October 2018 – December 2018 – Ethical Hacker/Penetration tester at Reasult B.V.

Reasult creates and hosts forecasting software for real estate development and asset management.

I was asked to execute a security assessment on their hosting setup, followed by a penetration test of 2 of their applications. This consisted of RSA protected, Microsoft Windows based “remote applications” which are presented to the end user through the Remote Desktop Protocol.

The test results were well received by Reasult and redistributed amongst several of their larger customers.

September 2018 – Ongoing – End User Performance engineer at The Backbone

The Backbone is specialised in End User Performance Monitoring, which is done with, among others, SCOM, Savision and Azure solutions.

As an End User Performance engineer I create performance monitoring scripts, mainly in .Net/C# with TestStack.White as well as with Selenium Webdriver. These scripts run on a regular basis, within a production environment and measure the response times of the application as seen and experienced by the end-user and report these times to a monitoring system.

I have written scenarios for both web applications as well as for desktop clients such as SAP Gui, Microsoft Navision and Microsoft Outlook.

June 2018 – June 2019 – Test manager, Infra manager, Security Officer at DigiB – A Brenntag Company

At DigiB we shape the digital future of the chemical industry and design tools that help people do their jobs and run their businesses in the best possible way. Currently we are looking for a top junior tester to help us assure uninterrupted user experience on our digital platforms.

In June I was requested to do an assessment of the testing needs at DigiB and present a plan to the management team. My plan of how to setup testing, test automation, security testing as well as performance testing across different teams as well as across different regions was well recieved and I was invited by the management team to implement my plan.

Once the test team was in place, my focus shifted from setting up a team to converting the team into a smoothly running organization within DigiB with clear communication lines to Brenntag itself.

Testing is documented in a combination of Atlassian’s Jira, Confluence as well as TestRail.
Test automation is done on several levels, both with Postman and Newman as well as ProtractJS and Java with Selenium WebDriver. All code, including the test automation code, resides within a selfhosted GitLab.

The test team is key in both in-house testing of the applications as well as in coordinating, guiding and organizing the User Acceptance testing at the end-user sites across the globe.

Security and penetration testing happens on a regular basis, as well as code reviews of the different code basis.

Performance testing is executed based on a combination of JMeter (for the UI based parts) and Soap/LoadUI. The performance tests in DigiB are still in its infancy since we do not have any significant load. Main target of these tests has been to test bulk-loading data into the system, testing the message queues etc.

Besides my responsibilities for Testing and Quality Assurance I was also tasked with moving the infrastructure ahead into a more sustainable and stable setup. We moved from 1 infra engineer to a team of engineers, both external as well as internal headcounts. The infrastructure is fully cloud-hosted in GCE, running on Kubernetes.

December 2017 – October 2018 – Performance tester & Consultant at Centric Sociaal Domein

Centric does in-house development on their Suites for the Social Domains in the Netherlands. Over the past year they have been working hard at building an easy to use, keyword driven test automation application, the Test Automation Wizard.

The ultimate goal is to not only execute automated functional test from within this tool, but also execute regular performance test from within this tool.

I have been tasked with building a reusable set of performance tests, comparable with the functional regression test set, which can run effectively across different versions of the application suite. The performance tests are initially hand built in Visual Studio Enterprise as WebTest tests as well as coded C# tests. After gaining more experience and insights in VS Performance Tests, as a company the decision has been made to use JMeter rather than Visual Studio moving forward.

Based on this initial test set we have worked on finding the easily reusable components of the tests which can be connected to the test automation wizard.

September 2017 – June 2018 – Performance tester & Consultant at Rotterdam Short Sea Terminals

RST is implementing a new Terminal Operating System. In order to effectively and efficiently use this system, RST has requested me to analyze the application architecture as well as the applications themselves and the underlying infrastructure and, where needed, propose improvements to ensure the new Operating System will be able to sustain the projected and expected growth of RST.

After an initial, brief analysis, I proposed a first set of improvements to the applications. These improvements have been implemented by the vendor.

Based on these improvements I have drafted a Performance Test Plan, including a testing strategy, which enables RST to verify and validate the performance of the entire landscape’s performance over a longer period of time.

September 2017 – November 2017 – Penetration tester at Amyyon

Amyyon software has created a CRM system, which is at the core of their offerings. Since this CRM is used in a huge diversity of environments, they have requested a penetration test of their system to validate the safety of the data contained within the system.

I have executed a penetration test on their software, as well as on (part of) the infrastructure hosting the software. The penetration test has been executed with a host of tools as available within Kali Linux.

Based on the findings I did during this test, Amyyon has adjusted their code-base and resolved several issues on their hosting platform, thus leaving them a safer CRM for their end-users.

April 2017 – September 2017 – Performance consultant at Rabobank Online at Rabobank

Rabobank Online teams are responsible for all web-based banking applications. As a performance consultant I was responsible for the mobile-first web-app for banking, which includes the full browser-based experience for desktops and tablets, as well as the mobile app for both Android and IOS.

As a performance consultant I was responsible for supporting several devops teams and performance engineers with more complex performance tasks and issues for the Rabobank mobile app. This assignment was a replacement for pregnancy leave of one of the consultants.

Rabobank mainly works with HP Loadrunner and the ALM (QC) suite, Splunk and Dynatrace, but also utilizes JMeter for executing performance tests.

September 2017 – November 2017 – Performance consultant at TalpaRadio

TalpaRadio is migrating to a new infrastructure and software platform for their streaming radio stations.
We have been asked to help define performance requirements and test the platform for performance and adherence to these requirements.

With several JMeter scripts we recreated the most used scenarios and stressed the system, verifying that the new infrastructure can indeed sustain the anticipated load.

The application stack is hosted within Amazon AWS, load is generated from AWS load generators. The full application stack consisted of streaming services, hosted on AWS cloud, Graphlr messaging API and Contentful CMS.

These tests helped TalpaRadio to go live successfully and with confidence in a big-bang release.

June 2017 – September 2017 – Performance Tester at Educus BV

Educus creates and sells student-tracking software for high-schools, used for registering attendance, grades and other student/school related information. The software platform is growing steadily, just as their customer base is growing.

Educus requested to execute performance tests as part of a proof of concept phase, investigating the possibilities of moving from their self-hosted platform to a Microsoft Azure cloud environment.

Scripting Load and Performance tests with Jmeter against an online platform hosted on both a private cloud as well as in Microsoft Azure environment.

I created scripts and tested against environments running both Oracle and MS SQL databases to benchmark the two with the application as well as against the different hosting environments.

Tests were scripted in Apache JMeter, using a custom JMeter remote setup to have load generators from within the MS Azure cloud as well as servers within the DigitalOcean cloud platform to eliminate bandwidth or CPU limitations.

Performance analysis has been done on CPU, Memory and Disk utilization as well as on the database queries and database usage.

April 2017 – September 2017 – Penetration tester at Fringe Company

Fringe Company creates and hosts several web applications for schools and its students. In order to verify the security of data stored in these systems, such as personal information, grades, conversation reports etc., Fringe requested a penetration test to be executed on one of the online platforms.

While executing the penetration test I tested not only the application itself, but also verified the security measures taken by the hosting company to prevent data-loss, such as up to date operating systems,correct configuration of Intrusion Detection and Prevention Systems etc.

I have extensively used tools available within Kali Linux in order to execute the penetration test.

Based on the penetration test report, Fringe company was able to improve the security of their application as well as their hosting platform.