About Timeline Skills Homelab Contact
Specialist in progress. Generalist by default.

Yannick
Van Campenhout

Bridging the gap between deep technical execution and strategic security thinking. Based in Belgium, working across Europe.

View my journey Get in touch
Yannick Van Campenhout
Who I am

My Story

I'm a Cybersecurity Engineer at Cronos Security, Belgium. Before that, Deloitte — where I worked inside some of Belgium's largest organisations, running enterprise-scale vulnerability management programs on Qualys, Tenable and Rapid7. At one client, we took a program sitting at 12 million open vulnerabilities down to 3 within a year.

The goal is to become the Swiss Army knife of cybersecurity. Someone who can hold their own across vulnerability management, risk, cloud security, architecture, governance and technical depth — and actually connect the dots between them.

Outside client work, the homelab is where I test everything before I recommend it. It runs on Proxmox, Docker and Unifi — proper VLAN segmentation, local AI inference, n8n automation pipelines. It also keeps the house running: cameras, motion-triggered automations, climate, lighting — my wife and I built it so the house is clean, secure and ready before we even get home. If I'm going to tell a client how something works, I need to have broken it myself first.

LocationBrussels, Belgium
CurrentCybersecurity Engineer @ Cronos Security
EducationThomas More Hogeschool · 2019–2022
LanguagesDutch (native) · English (bilingual) · French (professional)
CertsSSCP · CC · CEH · PRINCE2 · ITIL4
LinkedIn

🛡️ Vulnerability Management

Built and ran VM programs at scale — Qualys, Tenable, Rapid7. Took one client from 12M open vulns to 3 in a year through patching cycles, prioritisation and stakeholder buy-in.

☁️ Cloud Security

Azure and AWS security assessments: identity, access, misconfigurations, architecture. Hands-on with Terraform and cloud-native security tooling.

📋 Governance & Compliance

Gap analyses against ISO 27001, NIS2 and DORA. Turning audit findings into security programs people actually follow — not just a report that sits in a drawer.

🔬 Always Building

AZ-500 in progress. Homelab running 24/7. Anything worth recommending to a client gets tested at home first.

Experience

The Journey

Jul 2024 — Present · Kontich, Belgium
Cronos Security
Cybersecurity Engineer · Full-time
  • Running vulnerability management programs for clients ranging from 10-person teams to 20,000+ user environments — reducing exposure at scale using Qualys, Tenable and Rapid7
  • Turned VM findings into action: built recurrent patching cycles, prioritisation frameworks and remediation workflows that actually get followed
  • Helped clients stand up cybersecurity programs from scratch — rewriting insecure code, closing governance gaps via ISO 27001, NIS2 and DORA gap analyses
  • Incident response, asset management and migration security oversight across regulated industries
Sep 2022 — Jul 2024 · Zaventem, Belgium
Deloitte
Cyber Security Consultant → Senior Consultant
  • Promoted from Consultant to Senior Consultant — faster than the standard track
  • Led vulnerability management programs inside some of Belgium's largest organisations using Qualys, Tenable and Rapid7 — one program went from 12 million open vulnerabilities to 3 in under a year
  • Cloud security assessments across Azure and AWS: architecture reviews, identity and access analysis, misconfiguration audits
  • Built NIS2 compliance roadmaps and ran gap analyses against ISO 27001 and DORA for enterprise clients across finance, logistics and public sector
  • Enterprise Security Architecture design — defining target states and the path to get there
Jun 2022 — Sep 2022 · Zaventem, Belgium
Deloitte
Intern — Cyber Cloud
  • Built an interactive AWS security demo used internally to illustrate real-world attack scenarios and misconfiguration risks
  • Hands-on with Bash scripting, Terraform and core AWS services — first real taste of infrastructure-as-code
  • Embedded in a senior consulting team from day one — got exposure to enterprise security architecture early
Capabilities

Skills & Certifications

🛡️

Security Operations

Vulnerability ManagementIncident ResponseAsset ManagementThreat ModellingSecurity Assessments
📋

GRC & Compliance

Risk ManagementNIS2GDPRITIL 4PRINCE2ISO 27001
☁️

Cloud & Infrastructure

AWSAzureTerraformBash ScriptingCloud Architecture
🏗️

Architecture & Design

Enterprise Security ArchitectureSecurity by DesignNetwork SegmentationZero Trust
🤖

AI & Automation

N8N WorkflowsSelf-hosted LLMsAI IntegrationDocker / Portainer
🔧

Tools & Platforms

ProxmoxUnifiHome AssistantSIEM PlatformsVulnerability Scanners
Certifications
2018
⚖️
GDPR Advisor

GDPR — Data Protection Advisor

Katholiek Onderwijs Vlaanderen

Trained as a data protection advisor under Belgian GDPR implementation. Covered legal bases, data subject rights, DPIAs and breach notification procedures.

Feb 2018 – Feb 2019
2021
🎩
CEH

Certified Ethical Hacker (CEH)

EC-Council

Covers attack phases, vectors and countermeasures across 20 domains including network scanning, malware, social engineering, and web application hacking.

Aug 2021 · Active
2022
🪟
AZ-900

Microsoft Azure Fundamentals (AZ-900)

Microsoft

Foundational Azure cloud concepts: core services, pricing models, SLAs and cloud governance. Stepping stone to deeper Azure security work.

Apr 2022 – Apr 2024
2022
☁️
AWS CCP

AWS Cloud Practitioner (CCP)

Amazon Web Services

Validates broad AWS cloud knowledge: core services, security, architecture, and billing. Foundation for deeper AWS security and architecture certifications.

Oct 2022 – Oct 2025
2022
☁️
AWS SAA

AWS Solutions Architect – Associate (SAA-C03)

Amazon Web Services

Designing distributed systems on AWS with a focus on resilience, performance and security. Covers IAM, VPCs, encryption and access control in depth.

Nov 2022 – Nov 2025
2022
⚙️
ITIL 4

ITIL 4 Foundation

PeopleCert

IT service management framework covering the service value system, guiding principles and four dimensions model. Enables structured, business-aligned security service delivery.

Dec 2022 · Active (no expiry)
2023
🪟
SC-900

Security, Compliance & Identity Fundamentals (SC-900)

Microsoft

Microsoft's security baseline: identity, access management, threat protection, compliance management and Zero Trust fundamentals across M365 and Azure.

Sep 2023 – Sep 2025
2024
📊
PRINCE2

PRINCE2 Foundation

PeopleCert

Project management methodology covering the 7 principles, themes and processes. Applied to structured delivery of cybersecurity projects and client engagements.

Jan 2024 – Jan 2027 · Active
2024
🏛️
ISC2 CC

ISC2 Certified in Cybersecurity (CC)

ISC2

Entry-level ISC2 certification covering security principles, network security, access controls, and incident response. Precursor to the SSCP and CISSP pathways.

Sep 2024 – Sep 2027 · Active
2025
🏛️
SSCP

SSCP — Systems Security Certified Practitioner

ISC2

Practitioner-level ISC2 credential across 7 domains: access controls, risk, cryptography, network security, incident response, and more. Stepping stone to CISSP.

Aug 2025 – Aug 2026 · Active
2025
🔐
Holm Admin

Holm Security Administrator Specialist

Holm Security

Platform-specific certification for managing and operating the Holm Security vulnerability management platform — used actively in client VM programs at Cronos Security.

Dec 2025 – Dec 2028 · Active
Next
🎯
AZ-500

Microsoft Azure Security Engineer (AZ-500)

Microsoft

Validates skills in securing Azure identities, platforms, data, and applications. Natural next step given extensive Azure security assessment work at Deloitte and Cronos.

🎯 Next Target — In Progress
Future
🏆
CISSP

CISSP — Certified Information Systems Security Professional

ISC2

The gold standard in cybersecurity leadership. Covers 8 CISSP domains from risk management to software security. Target after accumulating the required ISC2 experience hours.

📅 In Sight — Long-term Target
Lab Environment

The Homelab

🖥️
Proxmox VE
Hypervisor / VM Orchestration

What's running

  • Multiple isolated VMs per project/environment
  • Separate network segments per VM group
  • Snapshot & clone workflows for fast testing
  • Security lab VMs for tool experimentation
📦
Portainer + Docker
Container Management

What's running

  • Portainer stacks for organised deployments
  • Self-hosted services across multiple stacks
  • N8N automation engine as a container
  • AI model inference containers (Ollama, etc.)
📡
Unifi Network
Enterprise-grade Networking

What's running

  • Multiple VLANs with strict inter-VLAN policies
  • Dedicated IoT, lab, trusted & guest networks
  • Unifi camera system with motion detection
  • Traffic inspection and firewall rules per VLAN
🤖
AI Stack
N8N + Self-hosted Models

What's running

  • N8N for complex multi-step automation workflows
  • Self-hosted LLMs for local AI inference
  • AI-driven home & security automation pipelines
  • Experimenting with AI-augmented alerting logic
🏠
Home Assistant
Smart Home Automation

What's running

  • Motion sensors with complex conditional logic
  • Automations across lighting, security, climate
  • Integration with Unifi cameras and Portainer stacks
  • Custom dashboards for real-time home monitoring
🔒
Security Layer
Hardening & Monitoring

What's running

  • Network-level isolation between all environments
  • Logging aggregation from key lab components
  • Certificate management for internal services
  • Continuous experimentation with detection tooling
Let's connect

Get in Touch

Whether it's a security challenge, a collaboration opportunity, or you just want to talk homelab setups — always open to a good conversation.