Author Image

Hi, I am Giuseppe

Giuseppe Paternicola

Incident Response CSIRT at InfoGuard

An Incident Responder in the CSIRT (Computer Security Incident Response Team) at InfoGuard is responsible for handling and responding to cybersecurity incidents within an organization. My primary role is to help companies to detect, analyze, contain, mitigate, and recover from security incidents effectively and efficiently.

Flexible
Ambitious
Curious
Team Work
Hard Working
Focused

Experiences

1
InfoGuard

2020 - Present, Baar, Switzerland

InfoGuard is a leading and independent Swiss company for comprehensive cyber security and innovative network solutions. More than 200 security specialists in Zug and Bern ensure information security for over 300 business customers in Switzerland, Germany and Austria on a daily basis. InfoGuard customers include well-known banks, insurance companies, industrial companies, energy service providers, hospitals, service providers and authorities.

Cyber Security Analyst (Incident Response CSIRT)

2022 - Present

  • Support of Cyber Defence Center (CDC) in escalations of security incidents
  • Responsibleforinvestigations,communicationandcoordinationwith customers as an incident responder
  • ExecutionofCompromiseAssessments
  • ThreatHunting
  • Technical management and further development of Tier 2 analysts
  • Furtherdevelopmentofdetection&responseservices,threathunting methods and attack detection
  • Analysis of Business Email Compromise (BEC)
  • Build and evolveinternal toolchain for CSIRT’s analysis, response and remediation capabilities.
  • Further development of Endpoint Detection & Response (EDR) solutions
Security Engineer

2020 - 2022

  • Endpoint Security & EDR
  • Detection,Incident Response and Forensic
  • EndpointSupport/Troubleshooting
  • Systems Management and Administration
  • Software engineering and scripting(e.g.Bash, PowerShell, Python)
  • Design and implementation of Splunk infrastructures, products, apps,reports and dashboards
  • Realize challenging logmanagement projects for InfoGuard customers
  • Further development of Splunk implementations for the CyberDefence & Operation Center
  • Advising customers and providing technical support to internal colleagues in the areas of security monitoring and log management
  • Holding trainings and courses at customer sites in the context of hands-on sessions
Senior System Engineer
BDO AG

2019 - 2020, Solothurn, Switzerland

BDO Switzerland is primarily an accounting and auditing firm that also provides consulting services. The firm serves architects, physicians, the hotel and restaurant industry, public administration, and financial services.

Responsibilities:
  • Further development of SCCM environments as well as Windows client environments in cooperation with infrastructure architects.
  • Support in our team of Microsoft specialists in the support of our own IT infrastructure for over 1,000 employees
  • Independent monitoring of Microsoft applications and proactive search for potential improvements
  • Client Security Hardening.
  • Ensuring a flawless operation of the IT infrastructure for the employees and customers
  • Responsibility for operation, maintenance and 2nd level support of our SharePoint environments
  • Installation, configuration, monitoring, troubleshooting, patch management, and handling of incident and problem tickets.
2
3
Senior System Engineer Workplace
Avectris AG

2017 - 2019, Baden, Switzerland

Avectris AG provides information technology services. The Company specializes in IT consulting, development, and implementation, as well as secure and stable operation of IT systems and networks. Avectris serves customers in Switzerland.

Responsibilities:
  • Responsibility in the project business within the scope of conception, setup and configuration of client infrastructures as well as assumption of sub-project leadership
  • Conception and further development of SCCM infrastructures as well as Windows client environments in cooperation with infrastructure architects, account and product management
  • Support with operational problems within the scope of 3rd level support
  • Technical support of the sales team during customer visits and presentations
  • Developing the technical solution description for building and transforming client environments and ensuring feasibility as a member of the BID team
  • Operate, maintain and support Microsoft System Center Configuration Manager (SCCM)
  • Maintain GPO and GPP
  • Maintaining client applications
  • Scripting (VB & PowerShell
Workplace Engineer
SRG SSR

2015 - 2017, Bern, Switzerland

The Swiss Broadcasting Corporation is the Swiss public broadcasting association, founded in 1931, the holding company of 26 radio and television channels.

Responsibilities:
  • Operate, maintain and support Microsoft System Center Configuration Manager (SCCM) for the SRG Workplace.
  • Maintain GPO and GPP
  • Operate, maintain and support the Mobile Device Management Tool (Microsoft Intune and VMWare Airwatch)
  • Manage data structures (fileshares, authorization)
  • Create, manage, maintain and further develop the deployed client operating systems as well as the deployed software packages
  • Creation, administration, maintenance and further development of hardware and software reporting
  • Creation, administration, maintenance and further development of client and mobile security concepts
  • 2nd level support in the application area
  • Collaboration in change and release management
  • Collaboration in various IT projects
4
5
Galexis AG

2010 - 2015, Niederipp, Switzerland

Galexis is the leading wholesaler and service provider in the Swiss healthcare market and the link for all players involved.

System Engineer

2014 - 2015

  • Ensuring the smooth operation of the system environments
  • Further development of the system environments so that the needs of the business units can be met
  • Project management and/or project work for the introduction of new environments and/or components
  • Operation and further development of the central data center infrastructure (power systems, storage environments, etc.)
  • Receiving and processing hardware and software problems (2nd level support)
  • Clarification and elimination of faulty system states
  • Ensuring the system documentation and the system guidelines
  • Developing and updating procedure checklists
  • Updating the hardware and software inventory of all infrastructures used
  • Training of the system administrators in connection with the system operation
  • Creation and maintenance of software packages
  • Further development of the client architecture
Client Engineer

2013 - 2014

System Specialist

2010 - 2013

Education
Bern University of Applied Sciences - BFH
2021 - 2022
CAS Specialist in in Digital Forensics and Cyber Investigations
Bern University of Applied Sciences - BFH
2021 - 2022
CAS Advanced Studies in Digital Forensics and Cyber Investigations
IFA - Die Höhere Fachschule der Digitalen Wirtschaft
2017
ICT System- und Netzwerktechniker mit eidg. Fachausweis

Certifications
TCM Security
2023
Practical Malware Analysis & Triage
SANS Institute
2023
GIAC Certified Forensics Analyst (GCFA)
Splunk
2021
Splunk Enterprise Certified Architect
Splunk
2021
Splunk Enterprise Certified Admin
Splunk
2021
Splunk Enterprise Certified Power User
Splunk
2021
Splunk Core Certified User
Offensive Security
2019
OSCP (Offensive Security Certified Professional)
EC School London
2018
EC English School Certified of Studies
IFA - Die Höhere Fachschule der Digitalen Wirtschaft
2016
IBAE - Prozesse modellieren und darstellen
IFA - Die Höhere Fachschule der Digitalen Wirtschaft
2016
IBAE - Als Business Analyst (Teil-) Projekte leiten
IFA - Die Höhere Fachschule der Digitalen Wirtschaft
2016
IBAE - Probleme strukturiert lösen, darstellen und präsentieren
AXELOS Global Best Practice
2015
ITIL Fondation Edition 2011
Microsoft
2012 - 2013
Microsoft MCSE and MCSA Server Infrastructure