Lars van Zijl
Cyber Security Consultant at Lemonshark Cyber Security- Claim this Profile
Click to upgrade to our gold package
for the full feature experience.
-
English Full professional proficiency
-
Dutch Native or bilingual proficiency
Topline Score
Bio
Credentials
-
The Open Group Certified: Open FAIR™ Foundation
The Open GroupDec, 2022- Oct, 2024 -
Certified Information Security Manager® (CISM)
ISACAOct, 2022- Oct, 2024 -
Certified in Risk and Information Systems Control™ (CRISC)
ISACAJun, 2022- Oct, 2024 -
Certified Practitioner ISO27001:2013
Security AcademyMar, 2016- Oct, 2024
Experience
-
Lemonshark Cyber Security
-
Netherlands
-
IT Services and IT Consulting
-
1 - 100 Employee
-
Cyber Security Consultant
-
Sep 2021 - Present
In my role as Cyber Security Consultant with Lemonshark I consult clients on an ad interim or project basis. The cyber security themes in which I support these clients are governance, risk and compliance oriented. With Lemonshark I did projects for: Gemeente Almere, Kennis and UWV. In my role as Cyber Security Consultant with Lemonshark I consult clients on an ad interim or project basis. The cyber security themes in which I support these clients are governance, risk and compliance oriented. With Lemonshark I did projects for: Gemeente Almere, Kennis and UWV.
-
-
-
UWV
-
Netherlands
-
Government Administration
-
700 & Above Employee
-
Cyber Security Consultant (Via Lemonshark)
-
Apr 2022 - Present
For UWV I implemented Vulnerability Management by developing tactical and operational policies, designing a Vulnerability Management process, selecting and implementing appropriate tooling, altering contracts with service providers and training employees and cyber security staff. For UWV I implemented Vulnerability Management by developing tactical and operational policies, designing a Vulnerability Management process, selecting and implementing appropriate tooling, altering contracts with service providers and training employees and cyber security staff.
-
-
-
Kennisnet
-
Netherlands
-
Education Administration Programs
-
100 - 200 Employee
-
Cyber Security Consultant (Via Lemonshark)
-
Jan 2022 - Mar 2022
For Kennisnet I designed a sectoral Computer Emergency Respones Team (CERT) for the educational sector. In this design I outline the strategic, tactical and operational components that make up a CERT. The defined and described components feature both cyber security topics as well as organisational choices. For Kennisnet I designed a sectoral Computer Emergency Respones Team (CERT) for the educational sector. In this design I outline the strategic, tactical and operational components that make up a CERT. The defined and described components feature both cyber security topics as well as organisational choices.
-
-
-
Gemeente Almere
-
Government Administration
-
700 & Above Employee
-
Cyber Security Consultant (Via Lemonshark)
-
Oct 2021 - Dec 2021
For a Dutch municipality I developed a multi-year security awareness plan. In this plan I described the activities that need to be carried out by the municipality to increase and maintain the security awareness of the employees. In addition to the specific activities, I also outline a governance structure for carrying out the security awareness plan and several key success indicators that would determine whether the execution of the plan has yielded the desired results. For a Dutch municipality I developed a multi-year security awareness plan. In this plan I described the activities that need to be carried out by the municipality to increase and maintain the security awareness of the employees. In addition to the specific activities, I also outline a governance structure for carrying out the security awareness plan and several key success indicators that would determine whether the execution of the plan has yielded the desired results.
-
-
-
-
Cyber Security Consultant
-
Jan 2020 - Aug 2021
With Marsh I was responsible for quantitative and qualitative cyber risk assessments, to support the clients’ new or renewed cyber insurance. In addition, I also carried out maturity assessments and business continuity management projects (focused on IT Disaster Recovery). I carried out these risk assessments and projects for clients in Continental Europe. For clients in The Netherlands I was the project lead. With Marsh I was responsible for quantitative and qualitative cyber risk assessments, to support the clients’ new or renewed cyber insurance. In addition, I also carried out maturity assessments and business continuity management projects (focused on IT Disaster Recovery). I carried out these risk assessments and projects for clients in Continental Europe. For clients in The Netherlands I was the project lead.
-
-
-
Z-CERT
-
Netherlands
-
Computer and Network Security
-
1 - 100 Employee
-
Information Security Officer
-
Jul 2018 - Sep 2018
During my time with Z-CERT I updated and expanded operational procedures for accepting, registering and acting on security events and incidents. For the CISO of Z-CERT I wrote several tactical cyber security policies in support of Z-CERT’s pursuit of an ISO 27001 certification. Z-CERT is ISO 27001 certified now. During my time with Z-CERT I updated and expanded operational procedures for accepting, registering and acting on security events and incidents. For the CISO of Z-CERT I wrote several tactical cyber security policies in support of Z-CERT’s pursuit of an ISO 27001 certification. Z-CERT is ISO 27001 certified now.
-
-
-
-
Information Security Consultant
-
Jan 2018 - Sep 2018
For a debt collection agency I wrote an accessible information security policy based on the ISO 27001. The key theme in this policy was the governance structure for outsourcing of the operational responsibilities to an IT service provider and managing the accountability as organisation. For a debt collection agency I wrote an accessible information security policy based on the ISO 27001. The key theme in this policy was the governance structure for outsourcing of the operational responsibilities to an IT service provider and managing the accountability as organisation.
-
-
-
Cyber Security Raad
-
Netherlands
-
Government Relations Services
-
1 - 100 Employee
-
Policy Officer
-
Nov 2017 - Apr 2018
The Cyber Security Council is an official advisory group to the government and organisations through the government. With the Cyber Security Council I was tasked with researching the cyber security risks surrounding the use of Internet-of-Things appliances (eHealth) within academic hospitals in The Netherlands. I developed a risk landscape based on interviews with key stakeholders from the public and private sector and made strategic recommendations by drawing parallels between the healthcare sector and banking sector. I was invited to present my findings to the Ministry of Health, Wellbeing and Sport. Show less
-
-
-
ABN AMRO Bank N.V.
-
Netherlands
-
Banking
-
700 & Above Employee
-
Information Security Officer
-
Nov 2016 - Aug 2017
Within this role I re-implemented two information security processes within the ISMS that had become ineffective, resulting in non-compliance. I re-aligned the processes with the corporate information security policy and changed the tactical policies to reflect the re-aligned processes. In addition, I reviewed the Business Impact Analyses, collected the changes and updated the Business Continuity Plan to reflect the changes in the organisation. Within this role I re-implemented two information security processes within the ISMS that had become ineffective, resulting in non-compliance. I re-aligned the processes with the corporate information security policy and changed the tactical policies to reflect the re-aligned processes. In addition, I reviewed the Business Impact Analyses, collected the changes and updated the Business Continuity Plan to reflect the changes in the organisation.
-
-
Education
-
Royal Holloway, University of London
MSc Information Security, Information security management -
De Haagse Hogeschool / The Hague University of Applied Sciences
Bachelor of Applied Science (B.A.Sc.), Information Security Management