Daniel van Heerden, Developer in Regina, SK, Canada
Daniel is available for hire
Hire Daniel

Daniel van Heerden

Verified Expert  in Engineering

Systems Engineer and Developer

Regina, SK, Canada

Toptal member since March 3, 2022

Expertise
AWSSSO EngineeringOKTAWindows DevelopmentUbuntuAWS CloudAmazon S3LDAPLinuxAzurePenetration TestingMacOSGitJSONWebSphere
Bio

Daniel is an information security professional with over ten years of experience in identity and access management (IAM) and secure cloud architecture. His expertise includes the role and attribute-based access control, cybersecurity, vulnerability management, cloud infrastructure design, endpoint security, SIEM, and incident response. Daniel excels in understanding business needs and creating custom solutions in line with organizational goals.

Portfolio

Mix Telematics
Amazon Web Services (AWS), Endpoint Detection and Response (EDR)...
Ovations Group Companies
Windows, Privileged Access Management (PAM), iSIM, ISAM...
Britesmith Technology Innovations
Vulnerability Management, Nessus, Customer Support, Bash Script, Design...

Experience

  • Amazon Web Services (AWS) - 6 years
  • Vulnerability Management - 5 years
  • Identity & Access Management (IAM) - 5 years
  • Single Sign-on (SSO) - 5 years
  • Multiple Factor Analysis (MFA) - 5 years
  • Nessus - 4 years
  • Design - 4 years
  • Okta - 3 years

Availability

Part-time

Preferred Environment

MacOS, Windows, Linux, Visual Studio Code (VS Code), AWS CLI, Bash, Git, Vim Text Editor, JSON

The most amazing...

...thing I've implemented is a hybrid access strategy based on roles, groups, active directory attributes, and AWS tags.

Work Experience

Infrastructure Engineer

2020 - 2022
Mix Telematics
  • Improved the overall security posture of Mix Telematics SAAS platform hosted on AWS. These improvements were conducted across the five cyber defense pillars, including identity, networking, detection, response, and recovery.
  • Designed and implemented a new access management strategy for engineering and development teams around Okta SSO to improve the authentication process.
  • Investigated new security incidents and performed threat management, vulnerability assessment, and security monitoring. Worked with third-party penetration testers to identify security threats and risks.
  • Designed and implemented cloud-native architectures and designs to meet business requirements.
  • Successfully deployed and optimized Kafka clusters in three different development environments.
Technologies: Amazon Web Services (AWS), Endpoint Detection and Response (EDR), Identity & Access Management (IAM), Ubuntu, Windows, Networking, Vulnerability Management, Architecture, Penetration Testing, Single Sign-on (SSO), Bash Script, LDAP, Design, Amazon EC2, Amazon S3 (AWS S3), AWS Security Token Service (STS), Web Security, ISO 27001

Technical Support Consultant

2020 - 2020
Ovations Group Companies
  • Supported IBM's identity and access management solutions, ISIM, and ISAM, and its Websphere application servers.
  • Implemented and supported BeyondTrust’s privilege account manager (PAM).
  • Assisted with the technical direction and architecting of Sanlam's planned migration from on-premises to AWS.
Technologies: Windows, Privileged Access Management (PAM), iSIM, ISAM, Identity & Access Management (IAM), Linux, WebSphere, Bash Script, LDAP, Networking

Systems Engineer

2020 - 2020
Britesmith Technology Innovations
  • Performed Nessus scans against specified resources, analyzed and documented results, and worked with customers to remediate vulnerabilities.
  • Installed and configured Nessus scanning agents and scanned schedules around customer needs.
  • Provided training and functional and end-user testing on the Britesmith vulnerability management platform.
Technologies: Vulnerability Management, Nessus, Customer Support, Bash Script, Design, Networking, Ubuntu

Cloud Support | Security

2016 - 2019
Amazon Web Services (AWS)
  • Supported all AWS security services, including IAM, ACM, KMS, SSO, WAF, Inspector, and GuardDuty.
  • Managed customer service handling and resolving technical customer issues via phone, chat, and email. Prioritized incidents and liaised with service teams to resolve problems within SLA.
  • Onboarded and tested new applications onto AWS SSO using SAML2.
Technologies: Amazon Web Services (AWS), Web Application Firewall (WAF), DDoS, AWS Key Management Service (KMS), Customer Support, Single Sign-on (SSO), Multiple Factor Analysis (MFA), Design, Amazon EC2, Amazon S3 (AWS S3), Networking, AWS Security Token Service (STS), Web Security, Ubuntu, AWS Cloud Security

Experience

AWS Hybrid Access Control

Implemented a hybrid access control policy across multiple accounts while encouraging least privileged permissions. The hybrid design used a combination of roles and attribute-based policies and incorporated Windows AD attributes, Okta universal directory groups, AWS tags, SSO, IAM, and STS.

Privileged Access Management

Implemented Beyond Trust’s privilege access management software to manage and improve access to Sanlam’s crown jewel servers.

The project also assessed user access history and which accounts have access to these servers.

Certifications

SEPTEMBER 2023 - PRESENT

CISSP

ISC2

FEBRUARY 2023 - FEBRUARY 2025

Okta Certified Administrator

Okta

JUNE 2022 - JUNE 2024

Terraform Associate

Hashicorp

APRIL 2022 - PRESENT

Certificate of Cloud Security Knowledge

Cloud Security Alliance

AUGUST 2021 - AUGUST 2023

Okta Certified Professional

Okta

JANUARY 2020 - JANUARY 2023

AWS Certified Security Specialty

Amazon Web Services

FEBRUARY 2018 - FEBRUARY 2020

AWS Certified Solutions Architect

Amazon Web Services

Skills

Tools

AWS CLI, Amazon Elastic Block Store (EBS), AWS Key Management Service (KMS), Git, Vim Text Editor, Nessus

Platforms

Amazon Web Services (AWS), Amazon EC2, AWS Security Token Service (STS), Ubuntu, Windows, MacOS, Linux, WebSphere, Visual Studio Code (VS Code)

Storage

Amazon S3 (AWS S3), Azure Active Directory, JSON

Languages

Bash Script, Bash

Frameworks

Windows PowerShell

Paradigms

Penetration Testing, DDoS, DevOps

Other

Networking, Web Security, AWS Cloud Architecture, Identity & Access Management (IAM), Single Sign-on (SSO), Multiple Factor Analysis (MFA), Okta, Vulnerability Management, Endpoint Detection and Response (EDR), Design, Cost Analysis, LDAP, Architecture, Customer Support, Privileged Access Management (PAM), iSIM, ISAM, Web Application Firewall (WAF), Cloud Computing, Virtualization, Containers, Governance, Risk Management, Data-level Security, Compliance, ISO 27001, Infrastructure as Code (IaC), AWS Cloud Security, IT Security, Communications Security, Security Assessment, Security Operations Centers (SOC)

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring