Dave van Stein

Is an agile GRC consultant at Xebia. He helps customers to move from a ‘bolt on’ towards a ‘built in’ security and compliance approach. As a strategic transformation coach he focuses on helping customers with analyzing existing security and development practices to create a sensible maturity roadmap, transforming existing security, compliance, and privacy processes into LEAN/Agile versions. He aligns security activities with the development way of working, designs continuous compliance programs and identifies the evidence collected during software development with frameworks like ISO27001 and SOC2, to optimize security activities in the software development lifecycle. He provides training ranging from ‘devops for security’ to ‘security for devops’.