Schwerpunkt ist IT Security und Incident Responding. Aufbau von SOC Infrastrukturen mit OpenSource oder anderen Tools.
Aktualisiert am 26.04.2023
Profil
Freiberufler / Selbstständiger
Remote-Arbeit
Verfügbar ab: 05.10.2020
Verfügbar zu: 100%
davon vor Ort: 100%
Security Analysis
IT-Security
Incident Responding
Root Cause Analysis
Malwareanalyse
Intrusion Prevention System
Cortex
Memory Forensic
Intrusion Detection System
Scripting
TheHive
Elasticsearch
Penetrationstest
QRadar
MISP
Vulnerability-Management
Python
English
proficient
German
native
Spanish
rudimentary

Einsatzorte

Einsatzorte

Dietikon (+50km)
möglich

Projekte

Projekte

2 Jahre 6 Monate
2021-10 - heute

Starting of my own startup

Founder and Owner
Founder and Owner

  • Starting of my own startup to provide high-end open source security as well as infrastructure to small to medium size companies in Switzerland  

On Request
3 Jahre 11 Monate
2020-05 - heute

Security Research

Freelance Security Analyst, Consultant
Freelance Security Analyst, Consultant

  • Working for various companies, supporting and consulting in mostly security and automational projects
  • Security Analytics, Incident Response and forensics
  • Building SoC?s with open source solution such as elastic and open search
  • Security research in various fields  

Freelance
7 Monate
2019-09 - 2020-03

Sabbatical

  • Break from work and professional reorientation  

1 Jahr 4 Monate
2018-06 - 2019-09

Creating a new SOC

Security Analyst / SOC Architect Elasticsearch Python TheHive ...
Security Analyst / SOC Architect

  • Recruited as Lead Engineer and SOC Architect for the new founded SOC Team
  • Creating a new SOC from scratch with no set applications or set of rules
  • We created a SOC on Elasticsearch with a highly automated Incident Response Framework build on The Hive and Cortex Projects
  • 5 Month after the initial Project start, the Team was fully functional and already performing the services for customers
  • A highly eficient and low-cost SOC was the target and achieved in less than half a year

Elasticsearch Python TheHive Cortext Deputy CISO Automation Incident Response
Econis AG
11 Monate
2017-07 - 2018-05

Support the fresh founded SOC Team

Security Analyst JavaScript Reverse Engineering Threat Intelligence ...
Security Analyst

  • Recruited to support the fresh founded SOC Team with knowledge from previous Experience 
  • I?ve been tasked mostly with reverse engineering malware, scripts and incident responding and consulting the team in questions of SOC Architecture and processes

JavaScript Reverse Engineering Threat Intelligence Elasticsearch
RUAG AG
1 Jahr 6 Monate
2016-01 - 2017-06

Developing and engineering a SOC

Cyber Security Analyst SOC Architecture QRadar Security Operations ...
Cyber Security Analyst

  • Promoted by the new lead of security operation centre into the new founded team
  • Quickly we?ve developed and engineered a SOC based on the SIEM IBM QRadar
  • As part of the core team, I oversaw the SIEM System itself, creating Use-Cases and responding to Incident of customers with my Forensics Background

SOC Architecture QRadar Security Operations Event and Network Analytics Incident Response
Infoguard AG
1 Jahr 2 Monate
2014-11 - 2015-12

Network operation

Network Security Engineer Juniper Cisco Network Security ...
Network Security Engineer

  • First Position after the Apprenticeship
  • I was placed into rotation in the network operation team, was faced with several complicated cases and on call duties until taking over responsibility over several customers and their issues

Juniper Cisco Network Security Network Operation On Call Duty
Infoguard AG

Aus- und Weiterbildung

Aus- und Weiterbildung

2016

Institution: SANS GIAC

Education: GIAC Certified Forensic Analyst


Tasks:

  • The GCFA certication is for professionals working in the information security, computer forensics, and incident response fields
  • The certification focuses on core skills required to collect and analyze data from Windows and Linux computer systems
  • The GCFA certifies that candidates have the knowledge, skills, and ability to conduct formal incident investigations and handle advanced incident handling scenarios, including internal and external data breach intrusions, advanced persistent threats, anti-forensic techniques used by attackers, and complex digital forensic cases


2010 ? 2014

Institution: Berufsschule Uster, Zürich

Education: System Engineer


Tasks:

  • Apprenticeship as System Engineer in Uster, Zürich


2006 ? 2010

Institution: Berufsschule Winterthur, Zürich

Education: Electrician


Tasks:

  • Apprenticeship as Electrician in Winterthur, Zürich

Position

Position

  • Security Analyst
  • Security Incident Responder
  • SOC Architect

Kompetenzen

Kompetenzen

Top-Skills

Security Analysis IT-Security Incident Responding Root Cause Analysis Malwareanalyse Intrusion Prevention System Cortex Memory Forensic Intrusion Detection System Scripting TheHive Elasticsearch Penetrationstest QRadar MISP Vulnerability-Management Python

Produkte / Standards / Erfahrungen / Methoden

Bash
Elasticsearch
IR Analyst
IR Lead
Malware
OSX
Powershell
Python
Regex/Grok
Unix
Windows

Profile:

I?m a security analyst, based in Dietikon Zurich. Currently designing and engineering a new SOC which went live 6 months after the initial concept. I strongly believe in Open Source Software and support any attempt to use such products. Additionally, I have experience in Malware Reversing, Incident Response, Security Analytics, SOC Architecture and Threat Intelligence and Process Automation. During my past career I exceled quickly in Incident Respond Roles such as Analyst and Lead, covering several Incident Response for customers and internal teams on weekly bases. Malware Reverse engineering was added to my skills, after an intensive time at RUAG which several live in the wild malware samples have been analysed.

Einsatzorte

Einsatzorte

Dietikon (+50km)
möglich

Projekte

Projekte

2 Jahre 6 Monate
2021-10 - heute

Starting of my own startup

Founder and Owner
Founder and Owner

  • Starting of my own startup to provide high-end open source security as well as infrastructure to small to medium size companies in Switzerland  

On Request
3 Jahre 11 Monate
2020-05 - heute

Security Research

Freelance Security Analyst, Consultant
Freelance Security Analyst, Consultant

  • Working for various companies, supporting and consulting in mostly security and automational projects
  • Security Analytics, Incident Response and forensics
  • Building SoC?s with open source solution such as elastic and open search
  • Security research in various fields  

Freelance
7 Monate
2019-09 - 2020-03

Sabbatical

  • Break from work and professional reorientation  

1 Jahr 4 Monate
2018-06 - 2019-09

Creating a new SOC

Security Analyst / SOC Architect Elasticsearch Python TheHive ...
Security Analyst / SOC Architect

  • Recruited as Lead Engineer and SOC Architect for the new founded SOC Team
  • Creating a new SOC from scratch with no set applications or set of rules
  • We created a SOC on Elasticsearch with a highly automated Incident Response Framework build on The Hive and Cortex Projects
  • 5 Month after the initial Project start, the Team was fully functional and already performing the services for customers
  • A highly eficient and low-cost SOC was the target and achieved in less than half a year

Elasticsearch Python TheHive Cortext Deputy CISO Automation Incident Response
Econis AG
11 Monate
2017-07 - 2018-05

Support the fresh founded SOC Team

Security Analyst JavaScript Reverse Engineering Threat Intelligence ...
Security Analyst

  • Recruited to support the fresh founded SOC Team with knowledge from previous Experience 
  • I?ve been tasked mostly with reverse engineering malware, scripts and incident responding and consulting the team in questions of SOC Architecture and processes

JavaScript Reverse Engineering Threat Intelligence Elasticsearch
RUAG AG
1 Jahr 6 Monate
2016-01 - 2017-06

Developing and engineering a SOC

Cyber Security Analyst SOC Architecture QRadar Security Operations ...
Cyber Security Analyst

  • Promoted by the new lead of security operation centre into the new founded team
  • Quickly we?ve developed and engineered a SOC based on the SIEM IBM QRadar
  • As part of the core team, I oversaw the SIEM System itself, creating Use-Cases and responding to Incident of customers with my Forensics Background

SOC Architecture QRadar Security Operations Event and Network Analytics Incident Response
Infoguard AG
1 Jahr 2 Monate
2014-11 - 2015-12

Network operation

Network Security Engineer Juniper Cisco Network Security ...
Network Security Engineer

  • First Position after the Apprenticeship
  • I was placed into rotation in the network operation team, was faced with several complicated cases and on call duties until taking over responsibility over several customers and their issues

Juniper Cisco Network Security Network Operation On Call Duty
Infoguard AG

Aus- und Weiterbildung

Aus- und Weiterbildung

2016

Institution: SANS GIAC

Education: GIAC Certified Forensic Analyst


Tasks:

  • The GCFA certication is for professionals working in the information security, computer forensics, and incident response fields
  • The certification focuses on core skills required to collect and analyze data from Windows and Linux computer systems
  • The GCFA certifies that candidates have the knowledge, skills, and ability to conduct formal incident investigations and handle advanced incident handling scenarios, including internal and external data breach intrusions, advanced persistent threats, anti-forensic techniques used by attackers, and complex digital forensic cases


2010 ? 2014

Institution: Berufsschule Uster, Zürich

Education: System Engineer


Tasks:

  • Apprenticeship as System Engineer in Uster, Zürich


2006 ? 2010

Institution: Berufsschule Winterthur, Zürich

Education: Electrician


Tasks:

  • Apprenticeship as Electrician in Winterthur, Zürich

Position

Position

  • Security Analyst
  • Security Incident Responder
  • SOC Architect

Kompetenzen

Kompetenzen

Top-Skills

Security Analysis IT-Security Incident Responding Root Cause Analysis Malwareanalyse Intrusion Prevention System Cortex Memory Forensic Intrusion Detection System Scripting TheHive Elasticsearch Penetrationstest QRadar MISP Vulnerability-Management Python

Produkte / Standards / Erfahrungen / Methoden

Bash
Elasticsearch
IR Analyst
IR Lead
Malware
OSX
Powershell
Python
Regex/Grok
Unix
Windows

Profile:

I?m a security analyst, based in Dietikon Zurich. Currently designing and engineering a new SOC which went live 6 months after the initial concept. I strongly believe in Open Source Software and support any attempt to use such products. Additionally, I have experience in Malware Reversing, Incident Response, Security Analytics, SOC Architecture and Threat Intelligence and Process Automation. During my past career I exceled quickly in Incident Respond Roles such as Analyst and Lead, covering several Incident Response for customers and internal teams on weekly bases. Malware Reverse engineering was added to my skills, after an intensive time at RUAG which several live in the wild malware samples have been analysed.

Vertrauen Sie auf GULP

Im Bereich Freelancing
Im Bereich Arbeitnehmerüberlassung / Personalvermittlung

Fragen?

Rufen Sie uns an +49 89 500316-300 oder schreiben Sie uns:

Das GULP Freelancer-Portal

Direktester geht's nicht! Ganz einfach Freelancer finden und direkt Kontakt aufnehmen.