We have been active in the region for many years and support companies and individuals across Europe, the Middle East and Africa. We are committed to the EU, and wider European, Middle Eastern and African markets and work closely with members here creating a truly global cyber security organisation.
Europe is our first chapter in the EMEA region and it is managed by the Europe Council of elected member company representatives. The Chair of the CREST Europe Council, Rodrigo Marcos Alvarez, sits on our International Council.
We actively encourage the formation of new chapters and councils. When there is sufficient member interest in the Middle East and in Africa then we will open chapters representing those regions.
In parallel with our other Regional Councils, the Europe Council’s objectives are to build capability, capacity, consistency and community in the global cyber security industry and to support internationally recognised schemes by working with governments, regulators, buyers and suppliers in the region.
These goals help to enhance cyber resilience, open up markets for our member companies operating in the region and to create opportunities for CREST qualified individuals.
We offer a full range of disciplines in the market:
Members of the Europe Council were elected in December 2021. They will serve for three years at which point, to ensure continuity, half will retire by rotation by mutual agreement and be eligible for re-election for a further three-year term if they so wish. The other half will retire by rotation the following year.
The serving Europe Council Members are listed below in alphabetical order. Hold your cursor over each for more information.
[Portfolio: Penetration Testing]
Simon has 13+ years of experience in Cyber Security. He taught Penetration Testing classes at both BSc and MSc levels. He owns the following certifications: CISSP, CCSP, PMP, SEPP. Simon completed his BSc in Computer Science in 2019 and his MSc in Computer Security and Systems Forensics in 2011.
His publications include several ethically disclosed zero-day vulnerabilities, CVEs as well as book chapters and scientific papers. Simon’s passions include martial arts, motors and humans’ behavioural threats studies.
[Portfolio: Intelligence Led Testing]
Based in Copenhagen, Denmark, Jay leads the EU/UKI Red Team for Mandiant. His specialist background is in red team engagements, simulated targeted attack scenarios and purple team exercises and he created the technical ransomware assessment and threat-intelligence led methodologies and offerings within Mandiant.
His research is currently focuses on adversarial simulation of FIN/APT groups, ransomware behaviour and strategy, and on building custom payload and C2 tools to match the capabilities of these advanced threat actors. He still leads the large-scale red team engagements for client across all industry verticals and Critical National Infrastructure (CNI) throughout Europe, the Middle East and the US.
[Portfolio: Regulator Engagement]
Rod is the CEO of SECFORCE Ltd, a penetration testing and red teaming consultancy. Rod also contributes to the security community by leading an OWASP chapter, mainly driven by the goal of increasing security awareness and providing an opportunity for individuals to acquire technical offensive security skills.
With 20 years of experience in offensive security, Rod has a strong technical background. Even though he still enjoys getting involved in the technical aspect of security and getting his hands dirty in “low level” stuff, Rod’s professional goals are around creating a rewarding and inspiring work environment, helping solve customer challenges and make this world a safer place – one IP address at a time.
Iraklis is currently the Chief of Service Delivery for Obrela Security Industries. He is responsible for supporting Obrela’s Resilience Operation Centers that provide Obrela’s MDR service to enterprise organizations across the globe. He has previously held Global Cyber roles in the UK and Greece and specialises in providing assurance across a diverse set of industries and geographies
Bruno is a Partner and Director of Penetration Testing Services at Devoteam Cyber Trust, a cyber security consulting company . With more than 21 years in the information security industry, he’s been responsible for managing and delivering penetration testing projects to clients in multiple industries, from retail, to energy, healthcare, finance, and government, to name a few. He’s been actively involved in the security community having founded the Portuguese association for the promotion of information security (AP2SI) and the BSidesLisbon security conference.
Bruno holds an MSc. in Information Security from Royal Holloway, University of London, and several International certifications such as OSCP, GPEN, CISSP-ISSMP, CISA, ISO 27001 Lead Auditor and ITIL.
Anil has more than 18 years of professional experience working in all aspects of offensive security assessments at a senior, global and strategic level. He has been conducted many offensive assessments for finance organisations, governments and automotive industry.
He has been working at DXC Technology since 2017 as a Practice Lead in the Threat and Vulnerability Management team, and is primarily responsible for the development, execution and delivery of red team operations.
[Portfolio: Threat Intelligence]
With more than 25 years in public service, Wiebe joined SecAlliance as Director of Strategy, August 2021. Prior to this he worked in senior policy roles at the European Central Bank (ECB), first as Head of the Market Integration Division (2006- 2015) and finally as programme director focusing on technological innovation and cyber resilience across the financial sector (2016-2021).
In his latter position, he chaired the ESCB Task Force on Cyber Resilience Strategy for Financial Market Infrastructures, managed the Secretariat of the Euro Cyber Resilience Board and was member of the European Systemic Cyber Group of the European Systemic Risk Board. The European cyber testing program TIBER-EU and the European Cyber Information and Intelligence Sharing Initiative (CIISI-EU) were developed and rolled-out are under his responsibility. Before joining the ECB in 2006, he worked in senior roles at De Nederlandsche Bank and the Dutch Ministry of Finance.
Portfolio: Incident Response]
Olle is a veteran within the IT security industry, having devoted himself to both “breaking” and “building” security solutions for over 20 years. Since his appointment as Principal Security Consultant at F-Secure in 2016, he has established a new security consulting practice in Stockholm, Sweden, that has grown into a team of 12 expert consultants serving some of the biggest and most targeted organizations in Sweden.
At F-Secure, Olle is also actively engaged in improving consulting practices and methodologies to provide better assurance for clients in new and more efficient ways. Olle is a regular speaker at information security conferences and is also a co-founder of one of them, the popular SEC-T hacker conference in Stockholm.
Antonio is a security advisor with more than 10 years of professional experience in the information security field. He has been managing and executing many technical security assessments and ethical hacking projects, including penetration tests and threat intel-led red team tests, thus enabling organizations – across multiple industries and geographies – improving their cyber resilience against modern and sophisticated threat actors.
Antonio is a business-minded person with a strong technical background and is an advocate for information security and red teaming in all its forms, from social engineering to digital and physical security. He has extensive experience as training facilitator and enjoys instilling his passion about offensive security to all those who want to learn and develop in this field.
CREST Focus Groups help us to continually monitor best practice in Penetration Testing, Threat Intelligence, Incident Response, Intelligence-Led Testing and SOC. To see the relevant Focus Groups for EMEA, please visit our Focus Groups page.