Professional Expertise & Experience

Irfaan Santoe is a recognized security executive and strategic consultant, bringing over 15 years of leadership experience from both defensive and strategic security roles, including CISO responsibilities and serving as the Global Head of Security Engineering at ABN Amro.

His expertise is centered on the scalable, organizational challenges of modern security:

• Strategic Security Program Management: He has proven experience implementing Threat Modeling at scale for global financial institutions, guiding teams through complex digital transformations, such as migration to the cloud.
• AppSec ROI and Metrics: Irfaan focuses on the critical need to quantify the Return on Investment (ROI) of AppSec and define relevant metrics to communicate security value to executive and business leaders.
• DevSecOps Integration: He is a firm advocate for decentralizing security, enabling DevOps engineers and developers to take ownership of security requirements early in the design phase.

Key Contributions and Achievements

Irfaan's contributions have had a demonstrable impact on industry practice and community standards:

• OWASP Leadership: He is the active Leader of the OWASP Netherlands Chapter and the creator of the globally adopted OWASP Security Champions Guidebook, which provides a robust framework for embedding security expertise within development teams.
• Thought Leadership Frameworks: He developed the influential "Hierarchy of Needs for Threat Modeling" framework, which parallels Maslow's model to guide security executives through the phases of scaling an effective threat modeling program.
• Public Engagement: He frequently hosts and participates in high-level security dialogues through platforms like the re:invent security podcast, where he encourages the industry to re-evaluate and transform outdated security strategies.