Bastian Haberl teilweise verfügbar

Bastian Haberl

Consultant und Engineer IT Security, Security Architect

teilweise verfügbar
Profilbild von Bastian Haberl Consultant und Engineer IT Security, Security Architect aus Muenchen
  • 81539 München Freelancer in
  • Abschluss: Master of Engineering
  • Stunden-/Tagessatz:
  • Sprachkenntnisse: deutsch (Muttersprache) | englisch (verhandlungssicher) | französisch (Grundkenntnisse)
  • Letztes Update: 27.10.2020
SCHLAGWORTE
PROFILBILD
Profilbild von Bastian Haberl Consultant und Engineer IT Security, Security Architect aus Muenchen
SKILLS
-----
Personal focus on projects with the following areas:

1) Splunk Phantom (Senior Positions/Solutions Architect  Professional Services) and Splunk Enterprise (Admin Certification in Progress)
2) SOAR in general (Palo Alto Networks Demisto, Siemplify)
3) Penetration testing (junior level) - teaming with senior penetration testers would be beneficial
4) Incident Response + Digital Forensics
5) Security Management/Risk Management
6) Security Architecture Development, ISO27k1 etc.
-----

Experience from various projects in international environments as project lead, team lead and project member with international colleagues  in:

 
  1. SIEM/Logmanagement + UseCase Development + UseCase Management (ArcSight, Splunk + Use Case Framework)
  2. Cyber Defense Services - 1st/2nd Level + Incident Handler/Manager
  3. Transforming CDC Operations Processes and Runbook development (Alarm/Incident Management)
  4. SOAR - Trusted Advisory Services (PoCs and Project Management) SOAR - Implementation of solutions - Siemplify, Splunk Phantom, Demisto, Resilient
  5. Metrics  and Reporting (KPIs)
  6. Deception Technology - Implementation and Advisory Services (PoCs and Project Management)
  7. Intruder Hunting with Deception Technology - Cymmetria MazeRunner
  8. Inhouse trainer for Splunk Phantom (Basic and Advanced/Power User Training)

Knowledge in
1) SOX
2) PCI DSS

Personal Interests:
1) Security Transformation, Security Architecture, CDC Management, Risk Management, Security Strategy, Incident Management
2) Penetration Testing, CDC Technology, IT Forensics

Languages:
German - mother tongue
English - fluent (spoken and written)

Degree:
B.Eng - Engineering & Management
M.Eng - Electrical Engineering and Information Technology

Certifications:
GCIH - GIAC Certified Incident Handler
Splunk Power User

Programming and Scripting Languages:
C/C++
C#, .NET
VBS/VBA
Python
PROJEKTHISTORIE
  • 05/2019 - bis jetzt

    • Telecommunication provider
    • >10.000 Mitarbeiter
    • Telekommunikation
  • SOAR Engineer for Siemplify and Senior Security Analyst
    1. Implementing and maintaining SOAR platform Siemplify
    2. Playbook Developemt (Triage and Incident Management Playbooks)
    3. Development of SOC KPI's and Metrics

  • 01/2020 - bis jetzt

    • Bank
    • >10.000 Mitarbeiter
    • Banken und Finanzdienstleistungen
  • Technical Lead SOAR Team Splunk Phantom
    1. Playbook Development
    2. Development of SOAR Architecture
    3. App Development
    4. Project Management
    5. Leading development team

  • 12/2018 - 12/2019

    • Bank
    • >10.000 Mitarbeiter
    • Banken und Finanzdienstleistungen
  • SOAR Engineer Splunk Phantom
    1. Playbook Development
    2. Development of SOAR Architecture
    3. App Development
    4. Project Management

  • 09/2019 - 10/2019

    • Security Application Vendor
    • 50-250 Mitarbeiter
    • Internet und Informationstechnologie
  • Product Auditor - Trusted Advisory Services
    1. Analysis of application
    2. Creating audit report
      • recomendations for strategic positioning at the market
      • technical gap analysis - product capabilities vs market
      • Providing potential scenarios for further investment

  • 10/2017 - 11/2018

    • Telecommunication provider
    • >10.000 Mitarbeiter
    • Telekommunikation
  • Security Analyst - 1st and 2nd Level + Incident Handler/Manager
    1. Security Operations
    2. Runbook development (Triage and Incident Management)
    3. Handling of incidents with lower criticality (no crisis management)
    4. Development of Splunk Correlation Searches
    5. Development of SOC KPI's and metrics for management reports

ZEITLICHE UND RÄUMLICHE VERFÜGBARKEIT
Wohnort: München
Arbeitsorte: flexibel

Ab 01.01.2021:
Projekte in Nürnberg und Regensburg gesucht bzw. bevorzugt
Generell aber flexibel
KONTAKTANFRAGE VERSENDEN

Nachricht:

Absenderdaten: