Download PDF

Laurens Beirlaen

IT Consultant | Security System Engineer | Digital Workplace

Summary

I am an experienced freelance IT consultant and System Engineer focusing on endpoint management, threat protection and cloud security as well as workplace modernization, data protection implementation and the latest Microsoft technologies. I have been contributing to the financial and industrial sectors over the past several years, working on transformative projects at companies such as KBC Group Belgium and Daikin Europe N.V. 

My background includes extensive expertise in endpoint management and protection, cloud security solutions like Zscaler, identity and access management (IAM), and maintaining major EDR tools. Professional journey highlights leading and collaborating major migration projects such as moving to a zero-touch deployment environment via Intune and adopting a zero trust network architecture, optimizing endpoint threat protection through advanced technologies like Microsoft Defender XDR, SentinelOne Singularity, and CrowdStrike Falcon, as well as designing innovative workplace systems such as Windows 365 Cloud PCs for specific use cases.

Proficient in integrating tools for enhanced security measures, end-user experience monitoring via Nexthink, and scalable digital meeting solutions with Microsoft Teams Rooms. Academic credentials include a Bachelor's degree in Applied Information Technology specializing in system and network administration from Hogeschool Gent.

My career focus lies on leveraging cutting-edge technologies to deliver a tailored IT security experience while advancing efficiency in digital workplace transformations using automation and Intune. 

Work experience

Jan 2024Jul 2025

IT Security Engineer (Consultant)

KBC Group Belgium
  • Collaborated on the migration to a Zero Trust Network Access approach utilizing Zscaler, significantly enhancing the security framework for endpoint platforms.
  • Designed and implemented optimizations for Microsoft Defender XDR capabilities, improving threat detection and response efficiency.
  • Supported the integration and deployment of SentinelOne solutions, strengthening endpoint protection across all employee devices.
  • Developed and initiated the rollout of Windows Defender Application Control (WDAC) for Application Control for Business, bolstering application security measures.
  • Led modernization initiatives aimed at elevating the overall security posture of endpoint platforms in alignment with evolving industry standards.
  • Collaborated on strategic projects to enhance device-level security through innovative technology solutions tailored to KBC Group Belgium’s requirements.
Jan 2021Jan 2024

System Engineer - Digital Workplace (Consultant)

Daikin Europe N.V. (External) | SYNCTIV IT Consulting
  • Migrated over 6,500 devices across the EMEA region from an SCCM-managed environment to a zero-touch deployment model using Intune and Autopilot, enhancing efficiency and reducing manual intervention.
  • Played a key role in the planning, research, technical implementation, testing, and management of Microsoft Teams Rooms devices during the Hybrid Meeting Room upgrade across various EMEA locations.
  • Implemented Endpoint Detection and Response (EDR) protections with CrowdStrike Falcon to strengthen organizational security measures.
  • Conducted in-depth process analysis to map existing systems and identified areas for improvement through leveraging Microsoft technologies; provided actionable recommendations for optimization.
  • Configured metrics for an End-User Experience Monitoring solution using Nexthink to improve troubleshooting accuracy and foster proactive issue resolution.
  • Led a successful Proof of Concept (POC) for Windows 365 Cloud PCs as a replacement for Citrix in select departments, resolving long-standing performance issues and enhancing user satisfaction.
  • Performed risk and impact analyses on workplace change requests, ensuring smooth implementation of approved modifications within the M365 environment.
  • Provided Level 3 support for advanced incidents and served as a technical escalation point within areas of expertise.
Sep 2020Jan 2021

IT Consultant

BlueIT BVBA
  • Managed and supported the Microsoft 365 environment, including Azure Active Directory, Intune, Security & Compliance, Exchange Online, SharePoint Online, and Teams, ensuring seamless administration and optimal performance.
Jul 2019Apr 2020

System & Modern Workplace Engineer

ConXioN BVBA
  • Delivered consultancy services to clients focusing on workplace digitization and design.
  • Configured and managed Microsoft 365 services, including identity management, security configurations, and conditional access policies.
  • Implemented endpoint management solutions and streamlined device deployment workflows using Intune and Windows Autopilot.
  • Facilitated digital collaboration by deploying and managing Exchange Online, Microsoft Teams, OneDrive for Business, and SharePoint Online services.
  • Deployed Azure Virtual Desktop environments to improve remote work capabilities for client organizations.
  • Provided troubleshooting and technical support across a wide range of Microsoft 365 solutions to ensure continuity and customer satisfaction.

EDUCATION

Sep 2012Sep 2016

Bachelor in Applied Information Technology

Hogeschool Gent, Gent

Curriculum specialization: System and Network Administration

Sep 2005Jun 2012

Trade - Accounting - Computer Science

De Pleinschool, Kortrijk

Diploma of secondary education - TSO obtained
Business management certificate obtained

Skills

Endpoint Management

Microsoft Intune

Windows Autopilot

Device Compliance & Configuration policies

BitLocker Encryption

Proactive Remediations

Powershell scripting

Application Deployment & Patch Management

App configuration & protection policies (MAM)

Windows Hello for Business

Windows 11 Enterprise

Android and iOS MDM

Windows 365 Cloud PC Enterprise

Endpoint Analytics

System Center Configuration Manager (SCCM) co-management

Tenant Attach

Microsoft 365 Security & Data Protection
Microsoft Purview DLP Defender Vulnerability Management

Data Classification & Sensitivity Labels

Phishing Simulations Log Analytics & KQL Security Reporting & Dashboards
Exchange Online Microsoft Teams Zscaler Web, Email and Endpoint DLP
Cloud Security & Zero Trust
Zscaler Internet Access (ZIA) Zscaler Private Access (ZPA) Zscaler Digital Experience (ZDX)
Zero Trust Architecture Secure Access Service Edge (SASE) Cloud Access Security Broker (CASB)

Endpoint Security & Threat Protection

Microsoft Defender for ...

Endpoint Office 365
Identity Threat & Vulnerability Management (TVM)
Endpoint Detection & Response (EDR) & Microsoft Defender eXtended Detection & Response (XDR) SentinelOne Singularity

CrowdStrike Falcon

Trellix Endpoint Protection

Attack Surface Reduction (ASR) Rules

Device Control (USB & Print restrictions) / Controlled Folder Access

App Control for Business (formerly WDAC)

Managed Installer Configuration 

Identity and Access Management (IAM)

Microsoft Entra ID (formerly Azure AD)

Conditional Access Policies

Role-Based Access Control (RBAC)

Identity Protection and Governance

App Proxy

Multi-Factor Authentication (MFA) & SSPR

Privileged Identity Management (PIM)

Hybrid Cloud Kerberos Trust

Passwordless authentication

Active Directory Certificate Services (ADCS) & NDES

Active Directory Federation Services (ADFS)

Microsoft Azure
VMs & Container Instances Azure Functions Azure Virtual Desktop
Graph API Logic Apps App Service
Windows Server

Automate management tasks with PowerShell

Active Directory Domain Services (ADDS)

Active Directory Federation Services (ADFS)

DHCP server File & Print server Active Directory Certificate Services (ADCS) & NDES
Hyper-V Remote Desktop Services Citrix XenApp