Cybersecurity consulting based in Zurich. Over ten years of experience across Swiss banking, insurance, the defence sector and managed service providers. Digital forensics, SOC build-up and threat intelligence.
Four areas of focus. You work directly with the specialist, no intermediaries.
Triage, containment, forensic analysis and defensible documentation. From first alert to final report, including communication with management and authorities.
Building and maturing security operations: use cases, detections and playbooks with measurable value. Experience from small teams to 24/7 follow-the-sun operations at a managed service provider. Also available as a SOC review for existing teams and providers: maturity, processes, detection quality and a concrete improvement plan.
Turning the threat landscape into concrete decisions: make-or-buy evaluation, prioritisation by actual risk, and operationalisation down to the detection pipeline.
Assessments based on NIST CSF, building IR capabilities, SOC or IR lead ad interim. Senior experience without a full-time hire.
Verify the alert, assess the situation, filter out false positives.
Determine scope: affected systems, accounts and data.
Stop the spread without destroying evidence.
Remove the attacker's access and persistence.
Restore operations in a controlled, monitored way.
Report, lessons learned and concrete hardening measures.
Anonymised. Details and references available in a personal conversation.
Design and build-up of a security operations center at a Swiss IT service provider, serving tier-1 banks and spanning two continents. Processes, tooling, detection content and team leadership from one source.
Gap analysis against NIST CSF 2.0, remediation playbooks for account compromise, a threat intelligence framework and forensic readiness.
Security engineering and analysis in an environment with elevated requirements for confidentiality and traceability. Details in person.
Call directly. Initial assessment over the phone, no strings attached.
+41 79 261 50 51