Areas of expertise
ISO 27001
NIS2 Compliance
GDPR
Governance, Risk & Compliance
Penetration Testing
Vulnerability Management
Microsoft Azure
Microsoft Sentinel / SIEM
Microsoft Defender / XDR
IAM & PAM
Incident Response
NIST CSF
CIS Benchmarks
AWS & GCP
DevOps & IaC
Microsoft Copilot Adoption
Supply Chain Security
Credentials
CISM
Certified Information Security Manager · ISACA
CompTIA Security+
CompTIA
Microsoft Certified Professional
MCP · Microsoft
Microsoft Cloud
Microsoft
BSc (Hons) Computer Science
Undergraduate degree
Kepner-Tregoe Project Management
Kepner-Tregoe
Career history
2021 – 2026
Information Security Officer & IT Infrastructure Manager
Independent Consultant — Clients: ING, ReBound, Rainforest Alliance, Imperial London Hotels, ITSS
Built three ISO 27001 ISMS programmes from scratch and led all through certification. Delivered NIS2, DORA, EU AI Act, GDPR, and UK DPA compliance programmes. Led Microsoft Copilot adoption across multiple client organisations. Automated 75% of operational tasks across client environments.
2018 – 2021
IT Security Officer & IT Infrastructure Manager
PPHE Hotel Group — Park Plaza, Art'otel, Arena Hotels, Radisson
Led security and infrastructure across 14 hotels and 3 offices covering ~5,000 users and 50,000+ devices. Negotiated over €2M in CAPEX/OPEX savings. Cut end-user device vulnerabilities by more than 50% via Microsoft Defender and XDR.
2013 – 2018
Microsoft Technical Lead
IPsoft
Managed 400+ Windows servers across a 24/7 global operation. Ranked top 1% for productivity with 100% customer satisfaction. When he moved to a new internal role, IPsoft assigned three people to cover the work.
2011 – 2013
Microsoft Technical Support Engineer
Microsoft
Enterprise-level technical support for Microsoft products across international customer accounts. Ranked top 1% for customer feedback and customer satisfaction.
2007 – 2009
Windows Team Lead
Van der Moolen
IT leadership within a regulated trading environment on the Amsterdam Stock Exchange and London Stock Exchange.
2003 – 2007
Security & Microsoft Consultant
Independent Consultant — Clients: NHS, HSBC, Sony, Toshiba, McAfee, Radisson
Delivered security and infrastructure projects across healthcare, financial services, technology, and hospitality sectors.
Published on Cyvra Insights
Compliance
ISO 27001: Certification and Implementation Guide
Read article →
Compliance
NIS2 Enforcement: What Regulators Check and What Happens If You're Not Ready
Read article →
Compliance
NIS2 Cybersecurity Readiness: The 10 Security Controls Your Organisation Needs
Read article →
Compliance
GDPR Compliance for Businesses in the EU: What You Actually Need to Have in Place
Read article →
Compliance · AI
EU AI Act: The August 2026 High-Risk AI Compliance Deadline
Read article →
AI · Microsoft
Microsoft Copilot Implementation: A Security-First Deployment Guide
Read article →
Cybersecurity
What Is Penetration Testing and When Does Your Business Need One
Read article →
Cybersecurity
MFA: Why One Extra Step Prevents Most Breaches
Read article →
Cybersecurity
Beyond the Password: How Attackers Bypass MFA and How to Stop Them
Read article →
Cybersecurity
Ransomware: What to Do Before, During and After an Attack
Read article →
Cybersecurity · AI
Shadow AI: The Data Leak Hiding in Your Organisation's Everyday Tools
Read article →
Cybersecurity
Machine Identity Security: Why Certificates and Keys Are Your Next Big Attack Surface
Read article →
Cybersecurity · Hospitality
The Cybersecurity Risks Hotels Need to Address, and Usually Don't
Read article →
IT Infrastructure
Windows 10 End of Life: What Your Business Needs to Do Now
Read article →