Michael De Bruin

Experience

• 

  KPN Datacenter

  Sept 2000 - Aug 2002

  Network Engineer

  In my role I performed all regular operations duties which included:- Preparing and upgrading FW-1 4.0 to 4.1 (25 firewalls)- Install and configure several Linux servers used internally- Manage and maintain the intranet- Manage the NT domainI have also been responsible for initiating and coaching a firewall expertise group, which primary goal was to secure and extend all firewall expertise within the department. This group is now the core of all firewall knowledge.

• 

  Atos Origin

  Sept 2002 - Feb 2004

  Infrastructure Engineer

  My role consisted of network (mainly Cisco), firewall (Firewall-1, Cisco PIX) and VPN (based on IPSec) related projects. Some of them included:- Designing and implementing a management environment for an existing VPN infrastructure based on Cisco PIX firewalls. This was done using only open source tools (FreeBSD, MRTG, Nagios, Smokeping and Apache) and programming languages (PHP, Expect). Several aspects of the FCAPS model were implemented this way. - Installing, configuring and managing several FreeBSD servers needed for management. These served as VPN endpoint, web- and syslog server. - Implementing a centralized syslog server for all Cisco products under management- Migrating a Sun-based firewall-1 4.0 solution to a Windows 2000 based Firewall-1 NG FP3 - Designing a firewall- and proxysolution based on Microsoft ISA server, taking into account the Microsoft centric customer environment. Next to this, I performed any operational duties including managing the existing network equipment (mainly Cisco and 3Com), firewalls (Cisco PIX and Firewall-1) and FreeBSD management servers. Show less

• 

  Unisys

  Mar 2004 - Jan 2008

  Security Analyst

  My duty has been twofold. In the role of client security analyst (CSA) I: - have a leading role towards clients. I am the primary interface between the operations department and the customer for everything technical. I am also responsible for all communication on technical aspects of the service offering- advise clients on their situation based on trends and signals in security. Most important aspect in this is translating the signaled problems into a solution fit for their needs- steer the development of tooling used for correlation as well as monitor the security service to keep the match between offering and customer needs- Making the cultural translation given the international aspect of the work, with customers worldwideSecond, in the role of 3rd level security analyst I: - support the 2nd level analysts in performing any and all of their operational work, functioning as a technical escalation point. Mainly consisted of:o Supporting in complex changes on the managed customer infrastructureo Solving incidents on (components of) the managed infrastructure of clientso Managing projects leading to improvements on customer infrastructure (upgrades, additions)- Components that fall under the managed infrastructure include:o Checkpoint Firewall-1/VPN-1/Provider-1 (NG AI & NGX)o Cisco PIXo Bluecoat (including Reporter tooling)o ISS Proventia / Siteprotectoro TrendMicro IMSS/IWSSo Messagelabso McAfee Intrushieldo Foundstone- managed several (mostly Debian Linux and Solaris) systems used in the customer management environment- implemented projects for new and existing customers. These include:o New SIEM services. I am mostly involved in the technical details of the implementation and tuning the eventstream using Arcsight. This also includes the transition of new services to operations. o New firewall and VPN solutions based on Firewall-1 and/or Cisco PIX Show less

• 

  Schuberg Philis

  Feb 2008 - now

  Mission Critical Engineer

  My primary role is *NIX engineer. However, given the nature of our work a broad skillset is required with the most important skill being adaptability and always be willing to learn. This means I've worked with quite a number of technologies in my time at Schuberg Philis. This started out with learning about virtualization technologies by VMware (VCP certified), adopting a mindset for true automation using Chef, finding out about log search through Splunk (Certified Architect), trying to keep a focus on security as security lead in my customer teams and in the last couple of years moving towards a serverless architecture using AWS (SA Pro certified). And to be honest, this is very likely outdated by the time you are reading it because a client need required me to adopt yet another technology. That's what makes it challenging, and what keeps it interesting! Show less