PDF version
Resume Michel Hoffmann, CISA, CISSP, ABCP

Personal Information

Name Michel HOFFMANN
Address 3, square Baron Bouvier, bte 4
1060  Bruxelles
Belgium
Telephone +32 478 504 101
E-mail Click to send a message
Nationality Belgian
Date of birth
 
October 1950

Desired Employment

  • Information security expert in an IT service company, or
  • Security officer in a medium or large organisation, or
  • BCP co-ordinator

Work Experience

Dates:

May 2008 to now

Name of employer Unisys Belgium, Brussels
Type of business or sector IT Services
Occupation or position held Senior Security Consultant
Main activities and responsibilities Responsibilities: Security consultancy, security management
Activities:
  • DG TAXUD (European Commission): Security Manager of the ITSM project

Dates:

2000 to now

Name of employer Institut Paul Lambin
Type of business or sector IT School (“Haute École”)
Occupation or position held Professor
Main activities and responsibilities Activities: Provide the “Business Continuity Management” course to future IT graduates.

Dates:

January 2007 to May 2008

Name of employer Trasys, Brussels
Type of business or sector IT Services
Occupation or position held Senior Security Consultant
Main activities and responsibilities Responsibilities: Security consultancy, BCP, risk analysis, security policy definition
Activities:
  • OLAF (Office de Lutte Anti-Fraude, European Commission): development of information security procedures (backup policy, business continuity framework, security of remote access)

Dates:

September 2000 to January 2007

Name of employer Unisys Belgium, Brussels
Type of business or sector IT Services
Occupation or position held Senior Security Consultant
Main activities and responsibilities Responsibilities: PKI specialist, IT audits, risk analysis, security policy definition
Activities:
  • Walloon Region (Belgian administration): development of the information security policy for the Commissariat EASI-WAL, in compliance with ISO/IEC 17799
  • Fedict (Belgian administration): provision of consulting services for the certification of the Belgian TESTA connexion at the EU-RESTRICTED level
  • Fortis Investments: re-definition of the Business Continuity Plan
  • In a large financial institution of the European Union: specifications for the security implementation of a secure Web-enabled application: Web access security; LAN security; database security; two-factor authentication; application-level access control
  • European Institutions: several studies for the use of the IDA PKI in the European institutions and the Member States administration; drafting of an SSRS for the accreditation of EU-RESTRICTED systems; definition of security policies; risk analysis
  • Ministry of Justice, Belgium: definition of the security architecture of the Ministry's computer application: strong authentication, electronic signature, network security

Dates:

November 1998 to August 2000

Name of employer Sema Group Belgium, Brussels
Type of business or sector IT Services
Occupation or position held Senior Security Consultant
Main activities and responsibilities Activities: Participation to Phare (Eastern Europe) and World Bank projects, e.g.:
  • Madagascar: training for the IT Auditor of the Madagascar Central Bank; security training for the computer specialists at the Central Bank
  • Bulgaria: definition of the security policy for the computerisation of the Bulgarian customs
  • Poland: management of the Foreign Assistance Database development project…

Dates:

April to November 1998

Name of employer Levi-Strauss Europe, Brussels
Type of business or sector Manufacturing
Occupation or position held Business Continuity Plan co-ordinator
Main activities and responsibilities Responsibilities: Co-ordinator of the continuity plan for the European Headquarters of Levi-Strauss:
  • Analysis of the continuity requirements (Business Impact Analysis) by the users in the Levi-Strauss' business units
  • Definition of the continuity requirements by the ERP applications
  • Development of the data centre continuity plan, choice of the most appropriate recovery strategy for the systems and for the network

Dates:

April 1997 to April 1998

Name of employer Atos, Brussels
Type of business or sector IT Services
Occupation or position held Senior Consultant
Main activities and responsibilities Responsibilities
  • Responsible for the deployment of the CCN/CSI network for the Ministries of Finances in the EU Member States.  Definition of the deployment procedures of the CCN/CSI equipment (UNIX gateways connected to the hosts at the Ministries)
  • Definition of the information security policy and of the continuity plan for the CCN/CSI technical centre.  Security policy recommendations to the public administrations

Dates:

October 1994 to April 1997

Name of employer Utimaco Belgium, Holsbeek
Type of business or sector Vendor of information security products
Occupation or position held Senior Sales Engineer
Main activities and responsibilities Responsibilities:
  • Marketing of security products in the French speaking European countries (Luxembourg, France, southern Belgium) for a European supplier of information security hardware and software (PC protection, protection of bank transactions and of health care data, PKI)
  • Support of a network of distributors
  • Specification of information security projects.

Dates:

June 1994 to September 1994

Name of employer Independent activity
Type of business or sector Security consulting
Occupation or position held Security Consultant
Main activities and responsibilities Responsibilities:
  • Information security audit in small and medium enterprises

Dates:

February 1974 to May 1994

Name of employer Several companies within the Philips group (all located in Brussels)
Type of business or sector R&D
Occupation or position held Various, see below
Main activities and responsibilities 1993-1994: Project Leader, Philips Industrial & Telecommunication Systems.  Responsibilities:
  • Project management in the area of voice recognition: voice command of a medical imaging system; voice interface for a secure FAX system
1989-1993: Technical & Support Manager, Philips Professional Systems.  Responsibilities:
  • Technical support for the marketing of security software (electronic signature of EDIFACT messages, authentication, information protection), and of voice recognition systems
  • Pre-sales support within the sales team
  • Set up of exhibitions (CeBIT, Infosec…), responsible for commercial booklets.
1988-1989: Project Leader, MBLE.  Responsibilities: 
  • Defining and managing the development of an electronic mail system including a FAX interface and a Smart Card-based protection.
1979-1988: Network Engineer, Philips Telesoft International.  Responsibilities:
  • Development of Sophonet, the Philips wide-area network supporting multiple protocols (X25, BSC, SNA); supervision of a development team (13 persons)
  • Design and development of the basic software and of the development tools.
1974-1979: Project Responsible, MBLE.
  • Development and project management of Operating Systems and of real-time software for data communication.

Education and Training

Dates:

1968 to 1973

Title of qualification awarded Ingénieur civil électricien-mécanicien
Name of organisation providing education and training Université Libre de Bruxelles
Principal subjects/ occupational skills covered Electrical Engineering

Dates:

1994 to 1995

Title of qualification awarded CEPAC
Name of organisation providing education and training Université Libre de Bruxelles
Principal subjects/ occupational skills covered Management

Personal Skills and Competences

Mother Tongue

French

Other Languages

English

Reading: good.  Writing: good.  Speaking: good

Dutch

Reading: good.  Writing: medium.  Speaking: good

Technical Skills and Competences

Information security domains

  • Cryptography, smart cards, security policy, business continuity, risk management

Other Skills and Competences

Professional Certifications

  • CISA (Certified Information Systems Auditor), 1999
  • CISSP (Certified Information Systems Security Professional), 2002
  • ABCP (Associate Business Continuity Planner), 2003
  • Certificated Project Management Practitioner (IPMA Level D), 2003
  • ITIL Foundations, 2004