Cybersecurity Specialist

Elevating your organisation's cyber resilience

View Skills Get In Touch
6+ Years Experience
100+ Security Assessments
50+ Organisations Helped

About Me

Technical cybersecurity professional — blue team and red team

I'm a Dutch dedicated cybersecurity specialist with over six years of hands-on experience in protecting organisations from digital threats. Having worked at both red team and blue team, my technical expertise spans everything an organisation needs to bring cyber security to a higher level. See my skills for details of what I can do for your organisation.

I've worked with leading organisations including Sanquin, Orange Cyberdefense, IBM, Motiv and SURFnet, delivering comprehensive security solutions across a broad range of sectors including healthcare and IT in particular.

Master of Science (MSc)

Security and Network Engineering - University of Amsterdam

Bachelor of Science (BSc)

Software Engineering & Cyber Security - Fontys University Eindhoven

Sjors Haanen

Core Skills

Skills

Comprehensive cybersecurity expertise and capabilities

Security Monitoring

Building advanced Security Operations Centers with continuous monitoring and automated response capabilities.

  • SIEM implementation and tuning
  • Threat intelligence integration
  • Custom detection rules
  • SOAR capabilities

Vulnerability Management

Designing and optimising complete vulnerability management frameworks from initial setup to continuous improvements

  • Setting up a complete internal vulnerability management service
  • Vulnerability scanning and assessment (validation)
  • Risk prioritisation and remediation
  • Compliance reporting
  • Patch management strategy
  • Continuous monitoring

Penetration Testing

Delivering comprehensive penetration testing services that maximise security budgets through risk-based assessments while ensuring compliance requirements are met.

  • Setting up a complete penetration testing service
  • Infrastructure penetration testing
  • Web application security testing
  • Cloud Infrastructure testing
  • Active Directory assessments
  • Wi-Fi security testing
  • Social engineering assessments

Incident Response

Designing and optimising incident response processes that minimise business impact and ensure rapid recovery.

  • Validation of incidents
  • Malware analyses & digital forensics
  • Containment & eradication
  • Recovery planning
  • Evaluation and lessons learned

Cloud Security

Providing specialised cloud security services for Microsoft Azure and multi-cloud environments, ensuring comprehensive infrastructure protection.

  • Cloud security assessments
  • Configuration reviews
  • Container security
  • Cloud compliance auditing
  • DevSecOps integration

Security Consulting

Strategic cybersecurity consulting, translating security requirements across organisational levels to build robust security programs and improve overall posture.

  • Security program development
  • Risk assessments
  • Security architecture review
  • Compliance consulting
  • Representing security at multidisciplinary boards
  • Assessing suppliers
  • Staff training and workshops

Experience

A proven track record with leading organisations

Security Specialist

Sanquin Oct 2022 - Oct 2024
  • Implemented various internal Security Operations services including security assessments (penetration testing), vulnerability management, security monitoring, and malware analysis.
  • Contributed to getting Sanquin NEN7510 (ISO 27001 for Dutch health care) compliant.
  • Coordinated penetration tests. Organised threat analyses, hiring penetration testers, guiding asset owners in remediation and setting up a multi-year continuous pentest plan for Sanquin.
  • Security representative at cross-team meetings.
  • Incident Response and Digital Forensics for cyber security incidents.
  • Third tier support for security tickets. Guided other analysts to ensure quality standards.
  • Increasing security awareness of colleagues through delivering internal presentations.
Security Monitoring Vulnerability Management Penetration Testing Security Operations Microsoft Cloud Incident Response Security Awareness Security Consulting

Penetration Tester

Orange Cyberdefense Apr 2021 - Oct 2022
  • Performed security assessments for clients including infrastructure tests, web applications, Active Directory environments, Wi-Fi, workplace investigations, and mystery visits. The goal was usually to gain the highest privileges within the network, and this was achieved in 90% of assessments.
  • Delivered penetration test reports and presented the findings to management or technical staff.
  • Worked with clients across healthcare, IT, and retail industry sectors.
Web Applications Active Directory WiFi Infrastructure Social Engineering Cloud Security Password Analyses Workplace Hardening Mobile Apps

SOC T3 Analyst (Contractor)

IBM Oct 2020 - Mar 2021
  • Analysed T3 security events from multiple EDR solutions for IBM global operations.
  • Guided other analysts to ensure quality standards.
  • Executed threat response by isolating assets and gathering technical intelligence.
SOC Incident Response

SOC Specialist

Motiv ICT Security Jan 2019 - Mar 2021
  • Operational and innovative role within the Motiv SOC for security monitoring. Tuned use cases and added log sources to the SIEM. Contributed to migration from ArcSight to Elastic Stack.
  • Vulnerability management for clients. Significantly lowered risk profile by prioritising on vulnerabilities that formed an actual risk for the clients.
  • Monitored and responded to security events across multiple client environments
  • Performed security assessments for clients including infrastructure tests, web applications, Wi-Fi and workplace investigations.
SOC Vulnerability Management Penetration Testing

Cybersecurity Analyst & Technical Product Manager

SURFnet Mar 2017 - Dec 2018
  • Developed new features for EduVPN: open-source VPN software focused on privacy, speed, and ease of use. Implemented a dynamic denylist (DNS blackhole) based on open-source resources.
  • Further development of the open-source intelligence aggregation environment I set up during my internship. This service provides insights for SURFnet-affiliated institutions into new ICT vulnerabilities that are present on their publicly exposed IT systems.
OSINT aggregation VPN

Trusted by Leading Organisations

Companies and institutions I've worked with

Testimonials

What colleagues say about my work

Sjors is a fun loving, hard working, intelligent guy. Besides being a person who is fun to be around, he is also a reliable team player who will not shy away from a challenge. Because of his broad knowledge and skillset he was often asked to support teams in other domains and I very much appreciated his flexibility in these situations. During the time that we've worked together I enjoyed seeing him develop himself so rapidly. He is now an offensive tiger who will bite himself into a problem and keep chewing his way through. I expect a great future for Sjors in the cybersec industry, hopefully we get to work together again in the future.

Allan van Leeuwen

Team Lead

Sjors is a great colleague to work with. He has extensive technical knowledge thanks to his security background, making him a great person to work with. Besides his work, Sjors is also pursuing further development with HackTheBox and various certifications. Besides all this knowledge, he also adds valuable social value to the team.

All in all, he's a good all-rounder you can rely on. Looking for someone like that? Then Sjors is the right person for you.

Joey van den Heuvel

Team Colleague

Get In Touch

Let's discuss how I can help secure your organisation

Email

LinkedIn

linkedin.com/in/sjorshaanen

Location

Anywhere (Netherlands/Remote)

Languages

English, Dutch

Sjors Haanen