Security Consultant

Work Experience

• OmegaSoft (Omega Pharma) 2002 – 2004
Project ‘Medsecure’
As most of OmegaSoft’s clients were rather computer illiterate, yet rely heavily on their IT infrastructure, OmegaSoft wanted to provide a number of security services, especially around antivirus solutions. Just selling the client an antivirus product was not enough: we wanted to really provide a full service, in which we could reasonably assure the client that his system was well protected.
This was achieved by creating our own updating and monitoring infrastructure (both on client and server side), so that we had a permanent view of each client: this way, we could proactively correct problems even before the client realised there is a problem.

Project ‘VPN’
As OmegaSoft grew from the consolidation of different smaller companies, operations were spread over 3 geographical sites in Belgium. Moreover, more recent expansions led to new sites being started abroad (e.g. Paris). As collaboration between the sites got stronger, the need for a VPN between the sites arose. At the same time, some employees needed to access company servers from home easily and securely.
While proper security was obviously required, the ease of management was also very important. At OmegaSoft, IT management was not a full-time job but was handled as an extra task by other employees, who were therefore less specialised in this matter. This was kept in mind when choosing the technology and software for implementing this project.
Project ‘dotPharma’
dotPharma was a new software platform for the Belgian pharmacy market. With it, OmegaSoft aimed to consolidate its fragmented market (7 active software packages, some of which still in DOS).
Apart from reducing maintenance and support efforts, we explicitly aimed to create software whose qualities were intrinsic, i.e. quality by design. This was applied right from the start: the whole development process was performed according to the Unified Process, requiring us to identify and mitigate risks very early on. This was a very new way of developing software within OmegaSoft: former software packages were developed by small groups of developers, in a rather ad-hoc (and often time-squeezed) way.
Moreover, it was the first project within the group which was executed by developers from both the Spy and Kruibeke site. Not only did these people speak different languages, their behaviour and corporate culture often vastly differed. Needless to say, this added challenging management and communication aspects to the job.

• Superware bvba
General manager 2000 – 2003
Co-owner, software developer 1996 – 2000
Superware started as a dentist (my father) writing his own dental software, but steadily grew and evolved into the absolute leader in dental ICT on the Belgian market (over 50% market share). I took care of multiple tasks in this company: strategic decision-making, day-to-day management, research, software development (I wrote the Windows version of the software), support, sales, marketing…
In 2000, Omega Pharma became interested in acquiring Superware as part of its dental division, and a deal was reached. I continued to lead the dental software business unit until its fusion with the other software divisions was complete (early 2003).

• Hewlett-Packard Labs, Bristol 1997 – 1999
Researcher on IT systems security
The Security Group at HP Labs does research into various principles and technologies for usage by HP’s product divisions. At the time, much of the research was focused on the usage on secure devices, like the smart card, in order to get strong security which remains easy to use and to manage.
The largest project I’ve worked on aimed to provide secure printing, in which documents are sent encrypted to a printer; only after the user decrypts the document with his/her smart card can it be printed.
Another project on which I worked was the Trusted Computing initiative, which has since then been opened to the rest of the industry and is now known as the Palladium project.
I have filed patent applications for both the secure printing as the trusted computing initiative.
As the local expert in smart cards, I also represented HP in the PC/SC consortium, in which the PC standards for using smart cards were discussed by the main players in the industry (Microsoft, Siemens, Schlumberger, HP, Toshiba, GemPlus…).


• 2008: Certified Information Systems Security Professional (CISSP) since 18-02-2008
• 2003: Management training, Penta Management
• 2002: Management training, Krauthammer International
• 1995-1996: MSc in Information Security, Royal Holloway, University of London (distinction)
Project title: "Secure Web Transactions using Smart Cards"
• 1989-1995: Electronics engineer, option computer science, University of Ghent (distinction)
Thesis title: "Analysis and implementation of a network monitor/analyser"


• Great fluency with computers in general, including very fast learning of new items; strong analytical mindset
• Operating systems: Linux, HP-UX, Solaris, SunOS, all Dos&Windows flavours, PalmOS…
• Network protocols: link-level (e.g. Ethernet), TCP/IP and related protocols, including IPv6
• The OSI model
• Cryptography algorithms: symmetric, asymmetric, hashing…
• Secure communication protocols: SSL, IPSec…
• Security tools& infrastructures: firewalls, IDS…
• Strong authentication, smart cards
• Key management, Certificates, PKI, Kerberos
• Security models: Bell-LaPadula, Biba, Clark-Wilson…
• Security policies
• Languages: C, C++, C#, Pascal, Delphi, Basic, Java, perl, awk, php, x86 asm…
• Microsoft .net framework
• Windows Active Directory, Microsoft Exchange
• All kinds of software packages (e.g. Office, Autocad…)
• Unified Process, UML


• Dutch: native language
• French: native language
• English: excellent
• German: basic knowledge
• Italian: basic knowledge


