Nils Deschrijver

Zelf-loodgieter.be: coded an e-commerce platform with integrated data analytics

Coded in Python using Flask-RESTX, SQLAlchemy, SendGrid, Mollie, and the Google Analytics Measurement Protocol. Deployed on a bare-metal VPS after configuring the system and setting up a database following star schema best practices.

Privacy by Design and by Default were central to this fully GDPR-compliant project. Web application and server security, as well as the drafting of legal compliance documentation, were handled in-house.

In collaboration with a Belgian building materials wholesaler and an Antwerp-based trade school.

Confidential: Coordinated Vulnerability Disclosures

Regularly identify security vulnerabilities in the wild, and then report them to the CCB/CERT and the responsible parties, under whistleblower protection legislation ('Klokkenluiderswet'), helping controllers patch their systems and properly secure personal data.

One such vulnerability, which exposed database records from dozens of companies, earned me a place in the Belgian Centre for Cybersecurity (CCB) Hall of Fame for cybersecurity researchers::

EP Votes: coded a mobile app to track plenary voting results

A light-weight but powerful office tool that searched for, read through and analysed scores of plenary voting results of the European Parliament. Coded in Python and Bash using regex, for usage in the EU bubble during COVID. The tool was able to source the voting results before they were officially published, using hacking enumeration techniques.

Academy of European Law (ERA) | Certificates

2016 - 2016

Ghent University | Master of Laws

2009 - 2011

Ghent University | Bachelor of Laws

2006 - 2009

Self-employed | Legal Engineer

Johnson & Johnson | Security Consultant

Drafting security risk assessments on which the senior management relied to determine their (cyber)security posture in war zones or during crises. Bridged the gap between the legal, cybersecurity, and political affairs teams as the dedicated point-of-contact for the US headquarters.

In the lead for drafting and implementing JnJ's first global digital strategy, encompassing the creation of Python scripts and Power BI dashboards to collect, process, and visualise internal and external datasets, compliant with GDPR requirements.

Belgian Armed Forces | Security Consultant

Drafting security risk assessments in tandem with ADIV, the Belgian military intelligence service. Held a BE, EU, and NATO SECRET security clearance.

Completed specialised training at NATO School and the Belgian Intelligence and Security School in open-source intelligence (OSINT) collection and analysis, encompassing methodologies relevant to digital forensics, think: digital reconnaissance and fingerprinting.

European Parliament | Legal Advisor

Contributed to legislation within the Civil Liberties, Justice and Home Affairs Committee (LIBE), amending legislative texts and negotiating security-related files with the Commission, Parliament, and Council of Ministers during the period of GDPR legislative development, when data protection considerations were cemented in Europe's DNA.

Worked on a flagship project with emphasis on information exchange between European police and intelligence services.

Self-employed | Lawyer

Advised businesses on IT law compliance, including drafting End-User License Agreements (EULAs) and Software-as-a-Service (SaaS) agreements. Managed data breaches and cyber extortion by black hat hackers, including issuing takedown notices. Provided legal counsel on data-related matters, pre-dating GDPR, and other business topics, and represented businesses in court.