Personal Information

Desired Employment

• Information security expert in an IT service company, or
• Security officer in a medium or large organisation, or
• BCP co-ordinator

Work Experience

Dates:

May 2008 to now

• DG TAXUD (European Commission): Security Manager of the ITSM project

Dates:

2000 to now

Dates:

January 2007 to May 2008

• OLAF (Office de Lutte Anti-Fraude, European Commission): development of information security procedures (backup policy, business continuity framework, security of remote access)

Dates:

September 2000 to January 2007

• Walloon Region (Belgian administration): development of the information security policy for the Commissariat EASI-WAL, in compliance with ISO/IEC 17799
• Fedict (Belgian administration): provision of consulting services for the certification of the Belgian TESTA connexion at the EU-RESTRICTED level
• Fortis Investments: re-definition of the Business Continuity Plan
• In a large financial institution of the European Union: specifications for the security implementation of a secure Web-enabled application: Web access security; LAN security; database security; two-factor authentication; application-level access control
• European Institutions: several studies for the use of the IDA PKI in the European institutions and the Member States administration; drafting of an SSRS for the accreditation of EU-RESTRICTED systems; definition of security policies; risk analysis
• Ministry of Justice, Belgium: definition of the security architecture of the Ministry's computer application: strong authentication, electronic signature, network security

Dates:

November 1998 to August 2000

• Madagascar: training for the IT Auditor of the Madagascar Central Bank; security training for the computer specialists at the Central Bank
• Bulgaria: definition of the security policy for the computerisation of the Bulgarian customs
• Poland: management of the Foreign Assistance Database development project…

Dates:

April to November 1998

• Analysis of the continuity requirements (Business Impact Analysis) by the users in the Levi-Strauss' business units
• Definition of the continuity requirements by the ERP applications
• Development of the data centre continuity plan, choice of the most appropriate recovery strategy for the systems and for the network

Dates:

April 1997 to April 1998

• Responsible for the deployment of the CCN/CSI network for the Ministries of Finances in the EU Member States.  Definition of the deployment procedures of the CCN/CSI equipment (UNIX gateways connected to the hosts at the Ministries)
• Definition of the information security policy and of the continuity plan for the CCN/CSI technical centre.  Security policy recommendations to the public administrations

Dates:

October 1994 to April 1997

• Marketing of security products in the French speaking European countries (Luxembourg, France, southern Belgium) for a European supplier of information security hardware and software (PC protection, protection of bank transactions and of health care data, PKI)
• Support of a network of distributors
• Specification of information security projects.

Dates:

June 1994 to September 1994

• Information security audit in small and medium enterprises

Dates:

February 1974 to May 1994

• Project management in the area of voice recognition: voice command of a medical imaging system; voice interface for a secure FAX system

• Technical support for the marketing of security software (electronic signature of EDIFACT messages, authentication, information protection), and of voice recognition systems
• Pre-sales support within the sales team
• Set up of exhibitions (CeBIT, Infosec…), responsible for commercial booklets.

• Defining and managing the development of an electronic mail system including a FAX interface and a Smart Card-based protection.

• Development of Sophonet, the Philips wide-area network supporting multiple protocols (X25, BSC, SNA); supervision of a development team (13 persons)
• Design and development of the basic software and of the development tools.

• Development and project management of Operating Systems and of real-time software for data communication.

Education and Training

Dates:

1968 to 1973

Dates:

1994 to 1995

Personal Skills and Competences

Mother Tongue

French

Other Languages

English

Dutch

Technical Skills and Competences

Information security domains

• Cryptography, smart cards, security policy, business continuity, risk management

Other Skills and Competences

Professional Certifications

• CISA (Certified Information Systems Auditor), 1999
• CISSP (Certified Information Systems Security Professional), 2002
• ABCP (Associate Business Continuity Planner), 2003
• Certificated Project Management Practitioner (IPMA Level D), 2003
• ITIL Foundations, 2004