IT and Security that enable the business

Nick Takes

For organisations and individuals. Advice, planning, development, or operations: clearly scoped, properly delivered. Building from zero, maintaining what works, improving what doesn't.

The Netherlands · on site & remote

Services

IT & Security

  • Fractional
  • Interim
  • Permanent
  • Advisory

The challenge

You need someone who owns your IT, your security, or both. Your last one just left, you are not big enough for a full-time executive, or an audit, customer, or regulation (NIS2 is coming) suddenly demands you have one.

What I do

I take ownership of IT, security, or both, under whatever title fits your organisation, hands-on or advisory. Risk assessment, IT and security policies, procedures, audits, best practices, compliance (GDPR, PCI DSS, ISO 27001, NIS2), vendor and MSP management, incident response, and reporting that your board actually understands.

What you get

One accountable owner. Audits that pass, insurance that gets approved, and IT that just works.

Secure AI adoption

  • Project
  • Advisory

The challenge

Your team is already using AI, with or without your blessing. You want the productivity without leaking customer data, breaking GDPR, or buying tools nobody uses.

What I do

Two flavours. I help you set guardrails: an AI policy, vendor checks, and a safe shortlist of tools. Or I build it for you: I design and ship GDPR-aware AI automations and internal tools, hands-on, using AI and a modern stack.

What you get

Your people use AI safely instead of secretly. And if you want something built, you get a working tool, not a slide deck. I have shipped this in production myself, not just advised on it.

Practical builds & personal help

  • Fixed scope
  • By the hour

The challenge

You need something small done well. A one-page website that loads fast and doesn't get hacked. A password manager set up properly for your family or your team. A second opinion before you sign that IT contract.

What I do

Small, fixed-scope jobs. I started in interactive design before I moved into security, so what I build looks good and is hardened by default. This site is an example: check the security page.

What you get

It's done, it works, you understand it. No retainer, no upsell.

Principles

Everything is connected.

Infrastructure, security, suppliers, new technology: most problems sit where these meet, not inside one of them. So that's where I look.

The business comes first.

IT and security exist to support what the organisation wants to achieve, not to slow it down. Every recommendation is weighed against its cost, its risk, and its value.

Listening comes before advice.

I take the time to understand the organisation first: its goals, its people, and the way it works. Advice is only useful when it fits.

What I do

  • IT strategy & operations

    A stable, scalable IT landscape that fits where the business is going.

    From daily operations to long-term planning, on-premise and in the cloud. Where spending isn't earning its place, one-off or ongoing, I say so.

  • Security assessment

    Where you stand, where you need to be, and a prioritised plan to close the gap.

    Current state versus target state, in language the whole organisation can work with: including the policies and procedures to back it up. And if you want the gap closed rather than just mapped, I do that too: I have built a programme from zero before.

  • Compliance & audit readiness

    GDPR, PCI DSS, ISO 27001, NIS2: ready before the auditor is at the door.

    Risk register, policies, and the evidence to back it all up. Built to pass the audit, and to still make sense the day after.

  • Incident response & continuity

    The plan you want written long before you need it.

    Response procedures, breach notification, tabletop exercises, recovery planning. I have carried the pager myself: from detection through regulator, insurer, and the morning after.

  • Fractional, interim or permanent leadership

    Senior IT and security leadership, in the form that fits.

    A number of days per month, an interim period, or a permanent role.

  • AI adoption & automation

    Putting AI to work for you, with your data kept under your control.

    From automating daily work to preparing for AI-driven threats, including the ones aimed at your people, not your systems. I build with these tools myself: isolated where it should be, and made to last.

  • Independent technology decisions

    Practical answers, from password manager to platform.

    No vendor ties, no commissions: the advice serves only the organisation.

  • Vendor & MSP management

    Agreements kept, value delivered.

    I have worked on both sides of that relationship: I know where to look. That includes security: vendors are assessed before they are trusted, not after.

How I work

Every engagement starts with listening: to what you want to achieve, and to the environment it has to work in. From there we agree the scope and deliverables, and what's agreed is what gets delivered, properly. Everyone has their specialism: when a job calls for one outside mine, I'll say so, and help you find the right fit.

Background

Technology was my hobby long before it became my profession.

I have worked in IT for more than a decade, on every side of the field: managed services and in-house, the service desk and the boardroom, and everything in between. Today I lead IT and security for an international organisation across four countries.

Chief Information Security Officer since 2024 · CISSP since 2026 · ISC2 member

Let's talk

Whatever the question: send a message and we'll take it from there.

LinkedIn

Or directly: contact@nicktakes.com

Get in touch

Prefer email? contact@nicktakes.com