Who
I’m Thom Prins, born in ‘93, living in the Netherlands, and speaking Dutch (native) and English (professional).
With about a decade of experience in InfoSec, I bring a unique blend of hands-on technical expertise and strategic oversight to every project. I specialize in Azure security consultancy and also operate as an interim (Technical) Information Security Officer, supporting organizations with both long-term strategy and immediate tactical needs.
My background spans technical security domains, (web) development, and governance, risk, and compliance (GRC), allowing me to communicate effectively with stakeholders at every level—from developers to executive leadership. I began my career at a Big Four consultancy firm (PwC), where I gained experience in offensive security (red teaming, penetration testing), enterprise-level security advisory, and GRC (ISO27001 certifications, SOC2 Type 2 audits, etc.). Later, at ABN AMRO, I played a key role in shaping and securing the Azure environment.
Since early 2023, I’ve been working independently, helping organizations build, assess, and mature their security posture—whether through assisting with direct technical implementation or strategic advisory. I have mainly worked in the banking and insurance sectors over the years, and am completely familiar with their heavy compliance regimes. Besides that I’ve also worked in the industrial sector, appreciating their specific pragmatics needs. Stepping out of my comfort zone and learning the ropes of a new environment is something I absolutely enjoy and am good at.
What
Azure Security Consultancy
- Cloud security architecture & Review
Designing and assessing secure Azure environments, with a focus on effective governance (e.g. AzPolicy), compliance, costs, scalability, and resilience. - Identity & Access Management (IAM)
Implementation and hardening of Entra ID, Azure RBAC, conditional access, and privileged identity solutions. - Security monitoring & Incident response
Configuring and tuning Defender for Cloud, Sentinel, and other native tools for effective threat detection and response. - DevSecOps integration
Embedding security into CI/CD pipelines and supporting secure development practices in Azure-native environments.
Interim (Technical) Information Security Officer (ISO)
- Security strategy & Governance
Acting as a trusted advisor to leadership, aligning security objectives with business goals. - Risk management & Compliance
Supporting ISO 27001, NIS2, and industry-specific compliance needs through practical, risk-based implementation. - Stakeholder engagement & Awareness
Bridging the gap between technical teams and non-technical stakeholders, fostering a culture of security across the organization. - Supporting technical teams
Offering in-depth and technical advice to development teams. Pragmatic and realistic, while at the same time maintaining a healthy security posture for the organization.
Whether you’re looking to strengthen your Azure infrastructure, fill a temporary ISO role, or drive forward your organization’s security posture, I can help you achieve your goals.
Let’s connect and discuss how I can support your organization. Please refer to my LinkedIn profile for educational credentials and relevant work experience.
Contact
💬 Signal