Experience

DevOps team member

Member of a DevOps team supporting the internal PKI for a major energy company. My duties included:

  • Development of new features
  • Deployment of new features
  • Support for packaging of client software running on end-user devices
  • 3rd line customer support
  • Patching of application
  • Operating an internal Microsoft CA (2-tier setup’s)
  • Setting up monitoring and alerting
  • Supporting other business contacts by answering inquiries about PKI

Implementing a solution based on SQL Server Extensible Key Management

Creating a solution to encrypt data in an Oracle Database and decrypt it in SQL Server via EKM. This involved

  • Integrating SQL Server with a Thales Luna DPOD HSM
  • Creating a reference implementation for the SQL Server encryption routine powering ENCRYPTBYKEY()
  • Writing custom tooling for loading keys into the HSM

Solution Support

Provided 3rd line support and implementation consulting for companies among the top 500 in the Netherlands.

Notable experience includes:

  • Migrating from an on-premises AD FS + Web Application Proxy solution to Azure AD
  • Troubleshooting compatibility issues with the CyberArk HTML5 gateway and the Azure AD Application Proxy
  • Maintaining an availability monitoring solution

Product Experience

Cryptography and PKI
Products:
  • Nexus Smart ID
  • AD CS
  • Cryptovision
  • Nexus Certificate Manager
  • Thales Luna Network HSM
  • Thales DPOD (Cloud HSM)
  • EKM for Microsoft SQL Server (HSM integration for SQL Server Cryptography features)

Technologies:

  • PKCS#11 Software Development
  • Microsoft Virtual Smartcard
Single sign-on
Products:
  • Azure AD
    • Single sign-on
    • Azure AD Application Proxy
  • AD FS
  • Okta
  • ForgeRock OpenAM
  • Entrust IdentityGuard
  • SafeNet MobilePASS MFA
  • Keycloak

Technologies:

  • SAML
  • OpenID Connect
  • Radius
Privileged Account Management
Provided 3rd line support for for companies among the top 500 in the Netherlands.
  • CyberArk Core PAS
  • CyberArk HTML5 Gateway
Programming Languages
Python: I am quite comfortable using python for:
  • small tools
  • scripts
  • micro-services

Java: I have limited experience with actual projects. I can however decompile, spot-patch and re-compile if required.

C: Solid understanding with limited experience from my bachelor’s degree

NodeJS: I can create basic web applications in NodeJS with express.js

Infrastructure Technologies
  • Apache Tomcat
  • Apache HTTPD
  • Nginx
  • Docker
  • Docker Compose
  • Traefik
  • Let’s Encrypt / ACME
Other Tools
Other tools I have used in my endeavours:
  • Burp Suite
  • Fiddler
  • Wireshark
  • tcpdump
  • Splunk
  • Keystore Explorer

Certifications

Keyfactor
Command Core Certified Professional (October 2023 - October 2025)
Thales
Luna HSM Certified Engineer (January 2022 - January 2024)
Microsoft
Azure Fundamentals (January 2023)

Azure Security Engineer (???)

Okta
Certified Professional (2019-2020)

Certified Administrator (2020 - 2021)

Utimaco
Certified Engineer - CryptoServer HSMs

(March 2019)

CyberArk
  • Trustee (November 2018)

  • Defender (February 2019)

  • Sentry (September 2020)

Education

2014-2018
BSc, Computer Science; University of Applied Sciences Utrecht

Minor: Smart Devices and Apps

Languages

  • Dutch (native speaker)
  • English (near-native speaker)
  • German (some proficiency)