Verified Expert in Engineering
Cybersecurity Specialist and Developer
Steven is a seasoned consulting professional and cybersecurity specialist with a demonstrated history of working in telecommunications. His expertise includes threat intelligence, computer forensics, incident monitoring, and response and security architecture. Steven holds multiple certifications in his field including GIAC Certified Intrusion Analyst (GCIA) from the SANS Institute and Certified Information Systems Security Professional (CISSP) from (ISC)².
The most amazing...
...thing I've done is to discover and analyze an APT attack and then rebuild the core infrastructure and start a security program for a large company.
Cyber Defense Security Architect
- Introduced the SOAR platform with associated playbooks that map to the company's incident response processes.
- Migrated the SIEM platform, including all log sources, use cases, and more.
- Provided assistance in various security incident and threat intelligence topics.
SIRT Team Member (Security Incident Response)
Contract at SIX Payments
- Assisted the SIRT team in refining and maturing their incident monitoring and response processes.
- Helped the QRadar project team determine which logs to collect, how to interpret them, and what use cases to build.
- Performed security big data analyses using the ELK stack.
- Handled incidents, which included prioritizing incidents, performing complex incident analysis, documenting findings, research, and so on.
Cybersecurity Technical Program Lead
- Led and was responsible for IT security which included establishing various incident responses and processes.
- Served as the team lead on project teams handling various security projects.
- Advised on a range of cybersecurity issues and topics.
- Managed and was responsible for the overall IT security plan.
- Defined the IT security roadmap as well as other accompanying tasks.
- Advised on the implementation of security in various IT projects.
- Built out the security incident response team in terms of processes and technology.
- Managed different security incidents, from PR incidents to compromised devices that required forensic analysis.
- Implemented a SIEM solution for security monitoring.
- Performed threat analyses for new and emerging cases to evaluate how they could affect Proximus. This included forensic investigations where applicable, documentation of analysis findings, researching threat actors, and so on.
- Performed a technical analysis of new vulnerabilities.
- Liaised with third parties (other telecom operators, security actors, equipment vendors) to gather intelligence about emerging threats and vulnerabilities. Took appropriate actions with relevant teams to limit risk and exposure.
- Collected and generated statistical incident information and build. reporting and regularly presented the reporting information to higher management.
- Initiated and participated in expert reviews with engineering and monitoring teams to improve the security architecture for critical environments, monitoring tools,. security processes, cyber defense strategies, and so on.
Solution Engineer, Security
Belgacom (now Proximus)
- Consulted on infrastructure engineering for ArcSight SIEM infrastructure (logger, connectors, connector appliance, ESM Express 4.0).
- Provided content engineering for ArcSight SIEM and support in the monitoring and analysis of security incidents.
- Investigated, contained, and remediated major and minor security incidents.
- Created secure network designs and engineered the security infrastructure (Check Point, Juniper, Blue Coat) as well as advising about IT security on projects.
ICT Security Consultant
Ernst & Young (EY)
- Managed different short-term audit engagements to determine the general state of IT security.
- Ran an engagement to create a network segmentation strategy for a large Telco in Belgium.
- Performed an audit for the ISO27001 certification of a public organization based in Belgium.
- Developed security roadmaps to improve technical security within large organizations.
- Performed network security reviews for various smaller organizations in Belgium.
Elastic, ELK (Elastic Stack), Kibana, Logstash, Splunk
Malware Information Sharing Platform (MISP), Windows
Telecommunications, Cybersecurity, Network Security, Security, IT Security
Elasticsearch, Azure Active Directory
Networks, SIEM, Incident Response, Security Monitoring, Digital Forensics, Event Management, Information Security, Security Architecture, Firewalls, IDS/IPS, Threat Intelligence, Cyber Threat Hunting, SecOps, IT Infrastructure, Malware Analysis, Security Orchestration, Automation, and Response (SOAR), Cloud Security, Data Analytics, XSOAR
Python, Java, Bash
Master's Degree in Computer Science
University of Ghent - Ghent, Belgium
Bachelor's Degree in Informatics
University of Ghent - Ghent, Belgium
Certified Information Systems Security Professional (CISSP)
The International Information System Security Certification Consortium | (ISC)²
GIAC Certified Intrusion Analyst (GCIA)