

September 2018 - Present

Privacy Officer

IPV-IFP vzw-asbl (Alimento Group)

Leading the GDPR compliancy project for a non-profit association in the social security sector. Taking up the role of Data Protection Officer.

January 2018 - Present

Freelance trainer

The Master Labs

Providing training allows me to maintain a profound knowledge on new developments in the security landscape, therefore I continue working on courses in areas I’m passionate about. At the moment, these are the following: Web application security, Network security, Access control for modern web applications (see ToC in attachment), GDPR webinar, Introduction to blockchain.

February 2016 - Present

Cyber Security Specialist


Designed the application, infrastructure, and security architecture of a solution which allows Belgian labor unions in the construction sector to centrally maintain their list of members and control accesses, which is subject to heavy security and privacy requirements. Architected and implemented the Proof Of Concept.

September 2018 - September 2019

Senior Business Architect

The Master Labs

Business consulting (focusing on enterprise architecture), managing of software development projects (agile methodology). Projects performed: Composing an in-depth coverage of innovative authentication methods ranging from something you know over something you are (physical and behavioural biometrics) to something you have, with the goal of providing a comparative analysis of these methods; Architectural analysis of the steps required to externalize authentication out of a large ASP.NET web application; Mapping the software landscape of a client using the Archimate language; Leading the offshore development team; Deployment of an extranet using ADFS as a security token service, complemented with an ASP.NET identity provider handling most of the authentication requests; Pen-testing and securing applications written mainly in ASP.NET and Angular;

September 2014 - February 2016

Business Architect

The Master Labs

September 2012 - August 2014


University of Antwerp

Master of Science in Applied Economic Sciences
Business Engineering in Management Information Systems

Magna Cum Laude

September 2010 - June 2012

University of Antwerp

Bachelor of Science in Applied Economic Sciences
Business Engineering in Management Information Systems

Magna Cum Laude

September 2007 - June 2010

Awards & Certifications

  • Certified Information Systems Security Professional (CISSP)
  • Offensive Security Certified Professional (OSCP)
  • Data Protection Officer
  • Certified Ethical Hacker (CEH)
  • TOGAF 9 Foundation


ArchiMate, ADFS, OIDC, OAuth2, SAML, SSO, PKI, ELK, Kerberos, PAdES, NIST, Keycloak, REST API, OIDC, .NET Core, ASP.NET, IIS, Kali Linux, Burp, Nikto, NMap, Metasploit, HSM, Encryption, IDS, PFSense, GDPR, Privacy, DPO, data protection, OSCP, ISAM, OSCP, AWS, GuardDuty, Elastic.

VAT: BE0693954727