C:\> SECURITY-TERMINAL.EXE
Type commands below — this is a real interactive terminal
ROYLACHMAN TERMINAL — TYPE HELP FOR COMMANDS
C:\>
C:\> TYPE ABOUT.TXT
I'm Roy Lachman, Technical Information Security Officer.
With over 15 years in IT infrastructure, systems administration, networking and DevOps, I have grown into a role where technical depth meets practical information security.
My focus is on real-world resilience: hardening systems, building solid monitoring and logging, implementing proper access controls, and making sure the municipality can detect and respond to threats effectively. I prefer working solutions over thick policy documents.
I strongly believe in "less paper, more real security" — clear logging, good baselines, and pragmatic controls that actually work in a real government environment.
With over 15 years in IT infrastructure, systems administration, networking and DevOps, I have grown into a role where technical depth meets practical information security.
My focus is on real-world resilience: hardening systems, building solid monitoring and logging, implementing proper access controls, and making sure the municipality can detect and respond to threats effectively. I prefer working solutions over thick policy documents.
I strongly believe in "less paper, more real security" — clear logging, good baselines, and pragmatic controls that actually work in a real government environment.
C:\> DIR SKILLS
TECHNICAL SECURITY
> Netwerksegmentatie & firewalling
> Active Directory & Entra ID
> Windows Server & Linux hardening
> EDR/XDR implementatie
> Vulnerability management
MONITORING & RESPONSE
> SIEM architectuur
> PowerShell detection
> Incident response
> Logging & forensic traces
> Threat hunting
COMPLIANCE & POLICY
> BIO (Baseline Information Security)
> BIV classification
> NIS2 & AVG
> Audits & improvement proposals
C:\> TYPE EXPERIENCE.LOG
Mar 2023 — Present
Technical Information Security Officer
Gemeente Lelystad (Full-time, Hybrid)
Gemeente Lelystad (Full-time, Hybrid)
Sep 2018 — Mar 2023
DevOps Engineer / Systems & Network Administrator
Gemeente Lelystad • Lelystad, Flevoland
Skills: PowerShell · Microsoft Azure · CheckPoint Security · Scrum · Ivanti
Gemeente Lelystad • Lelystad, Flevoland
Skills: PowerShell · Microsoft Azure · CheckPoint Security · Scrum · Ivanti
Feb 2018 — Sep 2018
Windows Systems Administrator & Senior Helpdesk
LeasePlan Nederland • Almere
Office 365, PowerShell, Group Policy, WSUS, VMware, Domino Lotus Notes, onsite support
LeasePlan Nederland • Almere
Office 365, PowerShell, Group Policy, WSUS, VMware, Domino Lotus Notes, onsite support
Oct 2017 — Feb 2018
Junior Systems Administrator
Your Professionals • Randstad
Windows Server 2008/2012/2016, AD, Group Policy, Landesk, McAfee, W10 rollout
Your Professionals • Randstad
Windows Server 2008/2012/2016, AD, Group Policy, Landesk, McAfee, W10 rollout
Aug 2017 — Sep 2017
ICT Coordinator
D-reizen • Hoofddorp
2nd/3rd line support, Windows & Linux server admin, monitoring, backup, onsite support
D-reizen • Hoofddorp
2nd/3rd line support, Windows & Linux server admin, monitoring, backup, onsite support
Sep 2013 — Jul 2017
Senior Helpdesk & Windows Administrator
LeasePlan Nederland • Almere
1st & 2nd line support, Office 365, AD, Windows 10 migration, hardware support
LeasePlan Nederland • Almere
1st & 2nd line support, Office 365, AD, Windows 10 migration, hardware support
C:\> TYPE PROJECTS.LOG
Lead Engineer – Modern Workplace Design (Nov 2025 – Present)
Design & implementation of secure, flexible Modern Workplace. Microsoft Intune architecture, Azure AD Conditional Access, Windows Autopilot, Workspace 365, Purview DLP, zero-trust firewall/VPN.
Design & implementation of secure, flexible Modern Workplace. Microsoft Intune architecture, Azure AD Conditional Access, Windows Autopilot, Workspace 365, Purview DLP, zero-trust firewall/VPN.
Network infrastructure renewal & Wi-Fi 7 rollout (Sep 2025 – Present)
Full renewal of core, distribution and access network + Wi-Fi 7 rollout after formal procurement. Future-proof high-performance foundation.
Full renewal of core, distribution and access network + Wi-Fi 7 rollout after formal procurement. Future-proof high-performance foundation.
SIEM/SOC re-tendering and migration (2024 – 2025)
Led vendor selection and full migration to new hosted SIEM/SOC partner. Improved monitoring, detection and response capabilities.
Led vendor selection and full migration to new hosted SIEM/SOC partner. Improved monitoring, detection and response capabilities.
IAM platform migration and automation (2023)
Full migration to new IAM platform with automated joiner-mover-leaver processes. End-to-end auditable provisioning without manual intervention.
Full migration to new IAM platform with automated joiner-mover-leaver processes. End-to-end auditable provisioning without manual intervention.
Endpoint protection migration to Microsoft Defender (2021)
Led migration from third-party AV to Microsoft Defender. Unified, native, future-ready endpoint security.
Led migration from third-party AV to Microsoft Defender. Unified, native, future-ready endpoint security.
Firewall platform migration (2020 – 2021)
Complex migration of two firewalls to new platform while maintaining security and continuity. (Palo Alto / CheckPoint)
Complex migration of two firewalls to new platform while maintaining security and continuity. (Palo Alto / CheckPoint)
(More projects available via the 'projects' command in the terminal)
C:\> TYPE COURSES.TXT
MICROSOFT AZURE
> AZ-104 Microsoft Azure Administrator
> AZ-500 Microsoft Azure Security Technologies
> AZ-305 Designing Microsoft Azure Infrastructure
> AZ-700 Designing & Implementing Azure Networking
> AZ-400 Designing & Implementing DevOps solutions
> AZ-140 Windows Virtual Desktop on Azure
> AZ-800 / AZ-801 Hybrid Core & Advanced Services
SECURITY & COMPLIANCE
> CompTIA Security+ (SY0-601)
> CompTIA CySA+ Cybersecurity Analyst
> SC-200 Microsoft Security Operations Analyst
> SC-300 Microsoft Identity and Access Administrator
> SC-400 Microsoft Information Protection Administrator
> CheckPoint Security Admin (CCSA R80)
> Palo Alto Networks (PAN-210)
MICROSOFT 365 & ENDPOINT
> MS-700 Managing Microsoft Teams
> MS-500 Microsoft 365 Security Administration
> M-MD102 Microsoft 365 Endpoint Administrator
> M-MS101 Microsoft 365 Mobility and Security
> Microsoft Intune / MDM & MAM
NETWORKING, LINUX & AUTOMATION
> Cisco CCNA – Network Fundamentals
> CompTIA Network+ (N10-008)
> CompTIA Linux+ (XF0-005)
> Automating Administration with PowerShell (M10961)
> AWS Technical Essentials
> Microsoft Azure AI Fundamentals (AI-900)
+ diverse BIO, Scrum Product Owner, HelloID, Ivanti, RES ONE Workspace, Power BI Fundamentals trainingen
C:\> TYPE CONTACT.TXT
LinkedIn: linkedin.com/in/roy-lachman
Personal site. For official municipal matters, please use formal Gemeente Lelystad channels.
Personal site. For official municipal matters, please use formal Gemeente Lelystad channels.