About johlem.net

Cybersecurity Expertise for Luxembourg's Financial Sector

15+ years of specialized experience protecting financial institutions

Professional Background

With over 15 years of dedicated experience in IT security within Luxembourg's financial services sector, I specialize in security operations center (SOC) management, threat detection, and regulatory compliance for banks, investment firms, and financial institutions.

Currently transitioning to establish an independent cybersecurity consulting practice focused on penetration testing, security assessments, and compliance audits specifically tailored to the unique requirements of Luxembourg's position as Europe's premier investment hub.

Independent Practice Launch: September 2026

Full-time availability for security consulting engagements beginning Q4 2026.

Register for Early Access

Areas of Expertise

Security Operations

  • IBM QRadar SIEM management and optimization
  • Microsoft Defender deployment and tuning
  • Threat hunting and incident response
  • Security monitoring and alerting
  • Log analysis and correlation
  • Security automation and orchestration

Penetration Testing

  • OSCP certification (in progress - Q1 2026)
  • Network penetration testing
  • Web application security assessments
  • API security testing
  • Social engineering simulations
  • Red team exercises

Compliance & Auditing

  • GDPR compliance assessments and remediation
  • DORA (Digital Operational Resilience Act)
  • NIS2 Directive compliance
  • PCI-DSS auditing and implementation
  • ISO 27001 gap analysis
  • Security policy development

Industry Focus

  • Banking and financial institutions
  • Investment management firms
  • Payment service providers
  • FinTech companies
  • Insurance sector
  • Fund administration

Certifications & Continuous Learning

🏆
OSCP (Offensive Security Certified Professional)

Currently preparing - certification target Q1 2026

💼
15+ Years Professional Experience

IT Security Officer role in Luxembourg's financial services sector

📚
Specialized Training

IBM QRadar, Microsoft Defender, GDPR/DORA compliance frameworks

🌎
Continuous Education

Active participation in security conferences, CTF competitions, and industry research

Why Luxembourg Financial Services?

Luxembourg's unique position as Europe's leading investment fund domicile, combined with its stringent regulatory environment, requires specialized cybersecurity expertise. Understanding the intersection of financial services operations, European regulations (GDPR, DORA, NIS2), and practical security implementation is crucial for protecting assets and maintaining compliance.

My 15 years of experience working directly within this ecosystem provides the practical, real-world knowledge necessary to deliver effective security solutions tailored to the specific challenges faced by Luxembourg's financial institutions.

Luxembourg Financial Sector Expertise

  • Regulatory Landscape: Deep understanding of CSSF requirements, GDPR implementation, and DORA readiness
  • Multi-jurisdictional: Experience with cross-border operations and varying compliance requirements
  • Local Presence: Based in Luxembourg with established professional networks
  • Language Capabilities: English, French, German for multi-national client environments

Consulting Approach

My consulting methodology is built on three core principles

1

Risk-Based Prioritization

Focus on vulnerabilities and threats that pose the greatest risk to your specific business operations and regulatory obligations. Not all findings are equal - prioritize remediation based on actual impact and likelihood.

2

Practical Implementation

Recommendations that can actually be implemented within your organization's constraints, resources, and operational reality. No theoretical advice that ignores business needs - actionable security improvements that work in practice.

3

Compliance Integration

Security measures designed to simultaneously improve your security posture AND meet regulatory requirements (GDPR, DORA, NIS2). Efficient use of resources by aligning security investments with compliance obligations.

Community Contribution

As part of my commitment to the cybersecurity community, I maintain a suite of free, professional-grade security tools available at tools.johlem.net.

These tools - including email security analyzers, hash generators, and IOC defangers - are the same utilities I use in professional assessments, made freely available to help security practitioners and organizations improve their security posture.

Available Tools

Email Header Analyzer Phishing detection and authentication checks
Hash Generator Cryptographic hash generation and verification
CIDR Calculator IP range and subnet calculations
IOC Defanger Safe sharing of malicious indicators
JWT Decoder Token analysis and debugging
Security RSS Curated news from 46+ sources
Explore Free Security Tools

Let's Discuss Your Security Needs

Register for early access to secure priority booking when services launch in September 2026.

Register for Early Access

Or email me directly: contact [at] johlem [dot] net