Learn what it’s like to be an operational lead in security testing through the eyes of Luke Breukel, a CGI Partner based in the city of Rotterdam in the Netherlands.
Luke, what sparked your interest in cybersecurity, and how did you get started in this field?
I didn’t start out aiming for a career in cybersecurity. I began as a web developer, building apps and websites. But over time, I realized I was fascinated with finding vulnerabilities in websites and systems and figuring out how to secure them. My interest grew when I saw how critical it was becoming for organizations to strengthen the security of their IT environments.
That’s when I discovered the world of ethical hacking, and slowly, I picked up skills and techniques on my own. This opened the door to my career at CGI when I was offered a role in one of CGI’s Security Operations Centers, here in Rotterdam. Now, I coordinate all security testing services for several clients.
What do you do in your role, and how does your work help clients?
I work closely with clients across the government, financial, and transportation sectors, helping coordinate all security testing services for them.
My role is to ensure everything runs smoothly and securely. That means managing the processes, keeping the team aligned on the latest information and developments, and identifying opportunities to improve how we operate.
A key part of my job is also relationship building. Clients need to know they are in safe hands, and maintaining their trust in our capabilities is essential. Also, as the team lead, I mentor new team members to help them get up to speed, feel confident in their roles, and integrate successfully into the team.
Why is this role important?
Cybersecurity plays a critical role in everything we do for our clients. We don’t just oversee security testing for their systems and applications; we help their organizations comply with various industry standards. We share insights and recommendations from our testing operations to help our clients and internal teams understand potential threats, supported by evidence of possible vulnerabilities and required mitigation actions.
Coordinating our security testing activities and reinforcing processes helps prevent cybersecurity incidents, improve efficiency and create safer IT environments—not just for our clients, but also for internal teams managing client assets and delivering consulting services.
What do you enjoy most about your role and working at CGI?
There’s something deeply fulfilling about seeing the direct impact of your work—especially when it comes to strengthening cybersecurity for clients. Knowing what I do helps to protect their operations gives me a strong sense of achievement and purpose. I also love receiving feedback from our clients. When they express trust in us and satisfaction with our work, it reinforces the value of what we do.
At CGI, I enjoy knowing that I am part of a big family. Plus, there are many opportunities to learn and grow. Whether it’s career development programs, learning from CGI Academia, our internal learning platform, or support from colleagues, CGI is a company that genuinely invests in my professional growth.
How do you typically start your workday?
My day usually starts early—I’m up at 6 a.m. and on my way to the office soon after. During my commute, I catch up on the latest cybersecurity news. Given how fast the IT industry moves, staying informed is a top priority.
I’m usually the first from my team to arrive at the office, so I begin by checking that everything is running smoothly and we are ready for the day. Then, it’s time to go through my emails and review any incidents, assignments or updates that came in during the night. That helps me plan the day and align with my team on what we must prioritize. Sometimes, I may need to reach out to clients to keep them updated or inform them of a potential threat they should be aware of.
How do you connect with colleagues during the day?
Even on the busiest days, of which there are many, I make time to connect with colleagues. We are all passionate about cybersecurity—not just as a job, but as a shared interest—so we often chat about hot topics in security. Each of us is involved in different types of security testing and client projects, so we also hold knowledge-sharing sessions to learn from one another.
There are also structured collaboration sessions—such as weekly meetings with other operational leads to align on ongoing work and daily check-ins with security officers, service delivery managers, our technology partners, and, of course, our clients.
These interactions are essential, not just for project coordination, but for continuous learning. Every project brings new insights, and every colleague has something valuable to share. We even run internal security tests to assess our own methods and spot areas in which we can improve.
What do you look forward to the most at the end of your workday?
After work, I really value time to unwind. Since I spend most of the day behind a desk, I try to get some physical activity in—usually it’s a bit of exercise before I go to sleep. I also love reading. Diving into a good book helps me de-stress and switch off from the day.
It’s been great to hear your story, Luke. On a final note, what advice would you give your younger self?
I’d tell myself not to be afraid to take a leap of faith and even make mistakes. It’s easy to get caught up in worrying about what others might think, but all you can do is give your best—and that’s enough.
There are so many opportunities out there to choose from and grow. Holding back from going after them won’t make you happier. Take the leap, trust yourself, and enjoy the journey.
