Willem Westerhof
Team Manager (security specialists) at Secura- Claim this Profile
Click to upgrade to our gold package
for the full feature experience.
-
Dutch Native or bilingual proficiency
-
English Professional working proficiency
-
German Elementary proficiency
Topline Score
Bio
Credentials
-
AWS security fundamentals
Amazon Web Services (AWS)Nov, 2022- Nov, 2024 -
eCPTX Certified Penetration Tester eXtreme
eLearnSecurityAug, 2021- Nov, 2024 -
Joe Grand Firmware extraction & advanced manipulation
Grand Idea StudioSep, 2019- Nov, 2024 -
Joe Grand Hardware Hacking Basics
Grand Idea StudioSep, 2019- Nov, 2024 -
VDOO certified security engineer
VDOOJul, 2019- Nov, 2024 -
ISO 27001 Lead Implementer
PECBSep, 2023- Nov, 2024 -
Tenable Certified MSSP Engineer
TenableOct, 2018- Nov, 2024 -
Tenable Certified Pre-Sales Architect
TenableOct, 2018- Nov, 2024 -
Tenable Certified Pre-Sales Engineer
TenableOct, 2018- Nov, 2024 -
Tenable Certified Pre-Sales integrator
TenableOct, 2018- Nov, 2024 -
Tenable Certified Sales Associate
TenableOct, 2018- Nov, 2024
Experience
-
Secura
-
Netherlands
-
IT Services and IT Consulting
-
100 - 200 Employee
-
Team Manager (security specialists)
-
Dec 2022 - Present
As almost all the things on my bucketlist of things to hack were done and hacked, I decided to shift focus on enabling others in the team be the best hackers they can be. As team manager for a team of hackers my focus is on assisting them with the technical or politically hard stuff when necessary and making sure the full team has the right skillsets now and in the foreseeable future. ~60% of worktime will be focused on enabling the team and developing the service portfolio, the other ~40% of worktime will still be spent hands on hacking for those really complex or high stakes projects. Show less
-
-
Senior Security Specialist
-
Nov 2020 - Dec 2022
Working at Secura as a Senior Security Specialist and teamlead, hacking all sorts of systems, devices, applications etc. while simultaneously leading a small team and being the technical right hand for the department manager.
-
-
-
Resillion Netherlands (formerly Eurofins Cyber Security Netherlands)
-
Netherlands
-
IT Services and IT Consulting
-
1 - 100 Employee
-
Head of IoT hacking
-
Dec 2018 - Nov 2020
With IoT devices becoming more prevelant in day to day work at Qbit, a formal IoT department is being setup. I was in the lead in setting up this department. This includes things such as, budgetting, training, formalizing workflows and processes, creating the secure connected devices logo scheme, setting up labs and required infrastructure as well as testing IoT devices.Furthermore, a large number of publications on IoT security research were done. Please refer to those in the "accomplishments" section. Show less
-
-
IT Security Engineer
-
Feb 2015 - Dec 2018
Currently working as a ethical hacker/security engineer. Previous positions in Teamlead roles, SOC, research & development, internships etc. shown below. Qbit Cyber Security was formerly known as ITsec Security Services B.V.Following my thesis internship I started work as a full-time penetration tester. This job involves finding security vulnerabilities in all sorts of systems. My experience ranges from rare IoT devices to windows active directory systems (or linux based environments) and everything in between.Besides penetration testing I also do a lot of "specials". These specials include things such as, giving hack trainings/demo's, awareness trainings, public speaking at conferences/television documentaries/debates, training new personnel, implementing vulnerability scanning at a large scale, project management, password cracking research etc. Show less
-
-
-
ITsec Security Services B.V.
-
Haarlem Area, Netherlands
-
Interim Team Lead Security Centre
-
Nov 2017 - May 2018
When ITsec was bought by another company several services had to be redesigned and merged. In order to redesign the (offensive) security centre my role was temporarily change to an interim teamlead. This involves documenting procedures, creating workflows, providing work-in trails for new personnel and day to day regular offensive security work (maintenance of security systems, network monitoring, vulnerability scanning, phishing, responsible disclosure etc.) When everything was properly set up, responsibility was transferred to a new hired team lead so I could get back to penetration testing and project management. Show less
-
-
-
-
Thesis internship
-
Aug 2016 - Feb 2017
The Horus scenario:During this thesis it was discovered that a weak spot exists in the power grid that can be exploited by malicious hackers. Abusing this weak spot can lead to large scale power outages. Several CVE's were given and the news spread around the globe following the responsible disclosure period of this Thesis. see also publications below.Received a 10.0 for this internship (A+, maximum score)
-
-
Security Engineer
-
Jul 2015 - Aug 2016
Working Part-time as member of the Security Operations Centre and conducting some additional research based upon experiences during my internship.
-
-
-
-
Ambachtelijk assistent BanketBakker
-
Mar 2008 - Dec 2016
2008- 2014: Working at a bakery with pasteries and pies as a production employee on saturdays and during holidays. As more experience was gained, this also included leading the saturday team and optimizing team performance. This regular job was ended by me to put more focus in my IT study and find a job in the IT sector. Arrangements were made with the bakery in such a way that i can still help during peak periods such as Christmas, new year, easter etc. 2015+: Working on a irregular basis, only during holidays or peak times at the bakery. Show less
-
-
-
Theodoor Gilissen Bankiers
-
Netherlands
-
Banking
-
1 - 100 Employee
-
5 months Internship
-
Feb 2015 - Jun 2015
Internship Security and netwerk monitoring solutions in a collaboration between ITsec Security Services and Theodoor Gilissen Bankiers N.V. During this internship I studied the Security within Theodoor Gilissen Bankiers. I also did a research paper on netwerk monitoring focusing on the use of a monitoring system to combat internal threats and inside out attacks. During this study I build up a monitoring platform using Ubuntu, suricata and ELK to proof the theoretical concepts. The final received grade for this study was an A+ (9 on a scale 1 to 10) Show less
-
-
-
Motion Fysiotherapie & Preventie
-
Netherlands
-
Hospitals and Health Care
-
1 - 100 Employee
-
Sportbegeleider
-
Jul 2011 - Jul 2013
Helping groups of former physical therapy patients get fit on there own in a controlled environment where some medical expertise is required. Based on the patients specific medical background (Brain damage, strained or broken limbs, Chronic diseases etc.) excercises were given, adjusted and controlled. This job involved working independent and also opening and closing the building. The job eventually ended due to me not continuing my physical therapy study in pursuit of a new career. Helping groups of former physical therapy patients get fit on there own in a controlled environment where some medical expertise is required. Based on the patients specific medical background (Brain damage, strained or broken limbs, Chronic diseases etc.) excercises were given, adjusted and controlled. This job involved working independent and also opening and closing the building. The job eventually ended due to me not continuing my physical therapy study in pursuit of a new career.
-
-
-
HMSHost
-
Food and Beverage Services
-
700 & Above Employee
-
Allround medewerker
-
Oct 2012 - Apr 2013
Worked as an allround horeca employee, mainly at La Place Schiphol, but when needed also at other stands throughout Schiphol. (this includes bar work, night shifts etc.) After 6 months, my contract was renewed for another year but I refused as i had a different job throughout the summer and was going back to college when the summer ended. Worked as an allround horeca employee, mainly at La Place Schiphol, but when needed also at other stands throughout Schiphol. (this includes bar work, night shifts etc.) After 6 months, my contract was renewed for another year but I refused as i had a different job throughout the summer and was going back to college when the summer ended.
-
-
-
SIMAR automatisering
-
Amsterdam Area, Netherlands
-
helpdesk medewerker
-
Aug 2012 - Sep 2012
Seasonal work in server updating for customers due to the change in taxes in the Netherlands. After 2 months, all servers were updated a couple of days before the taxes were raised by the government. Seasonal work in server updating for customers due to the change in taxes in the Netherlands. After 2 months, all servers were updated a couple of days before the taxes were raised by the government.
-
-
Education
-
2016 - 2016
University of Amsterdam
Minor certificate, Minor intelligence studies -
2013 - 2017
Hogeschool van Amsterdam
Bachelor of Science (BSc), Informatica System and Network engineer Cum Laude -
2010 - 2012
Hogeschool van Amsterdam
Propedeuse, Fysiotherapie -
2008 - 2010
Alkwin college Uithoorn
Voortgezet Wetenschappelijk Onderwijs, Economie & maatschappij -
2008 - 2008
Anglia exams
Certificate as a speaker of the English language, English Language and Literature, General -
2003 - 2008
Alkwin college
Hoger Algemeen Voortgezet Onderwijs, Economie & maatschappij
Community
