My name is Arjen. I am a Cyber Security Consultant for Scyon. I help organisations with their Application Security, Offensive Security and (Cyber) Business needs. Roles that I like to fulfill: (C)ISO, Security Engineer, Engineer Manager, Senior Developer (Java or Rust).
I have been in the software and security industry for almost 30 years and have worked in:
- Internet providers (Chello / UPC, Tiscali - NL): Java
- Startups (Personify - USA, eBuddy - NL): Java, Big Data
- Healthcare and FinTech (Infomedics - NL): Java and dotNet - Managed the IT and Development teams
- EduTech (NOVI - NL): Managed the development team building in Serverless, Javascript
- Education (Hogeschool van Amsterdan / NOVI - NL): teaching software security and software engineering courses
- Cyber Security (Independent): helping organisations with their security posture
I am a member of:
- NLJUG: The dutch Java user group
- VERSEN: The dutch association of software engineers
- OWASP: The OWASP Netherlands chapter
In 2024 I completed my Masters’ Degree. My research topic was BiDE, a language and architecture for the creation of bidirectional diagrammatic editors. In essence a way to modify program text using diagrams and text at the same time, allowing stakeholders of different backgrounds to work on the same system at the same time. I worked on this thesis with Bastiaan Heeren (Open Universiteit) and Jurgen Vinju (Centrum Wiskunde en Informatica).
In my spare time I love to explore the cutting edge of software engineering, exploring new languages such as Rust, Clojure and Golang in combination with Large Language Models and their novel applications.
I toot on the fediverse as @credmp@fosstodon.org and on @arjenwiersma.nl on Blue Sky.
Find my longer form writings in the Writing Category.
The views on this site are my own.
Recent posts
This week’s reading was a deep dive into the world of AI-assisted development, its security implications, and the evolving role of the human developer. I also explored significant topics in hardware, software supply chain security, and some fascinating findings from the world of science.
The intersection of AI, software development, and security was the dominant theme this week. A major focus was on moving beyond simple “vibe coding” toward more structured, secure, and effective methods. This includes “Vibe Speccing” to create structured workflows and using rules files to secure AI coding tools. The concept of “Context Engineering” was presented as the crucial new skill, emphasizing that providing the right information to the model is more important than prompt crafting alone.
My reading list is a bit shorter this week, mostly because I’ve fallen down a deep, deep 3D printing rabbit hole. (My desk is now covered in very handy 3d printed tools for the printer itself and one glorious OctoRocktopus).
Still, between prints, I managed to find some absolute gems. This week’s theme seems to be the practical, sometimes harsh reality of AI adoption, mixed with some fascinating policy decisions in the open-source world.
A little later then usuals. Yesterday I was at the Dutch ComicCon, and I forgot to post. Here is my reading of last week.
I think we’re all wondering about the deeper effects of weaving AI into our daily lives. This week, I found a few articles that really made me stop and think. The first was a standout study from MIT that suggests using tools like ChatGPT for writing could lead to a kind of “cognitive debt.” They literally measured brain activity and found that relying on AI can cause the parts of our brain responsible for deep thinking to become under-engaged. It’s a fascinating and slightly worrying idea.