09/2020 – PRESENT
Confidential – Zurich, SWITZERLAND
Manager of the Security Operations Center
• Establishment and management of the SOC
• Defining, establishing, operating and further developing the security incident management for the SOC and the outsourcing partner(s)
• Defining, developing, optimizing and operating security monitoring use cases in the SIEM
• Executing security investigations, threat hunting and forensic analyses
• Defining, structuring and improving information security controls according to NIST SP 800-171 in close cooperation with the CISO organization and outsourcing partner(s)
• Controlling various security-related projects such as evaluation, procurement and implementation of a new vulnerability scanning solution or rollout of a new intrusion detection system
• Deputizing for the CISO

07/2018 – 08/2020
ISPIN AG – ZURICH, SWITZERLAND
Senior Information & Cyber Security Consultant
• Trusted Security Advisor (security cleared (PSPV11)) for critical infrastructures and high-security environments
• Security Strategy and Governance Consulting
• Defined security principles and security architectures for critical infrastructures and high-security environments
• Developed system and solution architectures/concepts for IT security services for critical infrastructures and high-security environments
• Developed Cyber Incident and Response Plans (CIRP)
• Developed and defined Security Operation Centre (SOC) processes and procedures
• Interim SOC Manager for an international technology company
• Analysed data protection and IT security issues as well as assessed potential risks and the associated security threats in critical infrastructures/highly secure environments
• Specialized in NATO C3 taxonomy, NIST Cybersecurity Framework, NIST 800-61, 800-53, NIST 800-39 as well as ISO 27001 and ISO 27002 controls, etc.

03/2018 – 05/2018
ARCPLACE AG – ZURICH, SWITZERLAND
Senior Security Consultant
• GDPR support
• Contact for compliance questions (ISO27001)
• Service development/evaluation with a primary focus on “Data Governance & Compliance” solutions

04/2017 – 01/2018
INFOGUARD AG – BAAR, SWITZERLAND
Senior Cyber Security Consultant / Cyber Defense
• Project management for the planning and implementation of a Security Operation Center (SOC) for a large organization in the public sector
• Developed and accepted SOC process documentation
• Developed customized SOC use case definitions, including cyber threat hunting and cyber threat detection
• Developed a SOC SLA contract management standard framework

10/2016 – 03/2017
SCHMOLZ + BICKENBACH AG – LUCERNE, SWITZERLAND
Global IT Security & Compliance Specialist
• Defined internal security policies, standards and guidelines as well as security best practices
• McAfee Endpoint security rollout (HIPS)
• Firewall-/Proxy transformation (Palo Alto Networks)

03/2016 – 09/2016
EXECURE AG – WETTINGEN, SWITZERLAND
Security System Engineer
• Supervised and managed the F5 Web Application Firewalls (WAF module) for an international pharmaceutical company
• Penetration testing of Web Application Firewall policies
• IT Forensics of possibly infected endpoints
• Evaluated and tested new solutions in the field of “Advanced Threat Protection for endpoints”
• Designed and implemented a network monitoring solution

07/2014 – 02/2016
KPMG AG – ZURICH, SWITZERLAND
Manager Cyber Security (IT Advisory)
• Planned and executed external technical audits, including IT Security assessments as well as vulnerability and penetration tests in Swiss e-banking environments
• Implemented systemic IT Forensic analyses, including malware analyses
• Successfully established Cyber Defence Services (CDS)
• Security Incident Response in case of possible cyber attacks
• Evaluated customer-specific security requirements for IT networks, data centres and endpoint security solutions in the context of IT outsourcing projects
• Reviewed technical security concepts and proposed solutions as well as concepts for their implementation
• Test Manager for new and existing IT security solutions

11/2013 – 06/2014
IN & OUT AG – ZURICH, SWITZERLAND
Senior Security Consultant
• Supported external clients in the field of information security and risk management
• Planned and executed external technical audits, including IT security assessments, vulnerability and penetration tests
• Developed IT security strategies
• Participated in the development and implementation of customer and order-specific IT security solutions
• ISO27001 and PCI DSS compliance support

04/2007 – 10/2013
BCD TRAVEL – SWITZERLAND AND EUROPE
Manager Information Protection & Security EMEA
• Created internal security guidelines, standards, procedures and best practices based on ISO 27001, PCI DSS and NIST
• Monitored the compliance and documentation of security policies
• Conducted IT audits based on ISO 27001, PCI DSS, NIST and CIS
• Participated in the certification of the EMEA datacentre environments
• Performed internal security assessments as well as vulnerability and penetration tests
• Security Incident Response management, including the creation of security incident response plans and related security test scenarios
• Initiated Security Incident Response measures and executed appropriate analyses (IT Forensics)

01/2006 – 03/2007
CLEAR CHANNEL PLAKANDA AIDA GMBH – CHAM, GERMANY
Manager, IT System Development & Administration
• Monitored the entire IT infrastructure in Switzerland
• Installed and maintained a wide range of IT systems (client/server and infrastructure)
• System and network design and documentation
• Created IT policies and processes, including the integration of new attack scenarios and threat vectors
• Supported in IT change and problem management
• IT project support
• Purchased IT, including negotiations with suppliers

07/2000 – 12/2005
CARLSON WAGONLIT TRAVEL – GERMANY AND SWITZERLAND
IT System & Network Engineer

06/1997 – 05/2000
DL – BAD HOMBURG V. D. H., GERMANY
IT Administrator / Engineer

03/1996 – 06/1997
KHK SOFTWARE (SAGE) – FRANKFURT AM MAIN, GERMANY
IT Support Specialist

10/1995 – 02/1996
GERMAN ARMED FORCES – COLOGNE, GERMANY
Military Service

07/1994 – 08/1995
GESELLSCHAFT FÜR ZAHLUNGSSYSTEME MBH – FRANKFURT AM MAIN, GERMANY
Specialist “International Security and Anti-Fraud”