Experience
DevOps team member
Member of a DevOps team supporting the internal PKI for a major energy company. My duties included:
- Development of new features
- Deployment of new features
- Support for packaging of client software running on end-user devices
- 3rd line customer support
- Patching of application
- Operating an internal Microsoft CA (2-tier setup’s)
- Setting up monitoring and alerting
- Supporting other business contacts by answering inquiries about PKI
Implementing a solution based on SQL Server Extensible Key Management
Creating a solution to encrypt data in an Oracle Database and decrypt it in SQL Server via EKM. This involved
- Integrating SQL Server with a Thales Luna DPOD HSM
- Creating a reference implementation for the SQL Server encryption routine powering
ENCRYPTBYKEY()
- Writing custom tooling for loading keys into the HSM
Solution Support
Provided 3rd line support and implementation consulting for companies among the top 500 in the Netherlands.
Notable experience includes:
- Migrating from an on-premises AD FS + Web Application Proxy solution to Azure AD
- Troubleshooting compatibility issues with the CyberArk HTML5 gateway and the Azure AD Application Proxy
- Maintaining an availability monitoring solution
Product Experience
- Cryptography and PKI
- Products:
- Nexus Smart ID
- AD CS
- Cryptovision
- Nexus Certificate Manager
- Thales Luna Network HSM
- Thales DPOD (Cloud HSM)
- EKM for Microsoft SQL Server (HSM integration for SQL Server Cryptography features)
Technologies:
- PKCS#11 Software Development
- Microsoft Virtual Smartcard
- Single sign-on
- Products:
- Azure AD
- Single sign-on
- Azure AD Application Proxy
- AD FS
- Okta
- ForgeRock OpenAM
- Entrust IdentityGuard
- SafeNet MobilePASS MFA
- Keycloak
Technologies:
- SAML
- OpenID Connect
- Radius
- Azure AD
- Privileged Account Management
- Provided 3rd line support for for companies among the top 500 in the Netherlands.
- CyberArk Core PAS
- CyberArk HTML5 Gateway
- Programming Languages
- Python: I am quite comfortable using python for:
- small tools
- scripts
- micro-services
Java: I have limited experience with actual projects. I can however decompile, spot-patch and re-compile if required.
C: Solid understanding with limited experience from my bachelor’s degree
NodeJS: I can create basic web applications in NodeJS with express.js
- Infrastructure Technologies
- Apache Tomcat
- Apache HTTPD
- Nginx
- Docker
- Docker Compose
- Traefik
- Let’s Encrypt / ACME
- Other Tools
- Other tools I have used in my endeavours:
- Burp Suite
- Fiddler
- Wireshark
- tcpdump
- Splunk
- Keystore Explorer
Certifications
- Keyfactor
- Command Core Certified Professional (October 2023 - October 2025)
- Thales
- Luna HSM Certified Engineer (January 2022 - January 2024)
- Microsoft
- Azure Fundamentals (January 2023)
Azure Security Engineer (???)
- Okta
- Certified Professional (2019-2020)
Certified Administrator (2020 - 2021)
- Utimaco
- Certified Engineer - CryptoServer HSMs
(March 2019)
- CyberArk
Trustee (November 2018)
Defender (February 2019)
Sentry (September 2020)
Education
- 2014-2018
- BSc, Computer Science; University of Applied Sciences Utrecht
Minor: Smart Devices and Apps
Languages
- Dutch (native speaker)
- English (near-native speaker)
- German (some proficiency)