Daniel van Heerden, Systems Engineer and Developer in Regina, SK, Canada
Daniel van Heerden

Systems Engineer and Developer in Regina, SK, Canada

Member since March 3, 2022
Daniel is an information security professional with over ten years of experience in identity and access management (IAM) and secure cloud architecture. His expertise includes the role and attribute-based access control, cybersecurity, vulnerability management, cloud infrastructure design, endpoint security, SIEM, and incident response. Daniel excels in understanding business needs and creating custom solutions in line with organizational goals.
Daniel is now available for hire

Portfolio

Experience

  • AWS 6 years
  • Multiple Factor Analysis (MFA) 5 years
  • Single Sign-on (SSO) 5 years
  • Vulnerability Management 5 years
  • Identity & Access Management (IAM) 5 years
  • Design 4 years
  • Nessus 4 years
  • Okta 3 years

Location

Regina, SK, Canada

Availability

Part-time

Preferred Environment

MacOS, Windows, Linux, VS Code, AWS CLI, Bash, Git, Vim Text Editor, JSON

The most amazing...

...thing I've implemented is a hybrid access strategy based on roles, groups, active directory attributes, and AWS tags.

Employment

  • Infrastructure Engineer

    2020 - 2022
    Mix Telematics
    • Improved the overall security posture of Mix Telematics SAAS platform hosted on AWS. These improvements were conducted across the five pillars of cyber defense, which included identity, networking, detection, response, and recovery.
    • Designed and implemented a new access management strategy for engineering and development teams around Okta SSO to improve the authentication process.
    • Investigated new security incidents and performed threat management, vulnerability assessment, and security monitoring. Worked with third-party penetration testers to identify security threats and risks.
    • Designed and implemented cloud-native architectures and designs to meet business requirements.
    • Successfully deployed and optimized Kafka clusters in three different development environments.
    Technologies: AWS, EDR, Identity & Access Management (IAM), Ubuntu, Windows, Networking, Vulnerability Management, Architecture, Penetration Testing, Single Sign-on (SSO), Bash Script, LDAP, Design, Amazon EC2, AWS S3, AWS STS, Web Security
  • Technical Support Consultant

    2020 - 2020
    Ovations Group Companies
    • Supported IBM's identity and access management solutions, ISIM, and ISAM, and its Websphere application servers.
    • Implemented and supported BeyondTrust’s privilege account manager (PAM).
    • Assisted with the technical direction and architecting of Sanlam's planned migration from on-premises to AWS.
    Technologies: Windows, PAM, ISIM, ISAM, Identity & Access Management (IAM), Linux, WebSphere, Bash Script, LDAP, Networking
  • Systems Engineer

    2020 - 2020
    Britesmith Technology Innovations
    • Performed Nessus scans against specified resources, analyzed and documented results, and worked with customers to remediate vulnerabilities.
    • Installed and configured Nessus scanning agents and scanned schedules around customer needs.
    • Provided training and functional and end-user testing on the Britesmith vulnerability management platform.
    Technologies: Vulnerability Management, Nessus, Customer Support, Bash Script, Design, Networking, Ubuntu
  • Cloud Support | Security

    2016 - 2019
    Amazon Web Services (AWS)
    • Supported all AWS security services, including IAM, ACM, KMS, SSO, WAF, Inspector, and GuardDuty.
    • Managed customer service handling and resolving technical customer issues via phone, chat, and email. Prioritized incidents and liaised with service teams to resolve problems within SLA.
    • Onboarded and tested new applications onto AWS SSO using SAML2.
    Technologies: AWS, Web Application Firewall (WAF), DDoS, AWS Key Management Service (KMS), Customer Support, Single Sign-on (SSO), Multiple Factor Analysis (MFA), Design, Amazon EC2, AWS S3, Networking, AWS STS, Web Security, Ubuntu

Experience

  • AWS Hybrid Access Control

    Implemented a hybrid access control policy across multiple accounts while encouraging least privileged permissions. The hybrid design used a combination of roles and attribute-based policies and incorporated Windows AD attributes, Okta universal directory groups, AWS tags, SSO, IAM, and STS.

  • Privileged Access Management

    Implemented Beyond Trust’s privilege access management software to manage and improve access to Sanlam’s crown jewel servers.

    The project also assessed user access history and which accounts have access to these servers.

Skills

  • Other

    AWS, Networking, Web Security, AWS Cloud Architecture, Identity & Access Management (IAM), Single Sign-on (SSO), Multiple Factor Analysis (MFA), Okta, Vulnerability Management, EDR, Design, Cost Analysis, LDAP, Architecture, Customer Support, Beyondtrust, PAM, ISIM, ISAM, Web Application Firewall (WAF), Cloud Computing, Virtualization, Containers, Information Governance, Risk Management, Data-level Security, Compliance
  • Tools

    AWS CLI, AWS EBS, AWS Key Management Service (KMS), VS Code, Git, Vim Text Editor, Nessus
  • Platforms

    Amazon EC2, AWS STS, Ubuntu, Windows, MacOS, Linux, WebSphere
  • Storage

    AWS S3, Azure Active Directory, JSON
  • Languages

    Bash Script, Bash
  • Frameworks

    Windows PowerShell
  • Paradigms

    Penetration Testing, DDoS

Certifications

  • Certificate of Cloud Security Knowledge
    APRIL 2022 - PRESENT
    Cloud Security Alliance
  • Okta Certified Professional
    AUGUST 2021 - AUGUST 2023
    Okta
  • AWS Certified Security Specialty
    JANUARY 2020 - JANUARY 2023
    Amazon Web Services
  • AWS Certified Solutions Architect
    FEBRUARY 2018 - FEBRUARY 2020
    Amazon Web Services

To view more profiles

Join Toptal
Share it with others