Defending the Microsoft security stack by day · breaking my own homelab by night.
Cyber Defense Analyst on a SecOps team in Bern, Switzerland.
I work across Microsoft Sentinel, Defender XDR and Defender for Endpoint —
detection engineering in KQL, incident response, and managed security for customers.
Currently studying toward a Dipl. Informatiker HF in platform development & cyber security.
▹ Detection engineering & threat hunting in Microsoft Sentinel (KQL)
▹ Building SOC automation tooling in Python
▹ Running a self-hosted homelab — Linux, Docker, Ollama, Tailscale
▹ Studying toward further security certifications
brand — design system & tokens for raml.ch
cd-report-automation — SOC reporting automation
msg-viewer — .msg email inspector for threat triage
— made in Switzerland —
