SOC-Aufbau bei einem IT-Service-Provider

• advise to core processes of the CDC (Cyber Defence Center)

• support development of Security Incident Management Response processes, procedures, playbooks, standard operating procedures 

• develop methodology for risk prioritization of use case

• development backlog using ATT&CK

• operationally run Security Incidents as the Security Incident Manager or Security Analyst

 PAM related

• drive enhancement of „Berechtigungsmonitoring“ regarding BAIT requirements

Mainframe / RACF related:

• Facilitate Vulnerability Management for Mainframe related topics