Technology & Transformation Lead
| Compliance, Cyber, DevOps |
Intro
Thank you for visiting my professional page!
As a technology leader, I'm passionate about empowering people and fostering company spirit as the keys to success!
In the recent years:
I’ve led and scaled an IT company as Managing Director (70+ employees, €5M/y), driving technology and organizational transformation, delivery excellence, and business resilience during challenging times (e.g. COVID).
As Head of Compliance, I led ISO27001 & SOC2 certifications and drove complex InfoSec initiatives (e.g. DORA, GDPR, AI readiness), integrating compliance into the company’s technology roadmap, fueling business growth.
In my role as Head of Operations & IT, I shaped the company’s digital backbone—defining IT strategy, building and optimizing core processes, and overseeing financial operations.
As Cybersecurity Manager, I played a key role in implementing a Common Operating Model and Governance Framework for the Cyber Security Fusion Center (CSFC), improving crisis response and collaboration. I led the EMEA Cyber Threat Intelligence function and represented the cyber mission with clients and senior stakeholders.
Earlier in my career:
I’ve led diverse teams and client-facing projects across software development, and IT DevOps—managing initiatives with budgets up to $1.5M/y and teams of up to 50 professionals in both direct and matrix structures. My experience also includes developing databases, writing technology tenders, and implementing CRM systems and web-based solutions.
Whether you’re seeking compliance / technology consulting or an experienced technology leader to drive complex initiatives and boost operational efficiency, I’d be happy to connect.
Philosophy
People drive progress—it's leadership and technology that empower them to make it happen.
Listen to people. Talk to people. People are the organization—and without them, there is no delivery. They may have good days and bad days, but open, honest, and transparent communication builds trust, understanding, and resilience. People want to be heard—and they notice when they aren’t. When we communicate clearly and truthfully, they reflect that. But when reality is bent and facts are sugar-coated, uncertainty and detachment begin to grow.
Success is defined by the teams. Technology supports it. Cutting-edge tools can be powerful enablers—but they don’t stand on their own. It's a strong company culture and embraced mission that actually deliver results. With a clear, realistic vision, and the freedom to do their best work, teams can maximize any technology. But without great teams, even the best tools won’t solve fundamental challenges.
If there’s a more effective way, do it. A better way is always worth exploring. Innovation often comes from questioning “how we’ve always done it.” That doesn’t mean change for the sake of change—but good ideas should be encouraged and challenged. Refusing to evolve means falling behind, especially if others are willing to move forward.
Don’t fix what isn’t broken. Transforming operations carries risk—especially when done without context. Just because a method or technology is trending doesn’t mean it’s right for your team. If your delivery is working well, stay informed, but don’t feel pressured to overhaul what’s already effective. Stability has value.
Avoid zero-sum leadership. “Giving with one hand and taking with the other” creates confusion and frustration. Local, short-term fixes that cause problems elsewhere aren’t real improvements—they just shift the burden. Cost-cutting that harms morale or performance comes at a long-term cost. A systems-level view can reveal more sustainable, positive solutions.
Consultancy
I offer a comprehensive suite of services to help organizations navigate complex digital challenges. My expertise spans Compliance Consulting, Technology Leadership, Organizational Transformation, and Cyber Defense—tailored to support secure, efficient, and future-ready operations.
I experienced and understand how challenging it can be to introduce and operationalize compliance frameworks—especially in fast-moving environments. Information security feels “abstract”; hard to “grab”, hard to start, and unclear what needs to be done—and who should take ownership. Once implemented, the question becomes—how will it be embedded in daily operations? All while clients and partners expect certifications and adherence to standards.
Whether it’s ISO, SOC, AI-related standards, or “fresh” regulations like CRA and DORA, I’ve led compliance programs that not only met requirements but supported business growth—acquiring new leads and clients. My approach transforms regulatory pressure into structure, and long-term value—balancing the expectations of leadership, regulators, and customers alike.
Three brief facts about me:
Cross-sector expertise. I bring deep Governance, Risk, and Compliance (GRC) expertise from both the FinTech and InfoTech sectors, with experience spanning small enterprises to multinational organizations.
Strategic & Hands-on execution. I’ve led the implementation and management of compliance programs including ISO 27001, SOC 2, and SOX 404—combining strategic oversight with practical experience in control readiness and audit execution.
Versatile application. This dual perspective enables me to map, implement, and operate security programs across a wide range of industries, and business environments.
Risk management | Certifications | Audit | Gap analysis | ISO - SOC - NIS - DORA - SOX | AI governance | Governance - risk - compliance (GRC) | Process - risk - controls (PRC) | Regulatory Risk | Operational Risk | Information security
2. Technology Leadership
As a versatile technology leader, I support both interim and long-term assignments, bringing hands-on experience in guiding engineering, security, and IT organizations through their full lifecycle—from scale-up and transformation to day-to-day operations.
In rapidly changing environments, I help align teams and functions, streamline operational delivery, and embed security into the daily rhythm of the technology organization.
Typical areas where I can support your organization include:
Operational leadership and oversight of already performing delivery teams,
Implementing or revamping CI/CD pipelines to boost delivery efficiency,
Enabling Agile delivery methodologies (e.g.: Kanban, Scrum, ART, SAFe) tailored to your teams' real-world needs,
Evolving DevOps culture to align delivery and operations,
Maturing SDLC and (Secure)SDLC processes for secure, resilient delivery,
Optimizing business continuity and disaster recovery procedures.
Three brief facts about me:
People-focused technologist. I bring real-world leadership experience in technology, cybersecurity, and IT operations, with a firm belief that people drive progress—supported by leadership and technology that empower them.
Bridge-builder strategist. I speak both business and engineering, enabling alignment across product, security, development and leadership teams in complex, cross-functional environments.
Security-aware delivery. From CICD to (Secure)SDLC, I embed governance and security into agile technology delivery—ensuring innovation doesn’t compromise integrity or compliance.
CICD | (Secure)SDLC | Transformation | Ramp-up and scale | DevOps | Operations | Agile | KanBan | Scrum | SAFe | ART | COB | Business continuity | Disaster recovery | Insourcing vs outsourcing | Horizontal vs vertical functions | Delivery | Leadesrship
3. Organizational Transformation
Technology transformation (such as moving from OnPrem to SaaS solutions) and operational shifts (revamping project teams to product-based delivery) require more than just planning. They demand trust, clear communication, and resilient teams, all anchored in strong and empathetic leadership. Change brings uncertainty, so before taking any step, it’s essential to understand what employees are experiencing. This is especially true during ramp-up phases or in times of serious challenge, like restructuring or COVID.
"Do employees understand your vision and mission? Do they feel heard, involved, and motivated? Is the organization and its leadership committed?"
Organizational change, particularly in cross-functional or newly formed teams, can lead to confusion or resistance—risking the very collaboration and performance the change is meant to enhance. To counter this, it’s essential to create a “safe harbour” where individuals feel supported, informed, and empowered to engage with confidence.
I bring experience in leading cross-functional transformations, (re)building teams, and developing internal communication strategies that align people with purpose. I partner with leadership to identify core challenges, define actionable next steps, and create momentum—step by step. I believe that success is defined by people and teams—with technology serving to enable and support them.
Three brief facts about me:
Hands-on leader. As a Managing Director, I bring practical experience in both technology and organizational transformation, including navigating complex challenges such as the COVID-19 crisis. My approach is grounded in real-world execution, far beyond theoretical frameworks.
Managing challenging times. Throughout my career, I’ve supported the ramp-up of new teams and cohesion efforts, as well as managed the complexities of downsizing. Both require sensitivity, strategic thinking (see below), and strong communication—areas where my experience consistently delivers value.
Strategic execution. Whether shifting from projects to products, or building new capabilities, every transformation includes financial, organizational, and human elements. My strategic mindset and experience allows me to manage these interconnected dimensions effectively.
Transformation | Ramp-up and scale | Vision - mission - communication transparency | Insourcing vs outsourcing | Horizontal vs vertical functions | OKRs and feedback | RACI and management | Rolling forecast vs budgeting | Cross-functional teams | Fusion center
4. Building Intelligence-Led Cyberdefense
Cybersecurity is often equated with technology—hardware, software, and the presence of a Security Operations Center (SOC). However, true cyber resilience goes far beyond technical infrastructure. Fragmented security functions that operate in silos—without integrated communication and information sharing—are at a distinct disadvantage compared to adversaries employing Advanced Persistent Threat (APT) techniques.
Effective cyber response requires coordinated operations among diverse security teams, supported by real-time intelligence sharing and joint situational awareness—often facilitated through a physical or virtual fusion center. For example, threat intelligence teams must analyze emerging risks and disseminate actionable insights; adversary analysis and SOC units must collaborate on attack vector investigations; and patch management teams need timely visibility into affected systems and vulnerabilities.
Establishing and operating a unified, intelligence-led cybersecurity capability—integrating security teams like Threat intelligence, Incident response, SOC, Cyber exercise, Etc.—is a complex, enterprise-wide effort. It involves not only process and technology alignment, but also a strong human and communication component. Models such as “follow-the-sun” operations can further enhance efficiency, but also increase operational complexity.
I bring hands-on experience in building and scaling integrated cyber response capabilities, with a strong focus on governance, collaboration, and strategic alignment. My work includes implementing Common Operating Models and Governance Frameworks to strengthen incident response, improve coordination, and drive intelligence-led decision-making across cybersecurity functions.
Three brief facts about me:
Hands-on experience. At the Cyber Security Fusion Center (CSFC, ~50 employees across 10 teams), I supported the implementation of a Common Operating Model and Governance Framework to enhance crisis response capabilities and improve collaboration across our cyber defense teams.
Threat intelligence leadership. I led and scaled the EMEA Cyber Threat Intelligence Analysis function, integrating it into the broader CSFC. I focused on identifying and contextualizing emerging threats, transforming them into actionable insights for both defensive strategy and executive communication.
Compliance-driven technical insight. My strong technical foundation, combined with a deep understanding of compliance, enables me to bridge operational cybersecurity with regulatory and governance requirements—ensuring both security effectiveness and audit readiness.
Cybersecurity | Ramp-up and scale | Fusion Center | Threat Intelligence | Intelligence-Led Cyber | Transformation | Cyber Strategy & Operations | Cross-functional teams
full-time
I’m excited about the opportunity to engage in a full-time role where I can contribute strategically, operationally, and technically. I thrive in fast-paced, mission-driven environments and believe that empowering people and building strong team spirit are key to long-term success—especially in challenging times like COVID-19 or a high-inflation economy.
My background spans technology leadership & transformation, compliance and cybersecurity, but my core drive is always the same: creating clarity, boosting efficiency, and moving things forward. I take ownership, build bridges, and connect the dots across people and goals.
With roots in software engineering, I bring strong technical empathy—while genuinely enjoying working with people and engaging with clients.
I’m adaptable, resilient, and eager to be part of something meaningful over the long term.
(For further details, please check the .:Consultancy:. section of my portfolio.)
Highlights & CV
With a diverse background in Information Technology, Information Security and Cybersecurity, I’ve held multiple leadership and technical roles—often in parallel. Here are five key highlights from my career:
Strategic management: scaling and leading an IT company to 70+ employees as Managing Director (MD). Driving strategic planning and operational / technology transformation as Head of Operations & IT.
Technology leadership & Delivery: various technical leadership roles—spanning DevOps, CICD, product and project delivery, support and application portfolio management. Delivering & operating within Agile and ITIL frameworks, and acting as the First Point of Contact / Technology Partner for clients and business owners.
Security & Compliance: 6+ years in security-related roles, including mid-sized and multinational companies, acting as a Head of Compliance. Implemented and operated various compliance frameworks (E.g.: ISO, SOC), transformed regulatory requirements into business enablers (E.g.: DORA, CRA, AI initiatives), and managed both operational and regulatory risk in IT and Banking.
Cybersecurity: 4 years in cybersecurity leadership, building cross-functional collaboration & functions across cybersecurity teams. Strenghtening cyber resilience capabilities by implementing a Common Operating Model and Governance Framework. Improving incident response, managing a Threat Intelligence function. Engaged with clients, representing the organization’s cyber mission.
Technical foundation: hands-on experience in software engineering with a strong focus on DevOps, CRM, PHP, Java, JS, and database architectures.
Download my printable CV (PDF) for a concise overview of my background.
This is bold and this is strong. This is italic and this is emphasized.
This is superscript text and this is subscript text.
This is underlined and this is code: for (;;) { ... }. Finally, this is a link.
Heading Level 2
Heading Level 3
Heading Level 4
Heading Level 5
Heading Level 6
Blockquote
Fringilla nisl. Donec accumsan interdum nisi, quis tincidunt felis sagittis eget tempus euismod. Vestibulum ante ipsum primis in faucibus vestibulum. Blandit adipiscing eu felis iaculis volutpat ac adipiscing accumsan faucibus. Vestibulum ante ipsum primis in faucibus lorem ipsum dolor sit amet nullam adipiscing eu felis.
Preformatted
i = 0;
while (!deck.isInOrder()) {
print 'Iteration ' + i;
deck.shuffle();
i++;
}
print 'It took ' + i + ' iterations to sort the deck.';