RB

Reinier van de Beek

available

Last update: 13.11.2024

Ervaren Systeemspecialist en Security Auditor

Company: Z-Audit
Graduation: HBO on experience
Hourly-/Daily rates: show
Languages: German (Full Professional) | English (Full Professional) | Dutch (Native or Bilingual)

Keywords

IBM Resource Access Control Facility Safety Principles Auditing Internal Controls Databases Risk Analysis External Audits Python (Programming Language) Role-Based Access Control Import/Export Logistics + 13 more keywords

Skills


Profile
From 1998 Until today I’m working with RACF as an RACF
Administrator and as an RACF Auditor. An interesting combination of
knowledge.
All this time I have worked with RACF Consul in several jobs as
administrator, analyzer auditor and advisor.
So I have my experience and skills in the two mentioned jobs.
As an RACF administrator
• Add users, groups, datasets and other RACF permissions.
• Secure the use of RACF.
As an RACF analyzer/advisor to the management
• RACF database
How is the RACF database implemented and confgured?
• Implementing RBAC roles
How are de RBAC application roles designed and implemented in
your company?
Is there separation of duties well implemented in a way that this don't
conficting a good confrmation of In Control Statement.
• Risk analyses
Analyze the outcome of external audits.
Analyze the outcome of internal audits.
How to manage these audit fndings related to receive an proper ‘In
Control Statement’ or ‘Third Party Declaration’.
As an RACF Auditor to control and advise the manager
• How are the roles designed in RACF?
• Witch Security guidelines are valid?
• Are there security breaches?
• Which First line of defense controls are implemented?
• Pre-audit the company on various subjects according to RACF.
What outcome you can expect when you are audited?
What kind of skills I have
• My 26 years working experience as a RACF Auditor using Z-Secure.
• Also my 26 years’ experience as a RACF Administrator.
• The relevant IBM-RACF courses.
• The relevant Consul-RACF courses.
• RACF-CARLA queries on the RACF database.
• Analyse if people do the right things with their RACF rights.
• My experience as an Lead Internal Audit specialist.
• Microsoft Word, Microsoft Excel to write and analyse.
• TSO/ISPF
• JCL
• USS
• Basic REXX to understand what’s happening.
• YAML
• SPLUNK to monitor security logging.
• Basic Python to understand what’s happening what programmers do.
• The ability to ask the Python Programmers to program what I want to see.
• The ability to work with other specialist.
• The ability to work in a team and also alone when it’s necessary.
• The ability to coach people.
Give back my knowledge for the future generation.
RACF-security can be managed in another way…an interesting
combination I would say. It’s really works if you do this properly.
Work Experience
Internal Control
Conducted internal controls on IT ITIL processes. External auditors
can use my conducted controls as a base.
Quality Control
Assessed TPM controls and judged outcomes of internal control
teams. No TPM/ICS deviations.
Consulting
Advised management in response to audit fndings to achieve
workable solutions with risk coverage. Approval of TPM/In Control
Statement.
Advice
Supervised external audits and discussed results with responsible
management. Delineation of findings led to less burden on operational teams.

Advice
Wrote programs for RACF and carried out checks. Improved risk
management through internal control measures.
Functional Management
Managed the RACF database in all kinds of areas as a RACFAdministrator. Ensured good security design with as few external
audit findings as possible.

Auditing RACF
Carried out all kinds of audits in the feld of use of RACF to
demonstrate a degree of risk control. 
Good and reliable controls
served as the


Auditing
Conducted fraud investigations. No further explanation.
System Specialist RACF
Ministry of Finance
2005 - present
Served as Security Administrator.
System Specialist RACF (Auditor)
Ministry of Finance
2005 - present
Conducted security auditing and analysis.
FIB3 ofcial B/CICT
Ministry of Finance
2001 - 2004
Managed internal controls and provided security advice.
IC ofcial-B/CICT
Ministry of Finance
1998 - 2001
Handled internal controls.
Customs ofcer
Ministry of Finance
1995 - 1998
Conducted security checks and functionary duties.
Customs ofcer Import Export Verifcation
Ministry of Finance
1983 - 1990
Performed import and export verifcation checks.
Customs officer
Ministry of Finance
1981 - 1982
Conducted surveillance service checks.
Customs Ofcer Supervision
Ministry of Finance
1979 - 1981
Supervised customs ofcers and conducted checks.
Payroll administration
Continental
1978 - 1979


 

Project history

01/2005 - Present
Systeemspecialist RACF (Auditor)
Ministerie van Financiën

Verantwoordelijk voor security auditing en analyse, met focus op RACF-systemen.

01/2005 - Present
Systeemspecialist RACF (Administrator)
Ministerie van Financiën

Beheer en configuratie van RACF-systemen voor optimale beveiliging.

01/2001 - 12/2004
FIB3 functionaris B/CICT
Ministerie van Financiën

Interne controles en advisering op het gebied van IT.

01/1998 - 12/2001
IC functionaris-B/CICT
Ministerie van Financiën

Uitvoering van interne controles binnen de IT-afdeling.

01/1995 - 12/1998
Douane ambtenaar AO/IC/FIB-DOUANE Functionaris
Ministerie van Financiën

Controle en security taken binnen de douaneafdeling.

01/1983 - 12/1990
Douane ambtenaar Import-Exportverificatie (MBO)
Ministerie van Financiën

Controle van import- en exportdocumenten.

01/1981 - 12/1982
Douane ambtenaar Surveillancedienst
Ministerie van Financiën

Uitvoering van surveillancetaken voor de douane.

01/1979 - 12/1981
Douane-ambtenaar Toezicht
Ministerie van Financiën

Toezichthoudende taken binnen de douane.

01/1978 - 12/1979
Loonadministratie
Continental

Verantwoordelijk voor de administratie van lonen.

Local Availability

Open to travel worldwide
Profileimage by Reinier vandeBeek Ervaren Systeemspecialist en Security Auditor from Almelo Ervaren Systeemspecialist en Security Auditor
Register