Profile

I am an independent consultant and instructor in cybersecurity and AWS cloud domains, with over 20 years of experience ranging from security systems design and implementation to cybersecurity operations, advising developers, solution architects, and senior management on security risks and solutions. Over the past decade, I've shifted focus towards cloud computing, becoming a strong advocate for cloud security and AWS cloud.

What drives me most today is training the next generation of tech talents. As a published author in the AWS security domain, I share my expertise broadly through webinars and various instructional formats. Previously, I trained the first AWS re/Start cohort in Switzerland and served as an AWS Educate Cloud Ambassador, enrolling the first AWS Educate partner organization in Cambodia. Additionally, I'm an active AWS Community Builder member since the program's inception in 2020.

I hold various industry-recognized certifications, including ISC2 CISSP, ISACA CISM, CSA CCSK, and 6 AWS certifications. Those who have worked with me describe me as driven, versatile, an out-of-the-box thinker, and eager to learn and transmit knowledge.

Seeking a partner in cloud security, AWS optimization or professional development? Let's explore how I can support your goals.

Core Skills

Cybersecurity

Expert, 20 Years

I have a holistic view of cybersecurity. A blend of management and technical experience in almost all areas of cybersecurity across various industries. Extensive know-how in security architecture, cloud security, governance, risk & compliance, incident response management and security operations.

Amazon Web Services (AWS)

Expert, 6 Years

I have a robust background in AWS. I first started by assessing the security posture of various deployments. Since then I got my hands on most services and gained a solid understanding of the AWS ecosystem, as well as an in-depth knowledge in most services, including security and DevOps tooling.

Instruction and Training

Advanced, 15 Years

I have always been engaged in training and instruction. I have been teaching as guest lecturer for universities, trained and mentored a large number of professionals, co-built an eLearning platform, authored training content and volunteered for NGOs as trainer and training manager.


Work

Consultant, instructor & lecturer

Since Dec 2021, Self-employed


Working as freelancer in cybersecurity, AWS and instruction for various businesses and educational institutions.

  • Webinar instructor at Securzy (monthly webinar AWS Security series)
  • Authored Mastering AWS Security: Strengthen your cloud environment using AWS security features coupled with proven strategies (ISBN 1805125443)
  • Authored course for CodeRed, EC-Council University platform (6 hours video recording)
  • Cybersecurity Mentor for SpringBoard.com (weekly 1-to-1 mentoring)
  • Guest lecturer for MyDigitalSchool, EPSI, Tera Campus and Simplon.co: Linux Advanced, DevSecOps, AppSec (Bachelor/Master), Cloud admin
  • AWS IQ expert: consulting for various startups and SaaS providers - https://iq.aws/e/laumat

AWS re/Start Instructor — Powerhouse Lausanne

Jan 2022 - Jun 2022 (6 months), Freelancer, Part-time (remote)


Led the AWS re/Start program instruction. 100% online.

  • Selected and trained the first AWS re/Start cohort in Switzerland
  • Mentored the students until their graduation and prepared them for the AWS CCP exam
  • Coordinated other volunteers' instruction

Cloud Security Architect — Arkema

May 2021 - Dec 2021 (8 months), Freelancer, Part-time (remote)


Global Cybersecurity Architecture & Expertise Team.

  • Cloud architectures security review
  • Cloud migrations assessments
  • DevSecOps and cyber-analytics tooling development for the AWS Cloud

Independent Consultant and Instructor — Secloudia

Oct 2020 - May 2021 (9 months), Self-employed, Phnom Penh, Cambodia


Cybersecurity, cloud & AWS consultancy and training for various SMEs, NGOs and educational institutions.

  • ISO 27001 readiness assessment
  • AWS onboarding
  • Security awareness

IT & Training Manager — Passerelles Numeriques (NGO)

Oct 2019 - Dec 2020 (1 yr 3 mo), Full-time, Phnom Penh, Cambodia


Served for 15 months as International Solidarity Volunteer (French VSI) for an international NGO.
Responsible for the Systems & Network Administration (SNA) curriculum as well as the overall IT of the school (35 staff and 150 students). Led a team of 4 FTEs (2 SNA Trainers and 2 IT Officers).

  • Developed cybersecurity and cloud computing modules
  • Applied for the AWS Educate institution grant and embedded it into the SNA curriculum
  • Moved IT labs from hardware-based to cloud-based amid COVID-19 school closure and beyond
  • Boosted Google G Suite adoption and organized the training of all staff and students during COVID-19
  • Established and maintained relationships with various partners (businesses, NGOs, government)
  • Selected as part of the AWS Educate Cloud Ambassador 2020 cohort

Volunteer Cybersecurity Trainer — Passerelles Numeriques (NGO)

Apr 2019 - Jul 2019 (4 months), Vietnam / Philippines / Cambodia


Traveled for 4 months to the 3 countries where PN operates in Asia and delivered training in cybersecurity.

  • Delivered training to students (2 weeks in Da Nang, Vietnam and 4 weeks in Cebu, Philippines)
  • Mentored and trained the local IT & training team in Phnom Penh, Cambodia

Senior Information Security Risk Analyst — ABN AMRO Bank N.V.

Oct 2013 - Dec 2018 (5 yrs 3 mo), Freelancer, Amsterdam, Netherlands


Information security risk assessment and advisory for the Corporate Information Security Office (CISO).

  • Supported senior management in making risk-based decisions to achieve business objectives
  • Identified and assessed risks in all aspects of information security for various projects
  • Provided security advisory and architecture support during projects
  • Performed vendor security assessments (e.g. BPO, cloud suppliers, data center inspection, etc.)
  • Coordinated penetration testing and vulnerability assessments
  • Monitored ongoing risks and tracked remediation

IT Operations Security Lead — CNES, the French National Space Agency

Oct 2012 - May 2013 (8 months), Consultant, Toulouse, France


IT security operations and outsourcing management for the CNES ICT Department.
Assigned as a consultant for Scassi.

  • Reviewed and oversaw the overall incident management process
  • Reviewed vendors' security controls to ensure ongoing compliance with standards and policies
  • Monitored security systems operations, performance, availability and capacity
  • Reviewed and monitored security vulnerabilities and remediation activities

Information Security Consultant — Scassi

Jun 2012 - May 2013 (1 year), Full-time, Toulouse, France


R&D, presales, training delivery and consulting.

  • Co-built the eLearning platform PHOSFOREA and authored courses in information security
  • Delivered training in cloud computing security to IT auditors

CERT Senior Security Analyst — European Space Agency (ESA)

Oct 2010 - Jun 2012 (1 yr 8 mo), Consultant, Rome, Italy


ESA's Computer Emergency Response Team (ESACERT). This division is responsible for providing capability to deal with all aspects of cybersecurity within the overall ESA organization.
Assigned as a consultant for Verizon Business.

  • Led incident response and threat hunting
  • Performed malware analysis and forensics activities
  • Performed security & vulnerability assessments and monitored findings resolution
  • Co-organized and delivered yearly security awareness campaigns and seminars for all ESA sites

Senior Security Consultant — Verizon Business

Apr 2006 - Jun 2012 (6 years 2 mo), Full-time, Luxembourg / Italy


Verizon Business Professional Services EMEA. Worked for various Public-sector, SME & Enterprise customers.

  • Designed, tested, deployed and supported security infrastructures and systems in complex environments
  • Performed security audits, reviews and assessments
  • Developed security policies, guidelines and standard operating procedures
  • Delivered security coaching and training

Guest Lecturer — Université de Lorraine

2005 - 2010 (5 years), Part-time, France


Gave lectures to Bachelor students (app. 30 hours every year).

  • Taught cryptography, cybersecurity and ethical hacking

    • Security Analyst — Cybertrust

    Jul 2004 - Apr 2006 (1 yr 10 mo), Full-time, Luxembourg


    Security Operations Center (SOC) environment in a 24x7x365 shift work schedule providing Managed Security Services to various customers.

    • Analyzed logs, security trends, investigated intrusion detection alerts and handled security incidents
    • Security/system administration on firewalls, IDPS, routers, VPNs, proxies and various Linux/Unix servers

    Internship in system & network administration — La SNET

    Feb 2004 - May 2004 (4 months), France

    Education

    Master's Degree, Management & Business Engineering — EM Strasbourg

    2009 - 2010, Part-time, Strasbourg, France


    Project management, sales & marketing, strategy.

    University Degree, Network & Telecom — Université de Lorraine

    2002 - 2004, Full-time, Nancy, France

    Certifications & Awards

    AWS Certified Security - Specialty

    Since 2021, still valid

    AWS Certified DevOps Engineer - Professional

    Since 2023, still valid

    AWS Certified Solutions Architect - Professional

    Since 2022, still valid

    AWS Certified Solutions Architect - Associate

    Since 2020, still valid

    AWS Certified SysOps Administrator - Associate

    Since 2022, still valid

    AWS Certified Cloud Practitioner

    Since 2022, still valid

    AWS re/Start Accredited Instructor

    Since 2022

    AWS Community Builder

    Since 2020 - this program is for selected AWS enthusiasts and emerging thought leaders who are passionate about sharing knowledge and connecting with the technical community

    AWS Educate Cloud Ambassador

    Since 2020 - this award is for top-tier educators and thought leaders who serve as ambassadors for AWS Educate

    ISACA CISM (Certified Information Security Manager)

    Since 2015, still valid

    ISC2 CISSP (Certified Information Systems Security Professional)

    Since 2013, still valid

    CSA CCSK (Certificate of Cloud Security Knowledge)

    Since 2013, still valid

    EXIN ITIL Foundation

    Since 2008, still valid

    PECB ISO/IEC 27032 Lead Cybersecurity Manager

    Issued in 2017, expired

    PECB ISO/IEC 27005/31000 Risk Manager

    Issued in 2012, expired

    ISACA CISA (Certified Information Security Auditor)

    Issued in 2013, expired

    ISC2 SSCP (Systems Security Certified Practitioner)

    Issued in 2007, expired

    Cisco CCNA, CheckPoint CCSA, CheckPoint CCSE

    Issued in 2004-2006, all expired

    Publications

    Mastering AWS Security 2nd Edition: Strengthen your cloud environment using AWS security features coupled with proven strategies (ISBN 1805125443)

    Packt Publishing, book, 2024

    Pentesting on AWS

    Securzy, webinar, 2023

    Does Network Security Still Matter in the Serverless Era on AWS?

    Securzy, webinar, 2023

    AWS Essentials for Security Folks: From On-Prem to Cloud

    Securzy, webinar, 2023

    The power of Infrastructure as Code for security in the AWS cloud

    Securzy, webinar, 2023

    Getting started with a security review of an AWS environment

    Securzy, webinar, 2023

    Secure Design Patterns for multi-tenancy in AWS

    Securzy, webinar, 2023

    Implementing security in microservices architecture on AWS

    CodeRed by EC-Council, online video course, 2022

    Serverless, containers or VMs? How to choose the right compute type for your workloads on AWS?

    Blog post, 2021

    Where is cloud computing on Cambodia’s horizon?

    Self-published, article, 2020

    AWS Educate Cloud Ambassadors Open Mic: Moving in-school labs to AWS

    AWS workshops from home, webinar, 2020

    How could organisations leverage open-source intelligence to gain more insight into their cyber threats?

    INFOSEC Institute, article, 2013

    Contact Me