legal contact

Security projects since 2015

I've started a new career as Security Analyst (Level 3) in 2015 at Airbus Defence & Space.

This section covers most of the topics that I'm responsible for in my role as a Security Analyst

  • Design, build and run of malware harvesting and IOC generation using MISP, Cuckoo
  • Conducting, designining and running a company-wide IOC-sharing platform
  • Static malware analysis
  • Analysis of ongoing threats within the Airbus premises
  • Forensic network analysis
  • Design, build, run, securing, monitoring and documentation of the SOC-Lab (Windows AD, VMware, mail, dns, dhcp, FW, AV, proxy)
  • Run, monitor, administer company-wide Vuln. Assessment using Greenbone and Nessus.
  • Comprehensive VA reporting using own Splunk views
  • VA Ticket automation using Splunk and OTRS
  • Supporting several Cyber Audits as Analyst L3
  • UseCase definition, implementation and testing of new and upcoming threats
  • Training of internal teams (TCP/IP, ip routing, VA, OSINT, IOC-Sharing, Splunk, MISP, Cuckoo)
  • Analysing live data in terms of unwanted behaviour
  • Joining Airbus “Cyber Task Force” for identifying and defining new threat mitigations
  • Internal and external advice on strategic, process-oriented and technological issues relating to IT and Cyber Security
  • Designing, building and running:
        • Vulnerability Assesment using Greenbone/OpenVAS
        • Comprehensive Splunk-VA dashboarding and reporting
        • Automation of VA-Ticketing using Splunk and otrs
        • IntelThreat exchange internaly and external using MISP, Soltra and several OSINT tools
        • Technical management of our Level2-Analysts within the SOC
  • Building up knowledge within threat sharing
        • Using CIF
        • Using MISP
        • Using IntelMQ
        • Using Soltra
  • Designing, buildung and running live data correlations with
        • Splunk
        • MISP
        • IntelMQ
  • Starting a new personal development as "Data Analyst"

    This is still an incomplete list, so stay tuned for further updates ....  ;-)