Senior Security Analyst
IT Service Provider
(Insurance, 1000-5000 employees)
Keywords
Skills
-----
Personal focus on projects with the following areas:
1) Splunk Phantom (Senior Positions/Solutions Architect Professional Services) and Splunk Enterprise (Admin Certification in Progress)
2) SOAR in general (Palo Alto Networks Demisto, Siemplify)
3) Penetration testing (junior level) - teaming with senior penetration testers would be beneficial
4) Incident Response + Digital Forensics, SOC Analyst
5) Security Management/Risk Management
6) Security Architecture Development, ISO27k1 etc.
-----
Experience from various projects in international environments as project lead, team lead and project member with international colleagues in:
Knowledge in
1) SOX
2) PCI DSS
Personal Interests:
1) Security Transformation, Security Architecture, CDC Management, Risk Management, Security Strategy, Incident Management
2) Penetration Testing, CDC Technology, IT Forensics
Languages:
German - mother tongue
English - fluent (spoken and written)
Degree:
B.Eng - Engineering & Management
M.Eng - Electrical Engineering and Information Technology
Certifications:
GCIH - GIAC Certified Incident Handler
Splunk Power User
ICO ISMS Security Officer according to ISO/IEC 27001:2013
Programming and Scripting Languages:
C/C++
C#, .NET
VBS/VBA
Python
Personal focus on projects with the following areas:
1) Splunk Phantom (Senior Positions/Solutions Architect Professional Services) and Splunk Enterprise (Admin Certification in Progress)
2) SOAR in general (Palo Alto Networks Demisto, Siemplify)
3) Penetration testing (junior level) - teaming with senior penetration testers would be beneficial
4) Incident Response + Digital Forensics, SOC Analyst
5) Security Management/Risk Management
6) Security Architecture Development, ISO27k1 etc.
-----
Experience from various projects in international environments as project lead, team lead and project member with international colleagues in:
- SIEM/Logmanagement + UseCase Development + UseCase Management (ArcSight, Splunk + Use Case Framework)
- Cyber Defense Services - 1st/2nd Level + Incident Handler/Manager
- Transforming CDC Operations Processes and Runbook development (Alarm/Incident Management)
- SOAR - Trusted Advisory Services (PoCs and Project Management) SOAR - Implementation of solutions - Siemplify, Splunk Phantom, Demisto, Resilient
- Metrics and Reporting (KPIs)
- Deception Technology - Implementation and Advisory Services (PoCs and Project Management)
- Intruder Hunting with Deception Technology - Cymmetria MazeRunner
- Inhouse trainer for Splunk Phantom (Basic and Advanced/Power User Training)
Knowledge in
1) SOX
2) PCI DSS
Personal Interests:
1) Security Transformation, Security Architecture, CDC Management, Risk Management, Security Strategy, Incident Management
2) Penetration Testing, CDC Technology, IT Forensics
Languages:
German - mother tongue
English - fluent (spoken and written)
Degree:
B.Eng - Engineering & Management
M.Eng - Electrical Engineering and Information Technology
Certifications:
GCIH - GIAC Certified Incident Handler
Splunk Power User
ICO ISMS Security Officer according to ISO/IEC 27001:2013
Programming and Scripting Languages:
C/C++
C#, .NET
VBS/VBA
Python
Project history
11/2020
-
Present
- Collaboration with SOC Architect to build a SOC form scratch
- Vulnerability Handling and Management
- Incident Management/Handling
- Process development/optimisation
- Analysis of Security Alerts
- Vulnerability Handling and Management
- Incident Management/Handling
- Process development/optimisation
- Analysis of Security Alerts
05/2019
-
Present
SOAR Engineer for Siemplify and Senior Security Analyst
Telecommunication provider
(Telecommunications, >10.000 employees)
- Implementing and maintaining SOAR platform Siemplify
- Playbook Developemt (Triage and Incident Management Playbooks)
- Development of SOC KPI's and Metrics
01/2020
-
09/2020
Technical Lead SOAR Team Splunk Phantom
Bank
(Banks and financial services, >10.000 employees)
- Playbook Development
- Development of SOAR Architecture
- App Development
- Project Management
- Leading development team
12/2018
-
12/2019
SOAR Engineer Splunk Phantom
Bank
(Banks and financial services, >10.000 employees)
- Playbook Development
- Development of SOAR Architecture
- App Development
- Project Management
09/2019
-
10/2019
Product Auditor - Trusted Advisory Services
Security Application Vendor
(Internet and Information Technology, 50-250 employees)
- Analysis of application
- Creating audit report
- recomendations for strategic positioning at the market
- technical gap analysis - product capabilities vs market
- Providing potential scenarios for further investment
10/2017
-
11/2018
Security Analyst - 1st and 2nd Level + Incident Handler/Manager
Telecommunication provider
(Telecommunications, >10.000 employees)
- Security Operations
- Runbook development (Triage and Incident Management)
- Handling of incidents with lower criticality (no crisis management)
- Development of Splunk Correlation Searches
- Development of SOC KPI's and metrics for management reports
Local Availability
Open to travel worldwide
Project preferred in the greater area of Nuremberg and Regensburg as well as Munich
However mix of on-site and home office does work for me as well for national and international projects
However mix of on-site and home office does work for me as well for national and international projects
