Lars van Zijl

Cyber Security Consultant at Lemonshark Cyber Security
  • Claim this Profile
Contact Information
us****@****om
(386) 825-5501
Location
Amsterdam, North Holland, Netherlands, NL
Languages
  • English Full professional proficiency
  • Dutch Native or bilingual proficiency

Topline Score

Topline score feature will be out soon.

Bio

Generated by
Topline AI

You need to have a working account to view this content.
Join now
You need to have a working account to view this content.
Join now

Credentials

  • The Open Group Certified: Open FAIR™ Foundation
    The Open Group
    Dec, 2022
    - Oct, 2024
  • Certified Information Security Manager® (CISM)
    ISACA
    Oct, 2022
    - Oct, 2024
  • Certified in Risk and Information Systems Control™ (CRISC)
    ISACA
    Jun, 2022
    - Oct, 2024
  • Certified Practitioner ISO27001:2013
    Security Academy
    Mar, 2016
    - Oct, 2024

Experience

  • Lemonshark Cyber Security
    • Netherlands
    • IT Services and IT Consulting
    • 1 - 100 Employee
    • Cyber Security Consultant
      • Sep 2021 - Present

      In my role as Cyber Security Consultant with Lemonshark I consult clients on an ad interim or project basis. The cyber security themes in which I support these clients are governance, risk and compliance oriented. With Lemonshark I did projects for: Gemeente Almere, Kennis and UWV. In my role as Cyber Security Consultant with Lemonshark I consult clients on an ad interim or project basis. The cyber security themes in which I support these clients are governance, risk and compliance oriented. With Lemonshark I did projects for: Gemeente Almere, Kennis and UWV.

  • UWV
    • Netherlands
    • Government Administration
    • 700 & Above Employee
    • Cyber Security Consultant (Via Lemonshark)
      • Apr 2022 - Present

      For UWV I implemented Vulnerability Management by developing tactical and operational policies, designing a Vulnerability Management process, selecting and implementing appropriate tooling, altering contracts with service providers and training employees and cyber security staff. For UWV I implemented Vulnerability Management by developing tactical and operational policies, designing a Vulnerability Management process, selecting and implementing appropriate tooling, altering contracts with service providers and training employees and cyber security staff.

  • Kennisnet
    • Netherlands
    • Education Administration Programs
    • 100 - 200 Employee
    • Cyber Security Consultant (Via Lemonshark)
      • Jan 2022 - Mar 2022

      For Kennisnet I designed a sectoral Computer Emergency Respones Team (CERT) for the educational sector. In this design I outline the strategic, tactical and operational components that make up a CERT. The defined and described components feature both cyber security topics as well as organisational choices. For Kennisnet I designed a sectoral Computer Emergency Respones Team (CERT) for the educational sector. In this design I outline the strategic, tactical and operational components that make up a CERT. The defined and described components feature both cyber security topics as well as organisational choices.

  • Gemeente Almere
    • Government Administration
    • 700 & Above Employee
    • Cyber Security Consultant (Via Lemonshark)
      • Oct 2021 - Dec 2021

      For a Dutch municipality I developed a multi-year security awareness plan. In this plan I described the activities that need to be carried out by the municipality to increase and maintain the security awareness of the employees. In addition to the specific activities, I also outline a governance structure for carrying out the security awareness plan and several key success indicators that would determine whether the execution of the plan has yielded the desired results. For a Dutch municipality I developed a multi-year security awareness plan. In this plan I described the activities that need to be carried out by the municipality to increase and maintain the security awareness of the employees. In addition to the specific activities, I also outline a governance structure for carrying out the security awareness plan and several key success indicators that would determine whether the execution of the plan has yielded the desired results.

  • Marsh Nederland
    • Cyber Security Consultant
      • Jan 2020 - Aug 2021

      With Marsh I was responsible for quantitative and qualitative cyber risk assessments, to support the clients’ new or renewed cyber insurance. In addition, I also carried out maturity assessments and business continuity management projects (focused on IT Disaster Recovery). I carried out these risk assessments and projects for clients in Continental Europe. For clients in The Netherlands I was the project lead. With Marsh I was responsible for quantitative and qualitative cyber risk assessments, to support the clients’ new or renewed cyber insurance. In addition, I also carried out maturity assessments and business continuity management projects (focused on IT Disaster Recovery). I carried out these risk assessments and projects for clients in Continental Europe. For clients in The Netherlands I was the project lead.

  • Z-CERT
    • Netherlands
    • Computer and Network Security
    • 1 - 100 Employee
    • Information Security Officer
      • Jul 2018 - Sep 2018

      During my time with Z-CERT I updated and expanded operational procedures for accepting, registering and acting on security events and incidents. For the CISO of Z-CERT I wrote several tactical cyber security policies in support of Z-CERT’s pursuit of an ISO 27001 certification. Z-CERT is ISO 27001 certified now. During my time with Z-CERT I updated and expanded operational procedures for accepting, registering and acting on security events and incidents. For the CISO of Z-CERT I wrote several tactical cyber security policies in support of Z-CERT’s pursuit of an ISO 27001 certification. Z-CERT is ISO 27001 certified now.

  • Access42-NL
    • Information Security Consultant
      • Jan 2018 - Sep 2018

      For a debt collection agency I wrote an accessible information security policy based on the ISO 27001. The key theme in this policy was the governance structure for outsourcing of the operational responsibilities to an IT service provider and managing the accountability as organisation. For a debt collection agency I wrote an accessible information security policy based on the ISO 27001. The key theme in this policy was the governance structure for outsourcing of the operational responsibilities to an IT service provider and managing the accountability as organisation.

  • Cyber Security Raad
    • Netherlands
    • Government Relations Services
    • 1 - 100 Employee
    • Policy Officer
      • Nov 2017 - Apr 2018

      The Cyber Security Council is an official advisory group to the government and organisations through the government. With the Cyber Security Council I was tasked with researching the cyber security risks surrounding the use of Internet-of-Things appliances (eHealth) within academic hospitals in The Netherlands. I developed a risk landscape based on interviews with key stakeholders from the public and private sector and made strategic recommendations by drawing parallels between the healthcare sector and banking sector. I was invited to present my findings to the Ministry of Health, Wellbeing and Sport. Show less

  • ABN AMRO Bank N.V.
    • Netherlands
    • Banking
    • 700 & Above Employee
    • Information Security Officer
      • Nov 2016 - Aug 2017

      Within this role I re-implemented two information security processes within the ISMS that had become ineffective, resulting in non-compliance. I re-aligned the processes with the corporate information security policy and changed the tactical policies to reflect the re-aligned processes. In addition, I reviewed the Business Impact Analyses, collected the changes and updated the Business Continuity Plan to reflect the changes in the organisation. Within this role I re-implemented two information security processes within the ISMS that had become ineffective, resulting in non-compliance. I re-aligned the processes with the corporate information security policy and changed the tactical policies to reflect the re-aligned processes. In addition, I reviewed the Business Impact Analyses, collected the changes and updated the Business Continuity Plan to reflect the changes in the organisation.

Education

  • Royal Holloway, University of London
    MSc Information Security, Information security management
    2018 - 2019
  • De Haagse Hogeschool / The Hague University of Applied Sciences
    Bachelor of Applied Science (B.A.Sc.), Information Security Management
    2014 - 2018

Community

You need to have a working account to view this content. Click here to join now