Dr Carlo Harpes, born in 1968, founded itrust consulting in March 2007 and works there as Managing Director and Senior Security Consultant. He is a specialist in the field of computer science security used in education, research and standardisation. He has 20 years of experience in the security domain. Before founding his own organisation, he had been Managing Director and Department Chief of Security Consultance at Telindus PSF for 3 years, thereafter, for 8 years, he had been assistant director in charge of the Security Department at CETREL S.C., electronic payment operator in Luxembourg. With itrust consulting, he participated in multiple projects: CockpitCI (FP7), MICIE (FP7), Liveline (FP7). SPARC, TREsPASS (FP7), SGL Cockpit, bIoTope (H2020), ATENA (H2020).
Carlo Harpes holds a PhD in information techniques and cryptography, as well as an electrical engineering diploma from the EPF, Zurich. He is PKI expert registered at ILNAS, ISO auditor for the SNCH, and assistant professor associated to the University of Luxembourg. Furthermore, he is one of the founding members of CLUSIL, and national representative of ISO/IEC JTC1 SC27.
IT Security Consultant
Matthieu Aubigny, is an IT Security Consultant working at itrust consulting since October 2008. He is Quality Manager for itrust consulting and worked on several projects: as project manager and expert for an IT Governance and security audit for a European institution, for an opportunity study for the Luxembourg Ministry of Higher Education and Research on Secure Galileo Localisation, for a European FP7 project, MICIE, providing an online Alert System for the Security of Critical Infrastructures and for ESA on a project on Location Assurance Authority.
Matthieu Aubigny graduated as a polytechnic engineer from ENSAM Paris (1989), with a specialisation in the electronic and automatism area. He also graduated as a Bachelor in Philosophy and as Master in Theology at ICP Paris, and as professional Master in Security Management of Information Systems at the University of Luxembourg (2009). Although a large part of his professional experience has taken place in the spiritual and philosophic area, he has had experiences in microchip research, voice recognition technology and as teacher and consultant in the computer technologies (hardware and software). His works lead him regularly to apply security standards (ISO 27xxx, ISO15408) and to develop new standardised approaches to meet the needs in security of the customers. He is a member of the group of experts of the ILNAS on the Standards ISO / IEC concerning the “technical IT Security” and in charge of the working group n° 3 (JTC1 / SC27 / WG3) on “Security evaluation criteria”.
From 2014 on, Matthieu Aubigny became Head of Pre-Sales department.
IT Security Consultant
Benoît Jager is a security IT consultant at itrust consulting since 2008. He has a Master in security of information and communication systems at ‘Université Paul Verlaine de Metz’. He began to work at itrust consulting as an intern as part of his Master. He mainly worked in the project ‘Developing a proof of location for Galileo’, dedicated to designing an architecture that enables having an assurance level in Galileo localisation. He also participated in the set-up of an Authority of Certification in Luxembourg. He has participated in the development of the intrusion testing framework (integration of OpenVAS, Grendel, nmap, etc.) of itrust consulting and to several security audits of web applications, using standard OWASP as a guideline. He developed the software TRICK light, based on the ISO 27002 standard which studies quantitatively the risk level of an organisation and calculates the most relevant security measures to set up in order to improve the infrastructure security. He also participated to the Liveline project, a European project dedicated to the development of a secure application to share geolocation between vulnerable persons. He is now working on the LASP (Localisation Assurance Service Provider) project, which aims to implement a prototype of a localisation authority able to provide an assurance level to the position computed by GNSS receivers.
IT Security Consultant
Since November 2017, André Alves is employed as a Junior Penetration Tester at itrust consulting. He has 10 years of professional experience, mainly in IT development with a focus on security. He started his career as an IT consultant (developed a ticketing platform), continued as an IT Developer - Analyst (developing applications and services for the integration of telecom systems and equipment). Following this, he worked for 2 years at Ernst & Young, first as a Senior IT developer (developing internal components and applications based on MS best practices) and later additionally as Infrastructure administrator (including infrastructure related process automation covering security and access management). André possesses a higher education from the Faculty of Sciences of the University of Lisbon, Portugal, covering programming, database management, systems analysis, IT security and computer networks. He has a strong personal interest in penetration testing and he will finish his OSCP certification early 2018.
IT Security Developer
Marieta Dimitrova joined the team of itrust consulting in September 2014 as management assistant. Holding a master’s degree diploma in International public administration from the University of national and world economy, Sofia, she started her career initially in Bulgaria. Marieta Dimitrova is responsible for the administrative and commercial affairs of the company.
Bernard Donneaux has a degree in electronics and 32 years of experience in IT and telecommunications. He joined itrust consulting in April 2015 as security consultant in the ICT team. Before, he was at Bank Degroof as security, network and office automation manager since 1999 and then as project manager. He also held the position of network administrator for CORDIS project at Intrasoft International since 1997, network engineer in charge of maintenance and implementation of Novell servers and network equipment, especially CISCO & Bay Networks, at Alcatel Telecom since 1991. He began his career as "Field Engineer", responsible for hardware maintenance and software systems IBM compatible 3170, 5250 and PC, at Bell Business System in 1983.
IT Security Consultant
Nick Kasselouris is an IT Security Consultant at itrust consulting since 2016. He has 8 years of professional experience in various Advisory, Financial and IT roles in the Banking industry and has a deep knowledge of risk and control frameworks, IT and Network Security. He possesses several certifications on penetration testing and ethical hacking, wireless technologies, and information systems auditing and governance. His interests are in the fields of Penetration testing, Malware Analysis and Reverse Engineering. During his professional experience he has been involved in Operation Audits under the COSO/ COBIT/ SOX 404 Frameworks, in Agreed upon Procedures for several Financial Institutions in Greece and Luxembourg; he has worked as a Systems Administrator and Developer for a start-up operation in Washington, DC, and currently focuses on Advanced Exploitation Techniques across Windows, UNIX, and SCADA Systems.
Senior Security Researcher
Jean Lancrenon joined itrust consulting in November 2016 as Senior Security Researcher and cryptographer for the Internet of Things (IoT).
As Head of R&D he will lead our research involved in H2020, FNR and national innovation projects. As Senior Researcher on the H2020 project bIoTope, he designs security protocols and integrates payments for the IoT.
Jean obtained a master's degree in mathematics from the Université Pierre-et-Marie-Curie in Paris in 2007. He then switched from number theory studies to cryptography for his PhD at the Institut Fourier in Grenoble. After graduating in 2011, he was a postdoctoral researcher in cryptography at the Interdisciplinary Centre for Security, Reliability and Trust (SnT) until 2016. Where he published on provable security and authenticated key establishment security models.
IT Security Consultant
Gonzalo Matamala, IT security consultant at itrust consulting since January 2015, is a graduated engineer in Telecommunication systems from Escuela Técnica Superior de Ingenieros de Telecomunication in Valencia, Spain. Before joining itrust consulting, Gonzalo has been a Senior Kernel Software Engineer at Panda Security and Lumension Security.
IT Security Consultant
Sam Menghi is an IT Security Consultant at itrust consulting since 2012. He possesses a technical informatics diploma and a BTS in informatics. Sam received several certifications in the web technologies and telecommunication domains. Moreover, during his studies, he fulfilled several internships in the informatics department of financial institutions. He has good knowledge in Microsoft Windows, Microsoft Server 2008, UNIX and Apple OS X.
Sam spent his internship at itrust consulting, working on the Bugyo Beyond project. He developed the latest version of TRICK Service using J2EE and the latest web design technologies.
In 2013 he became a backup of the CIO, he helps managing the IT of itrust consulting. He helps designing and maintaining the overall network architecture, setting up and configuring the different required machines and services, and documenting operational procedures. He also manages the IT inventory of itrust consulting.
In the same year, Sam started to support the ethical hacking team by performing various intrusion tests remotely and on site at customers. He mainly performs web intrusion tests using the OWASP methodology and testing guide. He also performs vulnerability scans using known tools such as OpenVAS or Nessus.
IT Security Consultant
Miltiadis Nasopoulos, is an IT Security Consultant at itrust consulting since October 2017. He has significant technical experience (> 20 Years) in different IT fields with focus on information, technical and operational security. Before, as Head of Quality and Information Security Management, he was responsible for the implementation and operation of an integrated Management System for ISO 27001 and 9001. He has a Master in Business Administration (MBA) from Nottingham Trent University in United Kingdom and was certified ISO 27001 Auditor / Lead Auditor by IRCA. During his professional experience he was often involved in technical audits following ISO 27008. Regarding technical security, Miltiadis also performed regular intrusion tests on web applications, using the OWASP methodology and testing guide, and vulnerability scans using OpenVAS and Nessus. In addition, Miltiadis possesses 15 years’ experience in the Stock Exchange sector. During his professional experience he had various responsibilities e.g. as Project Manager, Auditor, System and Network Administrator and Developer.
Analyst – Developer
Ensuifudine Omar is analyst developer at itrust consulting since 2012. He spent a six month internship during his Master studies at itrust consulting, working on the ESA LASP project, in order to obtain his degree in “IHM” Informatics from the University Paul Verlaine Metz. He works in software development and developed several tools of itrust consulting like TRICK Service and Software Checker (a tool developed for the TREsPASS project). Lately, he is working on a pseudo anonymisation project.
Information Security Consultant
Guillaume Schaff is employed as global security consultant at itrust consulting since 2012. He studied in the industrial and electronic domain, where he received a ‘Brevet de Technicien Supérieur’ in Electronics and a ‘licence professionnelle’ in industrial maintenance at the ‘Université de Lorraine’. Then he reoriented himself towards the security sector and achieved a Master’s degree in Global Security Engineering and Management at the ‘Université de Technologie de Troyes’. During his internship at itrust consulting in 2012, he specialized in the implementation of security measures for economically friendly transport solutions.
Guillaume participated in the FP7 TREsPASS project studying the socio-technical risks of ICT. During this project he has authored several scientific articles about his work in TREsPASS. He also assists customers of itrust consulting related to PSDC and PCI DSS certification.
Guillaume has worked a lot in providing consultancy tasks during the implementation of Information Security Management Systems (ISMS) for different types of customers, e.g. private companies like CREOS or public entities of the Luxembourgish state such as CTIE, CGIE and ANSSI. During his work for public entities, e.g. for ANSSI, Guillaume has actively participated in the development and the writing of the National Information Security Policy (PSI-LU) and worked on a large part of the related documentation (policies by domain, procedures, standards, etc.). Guillaume has also actively advised and assisted CREOS Luxembourg in the creation and the implementation of their ISMS and to improve the security for SCADA systems and critical infrastructure.
Since 2014, Guillaume has also actively participated in the creation of the DataREG application of the CTIE, allowing Luxembourg public entities to establish their register of processing activities as requested by the GDPR (General Data Protection Regulation). Further on, Guillaume assisted several customers from itrust consulting to achieve compliance with the GDPR. At the end of 2018 he received the ‘GDPR foundation’ certification, issued by Certi-Trust.
Chief Administrative Officer & Chief Information Security Officer
Ingo Senft, born in 1966, joined itrust consulting in August 2016. As Chief Administrative Officer his area of responsibility covers internal administration, Human Resources, Sales Management, Public Relations Management and Security Consultancy. As Senior Manager with significant business experience (> 25 Years) Ingo supports the Managing Director and secures the planned growth and further development of itrust consulting. Based on his previous experience in dealing with customers from various sectors he also consults itrust consulting's customers. In 2018 he has been named Chief Information Security Officer.
Before, as Head of Quality and Information Security Management, he was responsible for the implementation/management of an integrated Management System at the euroscript Group (today: Amplexor) ensuring compliance with various ISO standards: e.g. Quality Management (ISO 9001/EN 9100/ISO 13485/ISO 14971), Information Security Management (ISO 27xxx/ISO 22301/ISO 31000), Corporate Social Responsibility (ISO 26000) and the approval as PFS Support issued by the CSSF.
Since 1990 he was continuously involved in the Sales process for Public Institutions and the Private Industry covering various responsibilities as: Sales Manager for newspaper systems, Product and Sales Manager for data transmission systems, Head of EU Sales and Business Project Manager. Ingo holds a Master’s degree in Electrical Engineering awarded by the University of Applied Sciences in Frankfurt, where he specialized in computer science, data protection and security. He is certified as internal Auditor for Quality Management, for Information Security Management, as Project Manager (PRINCE2) and experienced (>10 years) in the planning and implementation of Business strategies.
55, rue Gabriel Lippmann
L-6947 Niederanven, Luxembourg
L-6831 Berbourg, Luxembourg
Please send your application to firstname.lastname@example.org