Steven Goossens
Verified Expert in Engineering
Cybersecurity Specialist and Developer
Lokeren, Belgium
Toptal member since October 20, 2020
Steven is a seasoned consulting professional and cybersecurity specialist with a demonstrated history of working in telecommunications. His expertise includes threat intelligence, computer forensics, incident monitoring, and response and security architecture. Steven holds multiple certifications in his field including GIAC Certified Intrusion Analyst (GCIA) from the SANS Institute and Certified Information Systems Security Professional (CISSP) from (ISC)².
Portfolio
Experience
- Cybersecurity - 10 years
- Security - 10 years
- Network Security - 10 years
- SIEM - 8 years
- Incident Response - 8 years
- Security Monitoring - 8 years
- Malware Analysis - 5 years
- Elastic - 5 years
Availability
Preferred Environment
Windows
The most amazing...
...thing I've done is to discover and analyze an APT attack and then rebuild the core infrastructure and start a security program for a large company.
Work Experience
Cyber Defense Security Architect
Euroclear
- Introduced the SOAR platform with associated playbooks that map to the company's incident response processes.
- Migrated the SIEM platform, including all log sources, use cases, and more.
- Provided assistance in various security incident and threat intelligence topics.
SIRT Team Member (Security Incident Response)
Contract at SIX Payments
- Assisted the SIRT team in refining and maturing their incident monitoring and response processes.
- Helped the QRadar project team determine which logs to collect, how to interpret them, and what use cases to build.
- Performed security big data analyses using the ELK stack.
- Handled incidents, which included prioritizing incidents, performing complex incident analysis, documenting findings, research, and so on.
Cybersecurity Technical Program Lead
Nokia
- Led and was responsible for IT security which included establishing various incident responses and processes.
- Served as the team lead on project teams handling various security projects.
- Advised on a range of cybersecurity issues and topics.
Security Architect
ADMB
- Managed and was responsible for the overall IT security plan.
- Defined the IT security roadmap as well as other accompanying tasks.
- Advised on the implementation of security in various IT projects.
CSIRT Specialist
Proximus
- Built out the security incident response team in terms of processes and technology.
- Managed different security incidents, from PR incidents to compromised devices that required forensic analysis.
- Implemented a SIEM solution for security monitoring.
- Performed threat analyses for new and emerging cases to evaluate how they could affect Proximus. This included forensic investigations where applicable, documentation of analysis findings, researching threat actors, and so on.
- Performed a technical analysis of new vulnerabilities.
- Liaised with third parties (other telecom operators, security actors, equipment vendors) to gather intelligence about emerging threats and vulnerabilities. Took appropriate actions with relevant teams to limit risk and exposure.
- Collected and generated statistical incident information and build reporting and regularly presented the reporting information to higher management.
- Initiated and participated in expert reviews with engineering and monitoring teams to improve the security architecture for critical environments, monitoring tools, security processes, cyber defense strategies, and so on.
Solution Engineer, Security
Belgacom (now Proximus)
- Consulted on infrastructure engineering for ArcSight SIEM infrastructure (logger, connectors, connector appliance, ESM Express 4.0).
- Provided content engineering for ArcSight SIEM and support in the monitoring and analysis of security incidents.
- Investigated, contained, and remediated major and minor security incidents.
- Created secure network designs and engineered the security infrastructure (Check Point, Juniper, Blue Coat) as well as advising about IT security on projects.
ICT Security Consultant
Ernst & Young (EY)
- Managed different short-term audit engagements to determine the general state of IT security.
- Ran an engagement to create a network segmentation strategy for a large Telco in Belgium.
- Performed an audit for the ISO27001 certification of a public organization based in Belgium.
- Developed security roadmaps to improve technical security within large organizations.
- Performed network security reviews for various smaller organizations in Belgium.
Experience
SIEM Implementation
Education
Master's Degree in Computer Science
University of Ghent - Ghent, Belgium
Bachelor's Degree in Informatics
University of Ghent - Ghent, Belgium
Certifications
Certified Information Systems Security Professional (CISSP)
The International Information System Security Certification Consortium | (ISC)²
GIAC Certified Intrusion Analyst (GCIA)
SANS Institute
Skills
Tools
Elastic, ELK (Elastic Stack), Kibana, Logstash, Splunk
Paradigms
DDoS, Security Orchestration, Automation, and Response (SOAR)
Platforms
Malware Information Sharing Platform (MISP), Windows, Cortex XSOAR
Industry Expertise
Telecommunications, Cybersecurity
Storage
Elasticsearch, Azure Active Directory
Languages
Python, Java, Bash
Other
Networks, Network Security, SIEM, Incident Response, Security, Security Monitoring, Digital Forensics, IT Security, Event Management, Information Security, Security Architecture, Firewalls, IDS/IPS, Threat Intelligence, Cyber Threat Hunting, SecOps, IT Infrastructure, Malware Analysis, Cloud Security, Data Analytics, Cyber Defense
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.
Start hiring