I am a cyber security expert and enthusiast, keen on delivering cyber security solutions that provide sustainable benefits to the organization. I combine strong technical knowledge with a focus on risk, allowing me to tackle both high-level architectural challenges as well as complex technical problems.
CISSP, OSCP, CEH, DPO
January 2020: A post about the risks of using weak passwords and how they can be countered by up to date security policies and technologies.Read post
October 2019: A post about setting up AD FS as an identity provider in Keycloak.Read post
Architected the redesign of the access management landscape based on standards such as OIDC and SAML (starting from scratch, ending with a delivered solution). Co-created the risk-based access control policy based on NIST guidelines.
Security architect in a TOGAF-based environment, using Archimate as modelling language. Areas of experience: eIDAS, PKI, security operations, risk assessments, web application security, IAM, Elastic stack log management
Describing the general security requirements for a start-up (Aspect Analytics) who are creating a new application for the pharmaceutical industry, where security standards are high. A phased approach has been taken based on ISO27001/2.
Guest professor teaching the course 'Software Security'.
Leading the GDPR compliancy project for a non-profit association in the social security sector. Taking up the role of Data Protection Officer.
Providing training allows me to maintain a profound knowledge on new developments in the security landscape, therefore I continue working on courses in areas I’m passionate about. At the moment, these are the following: Web application security, Network security, Access control for modern web applications (see ToC in attachment), GDPR webinar, Introduction to blockchain.
Designed the application, infrastructure, and security architecture of a solution which allows Belgian labor unions in the construction sector to centrally maintain their list of members and control accesses, which is subject to heavy security and privacy requirements. Architected and implemented the Proof Of Concept.
Business consulting (focusing on enterprise architecture), managing of software development projects (agile methodology). Projects performed: Composing an in-depth coverage of innovative authentication methods ranging from something you know over something you are (physical and behavioural biometrics) to something you have, with the goal of providing a comparative analysis of these methods; Architectural analysis of the steps required to externalize authentication out of a large ASP.NET web application; Mapping the software landscape of a client using the Archimate language; Leading the offshore development team; Deployment of an extranet using ADFS as a security token service, complemented with an ASP.NET identity provider handling most of the authentication requests; Pen-testing and securing applications written mainly in ASP.NET and Angular;
Magna Cum Laude
Magna Cum Laude