JF Bethlehem

Cyber Security

I am a cyber security consultant, 'specializing' in hacking into networks and computers. Lately also active in enabling developers create secure software by reviewing the code and suggesting improvements and SOC analysis.

Specialties: Ethical hacking, red teaming, mysteryguest assignments, giving demonstrations of hacking and MG assignments, secure code reviewing, writing reports, programming (PHP, Python), SOC analysis.

About me

gallery/01
gallery/02

Experience

 

 

Senior Security Consultant

DXC

Nov 2017 - Present

Amstelveen, Netherlands

 

Responsibilities:

• Security consultant in Threat & Vulnerability management and Intelligent Security Operations capabilities. 
• Be a leader and mentor for junior and medior consultants in Cyber Defence capabilities 
• Defining offensive, defensive and incident response assessment methodologies and strategies
• Executing penetration tests and reporting on the results
• Global IoT Penetration testing incubation group member

Security consultant

Northwave

March 2012 - October 2017

 

Nieuwegein

 

Northwave believes it is essential to our society and economy that we can rely on safe and trustworthy digital infrastructures. Therefore, we feel the need to make integrated ICT security services of the highest possible quality available to every organisation. 

Northwave integrates people, processes and technology into an Intelligent Security Operation: smart security that controls proactive and reactive measures based on a pragmatic (ISO certified) quality management structure. We combine Information Security, Privacy and Business Continuity Management with our Cyberintelligence and Security Technology services.

Our unique and innovative Managed Services enable our clients to get a tailor-made grip on this complex but vital domain.

Responsibilities:
• Vulnerability scanning of software in development, reporting.
• Advising secure solutions regarding operating systems, software, custom applications and network configurations
• Supporting/advising DevOps teams to develop/maintain secure software
• Security monitoring and alerting
• Security incident handling
• Source code reviewing
• Writing guidelines for hardening of software and systems
• Hardening Linux operating systems
• Workshops, presentations at Utrecht University of Applied Sciences
• Creation of CTF environments
• Security awareness training
• Forensics

 

Security Consultant

Rabobank

Feb 2014 - Aug 2015

Utrecht, Netherlands

 

Responsibilities:
• Vulnerability scanning of software in development, reporting.
• Advising secure solutions regarding operating systems, software, custom applications and network configurations
• Supporting/advising DevOps teams to develop/maintain secure software
• Security monitoring and alerting
• Security incident handling
• Security awareness training 

 

Security specialist

SSC-ICT

Oct 2015 - Jan 2016

Zoetermeer/Amsterdam, Netherlands

 

Responsibilities:
• Assisting in installation, configuration of Arcsight SIEM for the Dutch presidency of the Council of the European Union conferences (CPEU).
• Hardening of CPEU Linux operating systems
• Security checking of CPEU environment
• Security checking of Kiosk systems 

 

Security Consultant

ING Nederland

Apr 2012 - Dec 2012, Jun 2013 - Jan 2014

Amsterdam, Netherlands

 

Responsibilities:
• Vulnerability scanning of software in development, reporting.
• Advising secure solutions regarding operating systems, software, custom applications and network configurations
• Supporting/advising DevOps teams to develop/maintain secure software
• Security awareness training

 

Penetration tester

Verizon

Jan 2013 - Jun 2013

Amsterdam, Netherlands

 

Responsibilities:
• Vulnerability scanning, penetration testing of software in development and production, reporting.
• Advising secure solutions regarding operating systems, software, custom applications and network configurations

 

Security Consultant

LBVD

Apr 2006 - Mar 2012

 

Delft, Netherlands

 

Technical IT security consultation:
- Checking systems for vulnerabilities
- Advising clients on repairing vulnerabilities
- Advising clients on securing systems and networks
- Giving demonstration of hacks

Non-technical security consultation:
- Mysteryguest assignments: attempting to enter buildings unnoticed and unannounced
- Advising clients on securing their buildings and information
- Demonstrations of MG jobs (using video recordings)
- Assisting in awareness campaigns to promote security awareness 

 

Security consultant

GovCERT.NL

Jun 2010 - Dec 2011

The Hague, Netherlands

 

Application support

Kennisnet, Netherlands

Apr 2003 - Apr 2006

Zoetermeer, Netherlands

 

Responsibilities:
• First contact regarding (security and application) incidents for his assigned applications 
• Technical support for clients 

• Contact for suppliers and developers

 

• Installation of new versions at clients' premises

 

• Tester for new verisons of the applications (security, functionality)

 

 

Web developer

Movenext media design

Jan 2000 - Jan 2001

Leiden, Netherlands

 

Developing web applications using PHP, MySQL and PostgreSQL


Webmaster

Word International Ministries

Nov 2006 - Present

 

Webmastering for the dutch branch of the Word International Ministries church.