CREST European Union Council
The CREST European Union Council Members were elected in December 2021. They will serve for three years at which point, to ensure continuity, half will retire by rotation by mutual agreement and be eligible for re-election for a further three year term if they so wish. The other half will retire by rotation the following year.
The serving EU Council Members are listed below in alphabetical order.
Jon Christiansen, Mandiant
Based in Copenhagen, Denmark, Jay leads the EU/UKI Red Team for Mandiant. His specialist background is in Red Team engagements, simulated targeted attack scenarios and Purple Team exercises and he created the technical ransomware assessment and threat-intelligence led methodologies and offerings within Mandiant.
His research is currently focuses on adversarial simulation of FIN/APT groups, ransomware behaviour and strategy, and on building custom payload and C2 tools to match the capabilities of these advanced threat actors. He still leads the large-scale Red Team engagements for client across all industry verticals and Critical National Infrastructure (CNI) throughout Europe, the Middle-East and the US.
Rodrigo Marcos, SECFORCE
Rod is the CEO of SECFORCE Ltd, a leading penetration testing and red teaming consultancy. Rod also contributes to the security community by leading an OWASP chapter, mainly driven by the goal of increasing security awareness and providing an opportunity for individuals to acquire technical offensive security skills.
With 20 years of experience in offensive security, Rod has a strong technical background. Even though he still enjoys getting involved in the technical aspect of security and getting his hands dirty in “low level” stuff, Rod’s professional goals are around creating a rewarding and inspiring work environment, helping solve customer challenges and make this world a safer place – one IP address at a time.
Iraklis Mathiopoulos, Nettitude
Iraklis is currently the Global Head of Penetration Testing Services at Nettitude responsible for a number of penetration testing services and consultants in multiple geographic regions.
He has previously held team management responsibilities as well as working as a principal security consultant specialising in web application testing, infrastructure testing and cloud environments.
Bruno Morisson, Integrity SA
Bruno is a Partner and Director of Penetration Testing Services at INTEGRITY S.A., a cyber security consulting company part of the Devoteam group. With more than 21 years in the information security industry, he’s been responsible for managing and delivering penetration testing projects to clients in multiple industries, from retail, to energy, healthcare, finance, and government, to name a few. He’s been actively involved in the security community having founded the Portuguese association for the promotion of information security (AP2SI) and the BSidesLisbon security conference.
Bruno holds an MSc. in Information Security from Royal Holloway, University of London, and several International certifications such as OSCP, GPEN, CISSP-ISSMP, CISA, ISO 27001 Lead Auditor and ITIL.
George Patsis, Obrela Security Industries
George Patsis is a highly accomplished expert in information security with a proven track record in developing and implementing large-scale security programs for major Global 500 Corporations. As an Entrepreneur he holds a passion for identifying market opportunities and building brands. He pioneers and leads the design and development of innovative services and products in the area of strategic security intelligence and risk management.
He has studied Electrical and Electronic Engineering at the University College of London and holds a MSc in Information Security Management from the Royal Holloway University of London.
Anil Pazvant, DXC Technology
Anıl has over 18 years of professional experience working in all aspects of offensive security assessments at a senior, global and strategic level. He has been conducted many offensive assessments for finance organizations, governments and automotive industry.
He has been working at DXC Technology since 2017 as a Practice Lead in Threat and Vulnerability Management team, and is primarily responsible for the development, execution and delivery of Red Team Operations.
Wiebe Ruttenberg, Security Alliance
With a background of more than 25 years in public service, Wiebe Ruttenberg joined SecAlliance as Director of Strategy, August 2021. Prior to this he worked in senior policy roles at the European Central Bank (ECB), first as Head of the Market Integration Division (2006 – 2015) and finally as programme director focusing on technological innovation and cyber resilience across the financial sector (2016 – 2021). In his latter position, he chaired the ESCB Task Force on Cyber Resilience Strategy for Financial Market Infrastructures, managed the Secretariat of the Euro Cyber Resilience Board and was member of the European Systemic Cyber Group of the European Systemic Risk Board. The European cyber testing program TIBER-EU and the European Cyber Information and Intelligence Sharing Initiative (CIISI-EU) were developed and rolled-out are under his responsibility. Before joining the ECB in 2006, he worked in senior roles at De Nederlandsche Bank and the Dutch Ministry of Finance.
Olle Segerdahl, F-Secure Cyber Security
Olle Segerdahl is a veteran within the IT security industry, having devoted himself to both “breaking” and “building” security solutions for over 20 years. Since his appointment as Principal Security Consultant at F-Secure Consulting in 2016, he has established a new security consulting practice in Stockholm, Sweden that has grown into a team of 12 expert consultants serving some of the biggest and most targeted organizations in Sweden. At F-Secure Consulting, Olle is also actively engaged in improving consulting practices and methodologies to provide better assurance for clients in new and more efficient ways. Olle is a regular speaker at information security conferences and is also a co-founder of one of them, the popular SEC-T hacker conference in Stockholm.
Alexis Vanden Eijnde, Prism Infosec
Alexis is a senior consultant with over 10 years’ professional experience within the security industry and has worked with several security consultancies including MDSec and A&O Corsaire.
Alexis has a background in software development and has used this to develop tools and training material specifically focused on security, this has included building custom extensions for widely popular testing tools such as PortSwigger’s Burp Suite. Alexis has also delivered web application testing training at the major security and hacking conference ‘Black Hat’ for two years.
Alexis has performed technical security assessments for government, financial, software and other commercial and non-commercial sector customers including FTSE 100 companies.
Burc Yildirim, Deloitte
Burc is a trusted cyber security advisor assisting companies managing cyber security risk. Being a seasoned security professional, he helps influencing and driving initiatives that helps business grow while managing cyber risk.
He has extensive experience in managing and leading complex offensive and strategic cyber security engagements, across geographies, with diverse teams. He uses his technical background and business leadership experience, to translate cyber security threats into business risk.