10.10.2023 aktualisiert
20 % verfügbar
Cyber Security Expert
Oberwil bei Zug, Schweiz
Weltweit
M.Sc. Electrical Engineering (ICT)Skills
Active DirectoryMicrosoft AntivirusMicrosoft AzureIt-ForensikIncident ResponseIdentitätsmanagementLog-ManagementFernverwaltungAzure Active DirectoryStandards-CompliantVulnerability ManagementIT-ArchitekturHärtungssystemePurple Team (Netzsicherheit)Blue Team (Netzsicherheit)
- Investigation and performing triage of complex security incidents (T2, T3),
- Disk, memory, network analysis,
- Analysis of windows executables and DLLs,
- Experienced in designing IT and IT security infrastructure,
- Experienced with log collection and log management,
- Experienced in applying global threat intelligence information to detection, prevention and response systems,
- Experienced with vulnerability assessment solutions and scanners (Microsoft, Tenable),
- Experienced with writing rules and investigation on SIEM systems (Microsoft Sentinel, IBM QRadar, LogPoint SIEM, Elastic Cloud SIEM),
- Experienced with deployment, management and investigation in Microsoft Security solutions (MDE, MDO, MDI, MDCA, Microsoft Sentinel, MDC),
- Experience with EDR solutions (MDE, PaloAlto Cortex XDR, Fidelis EDR, VMware Carbon Black EDR, SentinelOne),
- Experienced in Windows environments (AD services, RDS, secure configuration, hardening, …),
- Experienced with Azure solutions,
- Have advanced knowledge on Linux systems deployment and configuration,
- Experienced in configuration and investigation on NIDS (Extrahop Reveal(X), Cisco Stealthwatch, Vectra.ai),
- Have solid knowledge on incident response procedures including criminal cases,
- Knowledgeable about different attack tactics (endpoint and network) and methods for prevention,
- Have knowledge on industrial security (OT) - worked with Cisco CyberVision,
- Have knowledge on security frameworks (CIS, NIST) and compliance standards,
- Have knowledge on security standards such as ISO 27001 and GDPR
- Experienced in consulting,
- Experienced in public speaking and presenting,
- Experienced in project leadership,
- Being a team player.
Sprachen
DeutschGrundkenntnisseEnglischverhandlungssicherItalienischgut
Projekthistorie
I work in a cyber defense center where I am responsible for development of cyber security architecture in Glencore, maintenance and improvements to incident response procedures and I am the lead incident response analyst. My responsibilities include hardening of the environment, developing cyber security architecture, presenting cyber security roadmap to higher IT management, handling of cyber incidents and implementing new technologies.
I worked in a SOC department where I was one of the lead engineers for Microsoft
technologies. My responsibilities were performing threat hunting, analyzing complex
security incidents (T2, T3), tuning of detection rules, deployment of new detection rules,
deployment and management of security solutions with focus on Microsoft solutions,
consulting, onboarding of customers, being technical account manager and consultant for 10
large customers (total 32000 endpoints). I am main cyber security consultant for one of the
largest ministries in Slovenia, and also for one ministry in one of the largest Middle East
countries. I worked as a Windows engineer responsible for environment of one national SOC
in one of the largest Middle East countries. I also took care of technical requirements for
partnership with Microsoft and participate in management discussions about partnership
strategies. In the past I published quite a few articles about cyber security and gave lectures
on international conferences (NT Conference - 2020, 2021, 2022 and InfoSek-2021). In the
beginning of the year 2021 I took part in an international Blue team and IR competition
(SOCX) and in 2022 I participated in Locked Shields competition representing Slovenian
team.
technologies. My responsibilities were performing threat hunting, analyzing complex
security incidents (T2, T3), tuning of detection rules, deployment of new detection rules,
deployment and management of security solutions with focus on Microsoft solutions,
consulting, onboarding of customers, being technical account manager and consultant for 10
large customers (total 32000 endpoints). I am main cyber security consultant for one of the
largest ministries in Slovenia, and also for one ministry in one of the largest Middle East
countries. I worked as a Windows engineer responsible for environment of one national SOC
in one of the largest Middle East countries. I also took care of technical requirements for
partnership with Microsoft and participate in management discussions about partnership
strategies. In the past I published quite a few articles about cyber security and gave lectures
on international conferences (NT Conference - 2020, 2021, 2022 and InfoSek-2021). In the
beginning of the year 2021 I took part in an international Blue team and IR competition
(SOCX) and in 2022 I participated in Locked Shields competition representing Slovenian
team.
I worked on 2 development projects. Development of Smart mirror capable of measuring
pulse and providing information such as calendar, weather, traffic situation, ... The second
project was research on the topic of 5G benefits for critical public services (police, firemen,
ambulance).
pulse and providing information such as calendar, weather, traffic situation, ... The second
project was research on the topic of 5G benefits for critical public services (police, firemen,
ambulance).
Zertifikate
CompTIA Security Analytics Expert
CompTIA2022
CompTIA Advanced Security Practitioner
CompTIA2022
Azure Solutions Architect Expert
Microsoft2022
Azure Administrator Associate
Microsoft2022
GIAC Certified Incident Handler (GCIH)
GIAC2022
Security Operations Analyst Associate
Microsoft2022
Enterprise Administrator Expert
Microsoft2021
Security Administrator Associate
Microsoft2021
CQURE 30-DAY WINDOWS SECURITY CRASH
CQURE2021
MCSA: Windows Server 2016
Microsoft2020
CompTIA Security Analytics Professional
CompTIA2019
CompTIA CySA+
CompTIA2019
CompTIA Security+
CompTIA2019
Cisco Certified Network Professional Enterprise
Cisco2019