Personal Profile
I bring a wealth of experience in IT and cybersecurity, backed by a robust network of technology partners and a commitment to continuous learning through courses and certifications. Over the last decade, I’ve had the privilege of working extensively within the medical and life sciences sectors. These highly regulated industries, governed by standards such as ISO and ITIL, have provided me with deep insights into compliance and operational excellence.
Currently, I offer the following core services:
CISO as a Service: As a CISO (Chief Information Security Officer), I work closely with your company to design and implement a comprehensive information security landscape. Whether your focus is on ISO 27000 compliance or creating a secure IT environment, I’ll collaborate with your CIO and IT teams to identify and address vulnerabilities, integrate essential security measures, and train your staff on cybersecurity and privacy regulations. My expertise in ethical hacking ensures that your organization stays one step ahead of potential threats.
DPO as a Service: As a Data Protection Officer (DPO), I help your company maintain GDPR compliance. This includes managing data subject registries, conducting risk and data impact assessments, and ensuring all necessary data processing agreements are in place with your partners. My strengths in this area lie in automating compliance processes and maintaining clear, transparent communication with data subjects.
Infrastructure Management: As an Infrastructure Manager, I can oversee the design and implementation of IT environments, whether local or cloud-based. I lead teams in driving these projects forward while ensuring alignment with ITIL best practices for change management. My broad expertise also covers maintaining existing infrastructures and implementing data governance and security projects. My strength here is having a holistic understanding of the field, which allows me to adapt to a wide range of technologies and environments.
I can combine any of the above roles to meet your specific project requirements. Together, we’ll outline the scope and budget in line with your business goals.
In all roles, I bring a strong foundation in project and change management, the creation of clear, actionable policies, and effective communication with senior management. My day rate is flexible and varies depending on the responsibilities and scope of the role I’ll be fulfilling within your organization.
Availability
My availability depends on the length and commitments of current projects or contracts. For the most accurate and up-to-date information, feel free to reach out directly.
If you’re interested in learning more about my background, certifications, and areas of expertise, please continue scrolling to review my full profile.
For any inquiries about my services, don’t hesitate to contact me via email at thomas@deitconsultant.be or reach me on my cellphone.
Work Experience
2018 - Present
CISO - Chief Information Security Officer and DPO - Data Protection Officer
De IT Consultant
My main projects at the moment involve providing CISO and DPO consultancy services for the clinical sector and life science sector. In these roles, I lead the implementation of ISO 27000 standards and ensure full GDPR compliance, including NIS and NIS2. Additionally, I conduct thorough risk assessments and collaborate closely with the IT team to enhance the security of their systems and infrastructure.
In addition to these responsibilities, I help Infrastructure Managers in the design and architecture of secure IT environments, both on-premises and cloud-based. I also manage projects using the Agile framework, guiding teams through implementation processes while ensuring flexibility and efficiency. My focus is on delivering seamless, secure infrastructures while managing the necessary changes and ensuring long-term stability.
My main knowledge focus over the last years is security, data privacy regulations, information security and ISO27000 complaince.
- Implement a full ISMS
- Implement and maintain an CMDB.
- Risk Assessments on information assets.
- Control and security reviews
- GDPR Data Processor Agreements
- GDPR Subject registries
- GDPR Data Impact Analysis
- GAMP Software validation against GAMP5
- Knowledge support for technical security implementations
- Agile Project Management
Januari 2008 - Present
Hosting Provider
De IT Consultant
I provide and administrate Linux webhosting and VPS hosting in a own Datacenter, Microsoft Azure or Amazon AWS. This consists of but is not limited to:
- Installation, configuration, and maintenance of Linux and Windows Servers.
- Configuration and maintenance of webhosting.
- Providing web applications.
May 2019 - Present
3D Design and Printing
De IT Consultant
I provide 3D design and modeling for models, molds, prototyping and machincal parts. This consists of but is not limited to:
- Design of models in Fusion360
- 3D printing of models in multiple materials on Ulitmaker professional machines
- Post processing of 3D models
Past Experience
2018 - Present
CISO, DPO and Infrastructure Manager as a Service
Various customers
November 2015 - 2018
System and network engineer & CISO
Cerba Healthcare Belgium and BARC, Full-Time
December 2014 - november 2015
IT Consultant - System and network engineer
EDAN - Cegeka Group, Full-Time
September 2009 - november 2014
IT Consultant / administrator
SPHINX-IT, Full-Time
APRIL 2008 - SEPTEMBER 2009
IT Technician
Corilus - Arseus Group, Full-Time
Technical Skills
Information Security
Advanced, 6 Years
Specialized in ISO 27000 and NIST
- Determining full project
- Defining scope
- Creating ISMS
- CMDB and Risk Assessments
- SOA and RSTP statements creation
- Implementation of technical mitigations against found vulnerabilities
Data Privacy
Advanced, 6 Years
Specialized in international data privacy regulations
- GDPR, Popi Act and Japanese privacy laws
- Audit and RACI matrix creation
- Defining subject registries with processing legality
- Data Impact Assessments
- Data processing agreements and Standard Contractual Clauses for international data transfer
- Breach investigation and data subject requests handling.
Windows Server
Expert, 16 Years
Specialized in Windows Server and the following server applications:
- Starting from Windows Server NT to Windows Server 2016
- Active Directory, DNS and Group Policy management
- File and Print Server, DFS
- WSUS
- Microsoft Exchange 2003 - 2016
- Microsoft SQL 2005 - 2017
- Microsoft SharePoint 2010 - 2016
Applications
Expert, 16 Years
Specialized or knowledge with the following applications:
- Microsoft Dynamics NAV 4.0 - 2015.
- Deployment tools like WDS, Kace 2000, Puppet
- Microsoft Office 365 and Office applications 95 to 2016
- Monitoring with Nagios, Zabbix and Kaseya Traverse
- Disaster recovery with Acronis Advanced Backup, Backup Exec and Veeam B&R
- Virtual and containerization with
- VMware vSphere 4 - 6.5
- Docker
- HyperV 2008R2 - 2016
- Microsoft App-V
Linux Server
Advanced, 13 Years
Specialized in Linux Server editions and the following server applications
- Distro's: Debian, Ubuntu, CentOS and RHEL
- Bind
- Apache & Nginx
- MySQL
Cloud environments
Advanced, 7 Years
Specialized in the following Cloud environments and its services
- Microsoft Azure
- Amazon AWS
- Rackspace
- Hetzner
Network
Advanced, 13 Year
Technical and hands-on knowledge of the following products.
- DHCP
- IP subnetting, routing
- IPsec, SSL and OpenVPN tunnels
- MPLS lines
- SonicWall TZ and NSA series
- Cisco Catalyst & Nexus
- HP Procurve
- Zyxel USG series
Ethical Hacking
Medior to Advanced, 7 Years
Technical and hands-on knowledge of the following products.
- Metasploit
- Nmap, Nessus, OpenVAS and Qualis
- CVE hunting and information gathering
- Social engineering
- Email phishing
- End user awareness training
Languages
Advanced to Mediocre
I understand the following writen and spoken languages.
- Dutch - Native.
- English - Very good.
- French - notes.
I understand the following computer and scripting languages.
- Bash - Good.
- Powershell - Mediocore.
- HTML & PHP - basic.
- Javascript - basic.
- Yaml, Json & Jsonata - basic.
- TSQL - basic.
- .net - notes.
- python - notes.