Security Architect / Sr. Sentinel Engineer
-
BlueVoyant
2021 - present
As a Security Architect I’m working on developing new internal and external services and improving our existing ones.
I research various security topics to improve our offerings both internally and for our clients.
Achievements:
- Deployed, configured and optimized more than 60 Sentinel instances and supported the deployment of a few more.
- By identifying under-documented behavior in Sentinel I saved significant costs for many companies.
As the first technical employee in the EMEA region for my company, I wore multiple hats for a considerable time. I assisted the sales and sales engineering teams in designing and selling our services, supported various teams in their duties, and worked on creating new services. My role also involved deploying and configuring Sentinel instances, developing deployment and SOAR automation content, and overall improving our services.
As our team expanded, my responsibilities transitioned from hands-on deployments to a role focused on researching and developing new capabilities, and supporting challenging deployments as an architect. Additionally, I design the monitoring and security architecture for our clients.
Technologies: Python, Powershell, Azure, Microsoft Sentinel, Microsoft Defender, Azure DevOps, Microsoft SecOps
Detection Engineer - IT Development Engineer
-
ABN Amro
2019 - 2020
In this role at one of the biggest dutch bank in Amsterdam, I had three distinct responsibilities:
- Detection Engineering: Created detection use cases for Splunk, QRadar, and Sentinel.
- Automation: Worked on automating security use cases, creating enrichment connectors, and integrating various tools with TheHive, Sentinel playbooks, and custom Python scripts.
- Sentinel Deployment: Deployed Sentinel in a DATP configuration and developed an Infrastructure as Code deployment setup in Azure DevOps for our entire Sentinel environment.
Technologies: Python, QRadar, Splunk, Sentinel, Azure DevOps, TheHive
Sr. Incident Responder
-
GE
2018 - 2019
As an Incident Responder, I was responsible for investigating complex and challenging cases, conducting Windows forensic investigations, and creating detection rules in Splunk, Suricata, and Snort.
I led the night shift, ensuring smooth operations during off-hours, and took on the role of mentoring and training new team members.
This role enhanced my ability to swiftly and effectively handle incidents, while also encouraging teamwork and mentoring within the team.
Technologies: Splunk, Suricata, Snort, CrowdStrike
Cyber Security Analyst
-
IBM
2016 - 2018
This Cyber Threat Defense Analyst role marked the beginning of my career in cyber security.
I utilized QRadar to investigate security alerts for our clients, focusing exclusively on critical accounts. This allowed me to work on 1-2 clients at a time, enabling more in-depth investigations.
In addition to conducting investigations, I participated in on-site exercises with clients, offering guidance on how to tackle various use cases.
In my network engineering role, I was responsible for configuring a range of network devices, including routers and switches. I managed the migration of IT services from legacy devices to modern appliances.
Achievements:
- By automating the implementation tasks for these migrations, I enhanced efficiency by 300%, reducing an 8-hour task to just 2 hours.
