I am a cyber security expert and enthusiast, keen on delivering cyber security solutions that provide sustainable benefits to the organization. I combine strong technical knowledge with a focus on risk, allowing me to tackle both high-level architectural challenges as well as complex technical problems.
OSCP, CEH, DPO
October 2019: A post about setting up AD FS as an identity provider in Keycloak.Read post
August 2019: A post about locking down your Azure Devops pipeline.Read post
November 2017: A post about security headers.Read post
Architecting the redesign of the authentication landscape based on standards such as OIDC and SAML.
Describing the general security requirements for a new cloud application hosted mainly in AWS for a start-up (Aspect Analytics) in the pharmaceutical industry, where security standards are high. A phased approach has been taken based on ISO27001/2, of which the technical solutions are validated by means of a proof of concept.
Guest professor teaching the course 'Software Security'.
GDPR compliancy project for a non-profit association in the social security sector.
Providing training allows me to maintain a profound knowledge on new developments in the security landscape, therefore I continue working on courses in areas I’m passionate about. At the moment, these are the following: Web application security, Network security, Access control for modern web applications (see ToC in attachment), GDPR webinar, Introduction to blockchain.
Designing (and verifying by means of a proof of concept) the application, infrastructure, and security architecture of a solution which allows Belgian labor unions in the construction sector to centrally maintain their list of members. This in turn allows the labor unions to have other applications verify membership using this centrally maintained list through service calls. It goes without saying that this setup must be secured using the highest privacy and security standards.
Creating formal descriptions of Colruyt Group’s software landscape and securing it depending on the risk exposure its building blocks exhibited. Projects performed: Improving Colruyt Group's PKI, both from a process viewpoint as well as from a tooling viewpoint by introducing a CP(S), technical guidelines and a profound training; Introducing an eIDAS compliant e-signature solution based on PAdES while rethinking the existing business processes related to signing; Log management as part of a Security Operations Center using the ELK stack; Performing various high-level risk assessments to define the threat landscape.
Business consulting (focusing on enterprise architecture), managing of software development projects (agile methodology). Projects performed: Composing an in-depth coverage of innovative authentication methods ranging from something you know over something you are (physical and behavioural biometrics) to something you have, with the goal of providing a comparative analysis of these methods; Architectural analysis of the steps required to externalize authentication out of a large ASP.NET web application; Mapping the software landscape of a client using the Archimate language; Leading the offshore development team; Deployment of an extranet using ADFS as a security token service, complemented with an ASP.NET identity provider handling most of the authentication requests; Pen-testing and securing applications written mainly in ASP.NET and Angular;
Magna Cum Laude
Magna Cum Laude