Fabian Emmen

Leading a team in modernizing and migrating 1500+ applications to Single Sign-On (SSO) with Multi-Factor Authentication (MFA) on Azure / Microsoft Entra.

Activities:
- Assessed the current application landscape
- Designed and developed automation for onboarding applications to Entra ID
- Defined and executed migration strategy

Products used:
- Microsoft Entra ID
- Active Directory Federation Services
- One Identity
- CyberArk

Lead multiple teams in implementing and customizing ForgeRock for a telecom provider.

Activities:
- Designed and developed ForgeRock to integrate with legacy systems to provide policy-based access control (PBAC)
- Scaled the platform to handle authorizations for 1.2 million B2B and B2C users
- Managed three teams with a total of 35 DevOps engineers and business analysts

Products used:
- ForgeRock AM
- ForgeRock DS
- ForgeRock IDM
- Oracle databases
-… Meer weergeven

Lead multiple teams in implementing and customizing ForgeRock for a telecom provider.

Activities:
- Designed and developed ForgeRock to integrate with legacy systems to provide policy-based access control (PBAC)
- Scaled the platform to handle authorizations for 1.2 million B2B and B2C users
- Managed three teams with a total of 35 DevOps engineers and business analysts

Products used:
- ForgeRock AM
- ForgeRock DS
- ForgeRock IDM
- Oracle databases
- JavaScript
- Various DevOps tools such as Jenkins, Gitlab, and Docker Minder weergeven

Working together with an offshore team in maintaining and developing changes to a ForgeRock IAM platform for a client in the telecom industry.

Activities:
- Acting as the onshore point of contact for the client.
- Gathering requirements for changes together with architects and product owners.
- Aligning delivery releases together with project managers and stakeholders.

Products used:
- ForgeRock OpenAM
- ForgeRock OpenDJ

The goal of the project is to structure and standardize the employee identity data stored in the organization's central Active Directory. With one unified way of maintaining identity data and applying Master Data Management principles, the company achieves:
- Compliance with GDPR and other regulations by deleting unused accounts and irrelevant data
- Faster deployment of new global services through one global standard in identity data
- Cost reduction through applying a global identity… Meer weergeven

The goal of the project is to structure and standardize the employee identity data stored in the organization's central Active Directory. With one unified way of maintaining identity data and applying Master Data Management principles, the company achieves:
- Compliance with GDPR and other regulations by deleting unused accounts and irrelevant data
- Faster deployment of new global services through one global standard in identity data
- Cost reduction through applying a global identity management solution

The company has operating companies (OpCos) in over 60 countries of which all their employee and contractor identities are stored in the central Active Directory.
My role in the project is to guide the OpCos in cleansing their Active Directory data. I help the OpCos understand the technical implications of adhering to the data standards and support updating the global data standards where necessary.
Minder weergeven

Performed a GDPR and IAM gap assessment for the HR department of a global e-commerce.

The assessment resulted in advising remediation actions to improve GDPR compliance, IAM governance, and automate access provisioning.

The key applications that were assessed were:
- Workday
- SAP HR
- Greenhouse.

During this project I've designed and developed an access management log analytics solution based on Splunk to gain insight into service usage, customer experience issues, and identify service abusers.

Activities:
- Defined solution requirements with product owners and technical teams.
- Designed the platform.
- Performed a proof of concept with two products (Splunk and ELK).
- Implementation of the selected product (Splunk).
- Created dashboards and provided demos to… Meer weergeven

During this project I've designed and developed an access management log analytics solution based on Splunk to gain insight into service usage, customer experience issues, and identify service abusers.

Activities:
- Defined solution requirements with product owners and technical teams.
- Designed the platform.
- Performed a proof of concept with two products (Splunk and ELK).
- Implementation of the selected product (Splunk).
- Created dashboards and provided demos to (senior) management.

Products used:
- Splunk
- Logstash
- Elasticsearch
- Kibana Minder weergeven

During this project I've worked as a subject matter expert in the area of identity & access management for Wi-Fi networks for an international telecom provider.
The telecom provider offers a Community Wi-Fi service to its customers consisting of millions of access points across multiple countries.

I lead a small team with two offshore colleagues in developing and delivering features and integrations for the service’s RADIUS component. This component provides Authentication… Meer weergeven

During this project I've worked as a subject matter expert in the area of identity & access management for Wi-Fi networks for an international telecom provider.
The telecom provider offers a Community Wi-Fi service to its customers consisting of millions of access points across multiple countries.

I lead a small team with two offshore colleagues in developing and delivering features and integrations for the service’s RADIUS component. This component provides Authentication, Authorization, and Accounting (AAA) for the Community Wi-Fi service.

Activities:
- Lead a small development team in developing an access management system.
- Rolled out the Community Wi-Fi service in multiple countries.
- Developed authentication for SIM cards instead of username/passwords in order to grant mobile subscribers access to the Wi-Fi service.
- Rolled out a major upgrade of the Community Wi-Fi service in several countries allowing for improved service quality and introducing new features.
- Established partnerships with other Wi-Fi service providers to allow our customers to roam in their network and vice versa.
- Continuous efforts to improve the performance and quality of the service.

Products used:
- Alcatel-Lucent 8950 AAA
- Alcatel-Lucent 7750 Service Router
- IBM Security Directory Server
- Red Hat Enterprise Linux Minder weergeven

For my graduation thesis I researched how Motiv IT Masters BV could improve the availability monitoring of her IT services.

Results:
- An analysis regarding the state of Motiv’s availability monitoring.
- A survey on the requirements of different interest groups regarding the improvement of Motiv’s availability monitoring.
- A change analysis in which different approaches to meeting the requirements were analyzed and compared. This change analysis resulted in an advise to… Meer weergeven

For my graduation thesis I researched how Motiv IT Masters BV could improve the availability monitoring of her IT services.

Results:
- An analysis regarding the state of Motiv’s availability monitoring.
- A survey on the requirements of different interest groups regarding the improvement of Motiv’s availability monitoring.
- A change analysis in which different approaches to meeting the requirements were analyzed and compared. This change analysis resulted in an advise to replace Motiv’s availability monitoring tool.
- A product analysis in which availability monitoring tools have been compared according to the supplied requirements.
- An advisory report in which one availability monitoring tool was advised to Motiv. This report also described the way the tool met the supplied requirements and presented how the state of Motiv’s availability monitoring could improve by implementing the advised tool.
- A proof of concept in which the way the advised monitoring tool could meet the supplied requirements was presented.
- An implementation plan containing an advised procedure on replacing Motiv’s availability monitoring tool with the advised tool.
- A thesis describing the process of the project.
- A presentation on availability monitoring best practices for companies like Motiv IT Masters BV.

Knowledge gained:
- I learned how to analyze issues and requirements involving a business process crucial to an IT service provider.
- I learned more about having discussions with different interest groups and writing, presenting and defending an advisory report.
- I learned how to tune the requirements of different interest groups in to each other using discussions.
- I learned how to compare a large amount of products on a technical level. What I noticed during my comparison was that the features described in marketing documentation do not always work the way they are described. Minder weergeven

Researching open source solutions for automatically generating, distributing and installing client certificates within a network domain.

Results:
- A report describing and comparing different solutions for the abovementioned requirements.
- A testing environment for the most viable solution.

Experience and knowledge:
- I expanded my knowledge about Public Key Infrastructure (PKI), Ubuntu Server, Red Hat Enterprise Linux (RHEL) and learned about different open source… Meer weergeven

Researching open source solutions for automatically generating, distributing and installing client certificates within a network domain.

Results:
- A report describing and comparing different solutions for the abovementioned requirements.
- A testing environment for the most viable solution.

Experience and knowledge:
- I expanded my knowledge about Public Key Infrastructure (PKI), Ubuntu Server, Red Hat Enterprise Linux (RHEL) and learned about different open source certificate authority solutions.
- I learned how open source solutions can collaborate or compete with proprietary solutions such as Microsoft Active Directory Domain Services, Microsoft Group Policy Objects and Microsoft Certificate Services. Minder weergeven

As part of my minor Social & Virtual Networks I developed a smartwatch and smartphone application together with a team of fellow students for the digital marketing company Greenberry.

Results:
- A product analysis on smartwatches. The analysis resulted in the decision to develop an application for the Pebble smartwatch.
- Brainstorming sessions resulting in the decision to create a Points of Interest application for monuments in Utrecht. When a user gets in the vicinity of a… Meer weergeven

As part of my minor Social & Virtual Networks I developed a smartwatch and smartphone application together with a team of fellow students for the digital marketing company Greenberry.

Results:
- A product analysis on smartwatches. The analysis resulted in the decision to develop an application for the Pebble smartwatch.
- Brainstorming sessions resulting in the decision to create a Points of Interest application for monuments in Utrecht. When a user gets in the vicinity of a monument, the Pebble smartwatch gives the user a short description of the monument. The user can then access the smartphone application to view more information about the monument.
- A proof of concept Pebble smartwatch and Android smartphone application.

Knowledge gained:
- I learned how to analyze a technology trend (smartwatches).
- I leared how to perform a product analysis.
- I learned how to program Pebble smartwatch and Android smartphone applications with C and Java. Minder weergeven

After completing my internship at Lumiad I was asked to work at Lumiad alongside my study. During this period I continued to expand the features of the Lumiad Secure Access Controller. The Lumiad Secure Access Controller is an Ubuntu Linux server functioning as a RADIUS server, LDAP server and a Certificate Authority.

Results:
- Deploying the system at clients and providing both on-site and off-site support.
- Developing and implementing new features such as a Subordinate… Meer weergeven

After completing my internship at Lumiad I was asked to work at Lumiad alongside my study. During this period I continued to expand the features of the Lumiad Secure Access Controller. The Lumiad Secure Access Controller is an Ubuntu Linux server functioning as a RADIUS server, LDAP server and a Certificate Authority.

Results:
- Deploying the system at clients and providing both on-site and off-site support.
- Developing and implementing new features such as a Subordinate Certificate Authority feature. This feature enabled the certificate authority to become part of a certificate chain involving other certificate authorities. This allowed the system to issue its own client certificates and authenticate certificates issued from other certificate authorities within the chain.
- Performing upgrades to the Lumiad Secure Access Controller. This ranged from bug fixes to hashing algorithm improvements to operating system upgrades. Each upgrade involved thorough testing, change documentation and revisions of the system’s manual.

Knowledge gained:
- This project allowed me to build on my knowledge and experience obtained during my internship at Lumiad. I gained more knowledge about Public Key Infrastructure (PKI), network authentication (RADIUS), Linux systems, OpenSSL and PHP.
- I learned to independently perform research on improving a complex system. I researched new features and upgrades that generated added value in terms of client features and security. I pitched these ideas to my supervisor and the director of Lumiad in order to get permission to realize them.
- I learned to document changes in a way that benefitted other developers. Minder weergeven

During my employment at Lumiad I gathered and investigated many issues that Lumiad’s clients had regarding network reliability, security and network authentication (RADIUS). I proposed Wim Bos, the boss and owner of Lumiad, to create a solution for these problems in the form of a model.

Result:
- Together we designed a model for RADIUS implementations that reduces latency and security issues and improves reliability in comparison to traditional RADIUS… Meer weergeven

During my employment at Lumiad I gathered and investigated many issues that Lumiad’s clients had regarding network reliability, security and network authentication (RADIUS). I proposed Wim Bos, the boss and owner of Lumiad, to create a solution for these problems in the form of a model.

Result:
- Together we designed a model for RADIUS implementations that reduces latency and security issues and improves reliability in comparison to traditional RADIUS implementations.

Experience and knowledge:
- I expanded my knowledge about the role of networks, security and RADIUS within large environments.
- I learned how to design a solution in a way that it can solve a collection of issues.
- I enjoyed brainstorming with Wim Bos with the goal of finding solutions for our clients. Minder weergeven

This project was a collaboration between the Hogeschool Utrecht and Lumiad. Me and fellow students from the Hogeschool Utrecht performed research on network authentication protocols, Network Access Control (NAC), Mobile Device Management (MDM), Bring Your Own Device (BYOD) and the Lumiad Secure Access Controller.

Results:
- A design for automating certificate distribution and network authentication settings to Windows, Android and iOS devices.
- A design and implementation of new… Meer weergeven

This project was a collaboration between the Hogeschool Utrecht and Lumiad. Me and fellow students from the Hogeschool Utrecht performed research on network authentication protocols, Network Access Control (NAC), Mobile Device Management (MDM), Bring Your Own Device (BYOD) and the Lumiad Secure Access Controller.

Results:
- A design for automating certificate distribution and network authentication settings to Windows, Android and iOS devices.
- A design and implementation of new features for the Lumiad Secure Access Controller.

Grade: 8.5

Experience and knowledge:
- I learned how to lead a technical team and spread knowledge within the team.
- I learned how to analyze protocols and technical solutions. Minder weergeven

As an intern at Lumiad I worked on expanding the features of the Lumiad Secure Access Controller. This Ubuntu Linux server system functioned as a RADIUS server, LDAP server and a Certificate Authority. During the project I worked on resolving technical issues and developing new features. Aside from the project I also performed on-site Wi-Fi coverage scans used for WLAN planning and Real Time Location Systems (RTLS).

Results:
- Making it possible to connect the RADIUS server to a… Meer weergeven

As an intern at Lumiad I worked on expanding the features of the Lumiad Secure Access Controller. This Ubuntu Linux server system functioned as a RADIUS server, LDAP server and a Certificate Authority. During the project I worked on resolving technical issues and developing new features. Aside from the project I also performed on-site Wi-Fi coverage scans used for WLAN planning and Real Time Location Systems (RTLS).

Results:
- Making it possible to connect the RADIUS server to a Microsoft Active Directory Domain Services environment. This enabled the Ubuntu system to authenticate users using Active Directory credentials.
- Making it possible to connect the Certificate Authority to Microsoft Active Directory Certificate Services. This enabled the Ubuntu system to authenticate users using client certificates issued through Microsoft Active Directory Group Policy Objects.
- Enabling the RADIUS server to perform dynamic VLAN allocation based on criteria such as client MAC addresses or Active Directory group membership.

Experience and knowledge:
- This internship greatly expanded my knowledge about Linux operating systems, network authentication, Public Key Infrastructure (PKI), OpenSSL, Microsoft Certificate Services, Microsoft Active Directory Services, Microsoft Group Policy Objects, PHP, Wi-Fi and locating devices using Wi-Fi signals (RTLS).
- I learned how to approach technical problems and develop added value to a complex system.
- I learned how to connect Linux systems to Windows environments.
- I enjoyed learning in-depth knowledge about Public Key Infrastructure and network authentication. Minder weergeven