Summary
Overview
Work History
Education
Skills
Certification
Permit
Personal Information
Timeline
Uno Oien

Uno Oien

Cyber Security Architect Specialist
Neuenhof

Summary

Detailed Career Summary

Overview

14
14
years of professional experience

Work History

Endpoint, System Engineer

Bank Julius Baer
01.2020 - Current
  • Managing Security Solution running on W10 clients, Exchange Servers, VDI and File Servers.
  • As primary contact person Managing and administrating the security solution from McAfee/Trellix.
  • Planning for updates / upgrades of installed running software not exclusively security related.
  • Main contact person for creating, testing, implementing new policy and rule sets to our current security solution.
  • Data Loss administration, management. Create new rule sets as new threats are detected from wide variation of devices. Prevent Data Loss of digitally stored data.
  • Windows Endpoint Security.
  • Access Protection.
  • Distribution test and functionality of packages built for Software Distribution.
  • Altiris and SCCM distribution.
  • Maintenance window planning.
  • PowerShell signing for the Bank.
  • Script signing for the Bank.
  • Active Directory management and GPO management.
  • Access Management.
  • Administration of Vulnerability result and mitigation advise.
  • Planning for introduction of Security Solutions and running POC of such solutions and Project Planning.
  • Ordering hardware and software.
  • Work closely with the Banks SOC team, on integrated Splunk solution.
  • Threat analysis.
  • Malware threat response on incidents.
  • Starting up new projects related to Security and raise the Security thinking in the Bank.
  • Actively taking part of different ongoing projects in the Bank, leading as product manager different projects to improve the overall satisfaction for users in the Bank and improve Security.
  • Working with management and administrative tools as Jira and Service now.

Project Endpoint Security

Solcom GmbH
01.2024 - 01.2025
  • Development of the Endpoint Security antivirus platforms using the Trellix product, with the goal of new installation and operational readiness of the Endpoint Security antivirus platforms on Trellix.
  • Analysis of existing systems, taking into account customer-specific requirements regarding Endpoint Security according to Trellix.
  • Creation of a development concept for Endpoint Security based on the previously conducted analysis.
  • Development, new installation, commissioning, and ensuring the functionality of the 'Endpoint Security' antivirus platforms using the Trellix product.
  • Migration/installation of policies concerning IT security and software development for Trellix onto the developed and installed antivirus platforms.
  • Migration of policies to the developed and installed antivirus platforms.
  • Creation and execution of tests for the previously developed Endpoint Security, including troubleshooting with potential rollout of updates or upgrades (if different versions are the cause of the error) and creation of test reports on this.
  • Creation of detailed technical documentation.

Security Engineer

Avaloq
01.2019 - 12.2019
  • As Avaloq had seen a rapid growth, the overall IT Security did not follow the growth, my main duty mitigates security weakness issues discovered in audit report.
  • And also as Security Officer responding to different raised alerts, and action these.
  • Example of mitigations, with: TLS 1.2, NTLM enforcement, Certificate review and create a instruction on how to manage certificate, Server Message Block (SMB, Externally Published Services review, WSUS communication, SCCM communication, Password policy, Active Directory and GPO changes to further strengthen security in the firm.
  • Also conducted Phishing hunt in the organization, this was a highly manual task, and overall exchange (mail) safety thinking.
  • I also architecture a potential implementation of a SIEM solution and suggested best practice and integrate with Azure ATP and security solutions from other vendors.
  • Further taking part of suggestions on how to build up a SOC team.

Endpoint Security Engineer

Pro Informatik GMBH
01.2018 - 12.2018
  • Member of Bank Julius Baer, Altstetten, Electronic Workplace Team.
  • Administrating and managing the bank's McAfee solution, this includes ePO, DLP, HIPS, VSE, DXL, TIE, VSE for Storage, ENS and MSME.
  • This on Win7, Win10, Exchange Servers and Linux.
  • Further as part of the security solution for W10 administrating MBAM setup on Servers.
  • Make sure that the banks overall security solution is in a healthy state, compliant.
  • Create packages for deployment in SCCM and Altiris for W7 and mostly for new implementation of W10 as part of this testing functionality of the different software to be installed, make sure they install, r and behave as outlined in company policies.
  • For overall health check of the bank.
  • Further actively working with following: Splunk for overall health check of the bank, Active Directory, Power shell, Access Rights, IAM, Change Management, Ordering of hardware, IBM Notes, Asset Management, SharePoint, JIRA, Certificates, Signing of scripts before they execute.
  • Schedule updating maintenance windows.
  • Support on various task within the Electronic Workplace Team.

ICT Architect Expert

Swisscom
01.2018 - 12.2018
  • Working as part of Swisscom Architecture on different project to safeguard Credit Suisse environment.
  • The overall duties are part of an ongoing project to migrate current Microsoft OS onto a Windows 10 solution and as part of this not only hosts but also on the network side.
  • As per Credit Suisse requirements architecture of Firewall rules for the Windows 10 project, this are FW as part of McAfee ENS.
  • Firewall rules also included test and troubleshooting steps and documentation.
  • Developed information security management program and strategy, associated security policies, procedures for the bank.
  • As program manager leading a development of a new software solution.
  • Testing of new releases from Palo Alto for the different hardware applications associated with the bank, includes Architecuring, testing of software upgrade, downgrade and documentation.
  • Created an IT security technical reference architecture and documented current state security capabilities, current state gaps and future state roadmap aligned with IT and business strategies.
  • The architecture work and final product are regulated by International accepted standards and within Swisscom's integrated ISO/IEC management system.
  • Architecture of a robust solutions to avoid any single point of failure in event of a disaster, and best option for efficient recovery from any event.

Specialist Security / End-User

Bechtle Steffen Suisse SA
01.2017 - 12.2017
  • Hired to make sure certain security solutions will be implemented to highest level of Security.
  • A project at Celgene in Boudry and ongoing is an implementation on a Virtual environment in form of McAfee Move multiplatform, and to have Move running and securing the the Virtual environment.
  • Also architecting and planning for implementation of Security features from Microsoft, this is part of a wider implementation on the Celgene environment of an upgrade from Windows versions to Windows 10.
  • Initially will have Microsoft Bitlocker with SCCM integration this to make sure a compliance based reporting is managed by a standard management tool.
  • Further investigated hardware need for a coming implementation of Microsoft Windows 10.
  • Also investigated to maximize the usage of included features in the Microsoft Windows 10 to safeguard the estate and a potential decommission of existing security vendors, this included decommissioning policies and procedures.
  • Working closely with staff located in Switzerland office in Boudry as well with main office staff members based in Summit, US.

Security Engineer

SwissRE
01.2017 - 12.2017
  • Part of Windows 10 project at SwissRe, this due to migration from a McAfee solution to Microsoft Windows 10 security stack.
  • As a Security Engineer in the project I investigated potential impact migrating away from McAfee to a one vendor solution from Microsoft and what the impacts will be for the organization.
  • Business architecture investigation into impact of changing from a existing security vendor to a Microsoft solution that will safeguard the business into the future.
  • Identity management related to Microsoft Windows 10 security stack vs CA technologies.
  • Microsoft Certification authority solution in Windows Server.
  • PKI infrastructure with appropriate certificates for different roles regards to Web Sites/Service Access.
  • Also conducted performance testing and functionality testing of Win 10 different solutions as well as McAfee when it comes to removal and potential impact on systems.
  • Safeguarding of Servers running Active Directory (AD), Databases SQL, DC.
  • Networking security on Cisco switches, routers and VPN.
  • Evaluation of firewall functionality from different vendors as McAfee, Juniper, Check Point, Cisco to minimize impact on user experience.
  • As part of the project I have taken part of: Daily project meetings, High and low level documentation architecturing, Test documentation, Testing of solutions within W10, Sharepoint, Jira, Communication with different stakeholders, Created policies and different rules to be implemented, Evaluated functionality in Device Guard and technologies as Credential Guard, Code Integrity and Secure Boot.

Security Engineer

Credit Suisse
01.2016 - 12.2017
  • Worked as part of Credit suisse project to migrate the estate to W10 and migration of security solution.
  • Investigate to replace existing security solutions with what can be offered within W10 security stack.
  • Example to utilize Windows Defender Advanced Threat Protection instead of using a solution as McAfee (Intel Security) Threat Intelligence Exchange seen from a security and cost efficiency perspective.
  • Compared different security solution offered on the market to see if Microsoft W10 are able to replace them and still keep a really high security on the estate in combination with high performance.
  • Database security Microsoft SQL and SQL Express.
  • Comparing different authentication options introduced with W10 technology.
  • Microsoft Exchange technology, OWA client, DLP and performances comparison version 2013 vs 2016.
  • Recommendation of security vendors solution for a really effective multilayer security solution.
  • Testing functionality in McAfee Endpoint Security 10.2 and 10.5 when it comes to the different modules Access Protection, Exploit Prevention, Firewall and Web Control, also make sure that existing policies in products as VSE and HIPS can safely be migrated across.
  • Investigated impact of DLP products and different vendors impact on an organization.
  • Investigating impact of changing distribution system for the estate and how this would work with different products.
  • Troubleshooting security solutions and work with different stakeholders to find solution.
  • Authentication testing if Password can be replaced with strong two factor authentications (PIN) related to users device.
  • Evaluate Intrusion Prevention System and Intrusion Detection System and potential impact on estate.
  • Writing different documents to be able to better keep track of policy changing process.
  • Testing and evaluation of management server for security solution.

Senior McAfee Engineer / Cyber Security

Barclays PLC
01.2016 - 12.2016
  • Migration project at Barclays PLC, migrating existing security solution to a McAfee solution.
  • This includes the entire Barclays organization and includes some 250,000 client machines, and servers to be added to project.
  • The implementation of McAfee covers Windows XP, Windows 7, Windows 8, Windows 10, MAC and Linux/Unix machines in the project.
  • Server side Windows 2003, Windows 2008 and Windows 2012.
  • Develop business architecture using requirements such as scope, processes, alternatives, and risks.
  • Business analyze of requirements and processes for the success of project.
  • As part of the migration I worked with planning implementation of Endpoint Security, Data Loss Prevention, Firewall, Application Control, Intrusion Prevention, Intrusion Prevention, Encryption, IAM, Microsoft Intune.
  • Database Security for Oracle, SQL, SQL Express, Sybase and integration with SIEM solution.
  • Encryption software and trust store for PKI authentication.
  • Security for Virtual Environment, ESXI and VmWare, implementation, testing and documentation.
  • Evaluation of Juniper in regards to Centralized authentication, authorization, and accounting, and Firewall evaluation v.s other vendors.
  • Part of IT Strategy planning and roadmap for a future stabil business solution and recovery in any event accordingly to BCMS and ISO 22301.
  • Architecture of Cyber Solution to follow different Security Regulations in the Financial Services Industry, for the UK, Europe, North America and rest of the world.
  • Daily work routines could be: Review and implement policies for the different products, Assessing the change management impact to the estate, Planning for any Change Requests and make sure that we follow any Change Control.
  • Assist with engineering and architecture planning and conduct gap analysis on current infrastructure programs.
  • Collaborate with different stakeholders for a smooth implementation on the full estate.
  • And make sure that we have an implementation that follows compliancy with government, industry and financial regulations.
  • Troubleshooting different issues reported in. This can be on the newly implemented McAfee solution or issues with existing vendor Symantec, Lumension.
  • Troubleshooting performance issues on desktop machines using tools like Process monitor, Process Explorer.
  • Troubleshooting connection issues on desktops, Firewall, issues with drivers, Application issues.
  • Using different tools from McAfee such as MerAnalyzer to find issues.
  • Taking part of planning Barclays Active Directory structure for a smooth match to McAfee security solution.
  • Identity and Access Management controls (IAM) permissions to policies, policies to groups and assignment of users to groups.
  • Planning and giving directives for group policy usage and to match with McAfee security solution.
  • Make sure that McAfee desktop solution reports correctly to EPO and SIEM.
  • Preparing different automated tasks that will be used for threat alerts.
  • Using different internal Barclay solutions for asset management of desktops.
  • Auditing and Perform Risk Assessments on critical parts of Barclay environment.
  • Also work on Thin Client and VDI machines.
  • Planning for implementation of McAfee MOVE on virtual environment.

Technical consultant

ITB
01.2015 - 12.2015
  • Architecturing security solutions for existing and potential new customers.
  • Create change requests and implementation of security solutions.
  • Installation of Cyber Security Technology on clients site, software based as well as Hardware based systems.
  • Auditing and Perform Risk Assessments and provide Solutions to mitigate risks discovered.
  • Create Statements of Work (SOW) and Proof of Concepts (POC's) for different products.
  • Design and deploy policies and rules to harden security solutions for an organization.
  • Create user manuals, for end user as well as administrative manuals.
  • Create executive reports for organizations.
  • Pre-Sales meetings with existing or potential new customers.
  • Administration of Internal Network, Active Directory and 365 Mail.
  • Managed a technical team.
  • At ITB I have also implemented a most needed infrastructure for the technical and sales teams, this was part of a IT Management change within the organization.
  • Projected and built up a MSP (Managed Service Provider) service solution, this includes budget calculation, contact with 3'd party companies, ideas for marketing and training of sales staff for better understanding of selling a MSP solution integrated with a Security Solution.
  • And fully implemented a solution from Solarwinds.
  • Planning for a Manage Service solution required research on hardware for Servers as IBM, HP, Dell and Network security in form of firewall to implement as Juniper, Barracuda, Palo Alto.

Security Consultant

Caretower Limited
01.2012 - 12.2012
  • Auditing of customer's environment.
  • Design Security & Management solutions for different organizations.
  • Perform Risk Assessments and provide Solutions to mitigate risks discovered.
  • Writing Statements of Work.
  • Taking part of pre-sale for different customers and potential customers.
  • Writing POC's (Proof of Concepts) for different products.
  • Installation of Security solutions for customers, Software and Hardware based Cyber Security Systems.
  • Create and deploy policies and rules to harden security solutions for an organization.
  • Design user manuals, this includes end user as well as administrative manuals.
  • Create executive reports for organizations.
  • I mainly worked with McAfee products, this includes, EPO, VSE, HIPs, DLP, Network DLP, EEPC, Application Control, Change Control, Deep Defender, MSME (Email Security), Site Advisor, MOVE, Multi-Factor Authentication, Deep Command, GTI Proxy and appliances such as SIEM, Web Gateway and Mail Gateway, Mobile Security, Security for Mac, Linux based and Database Event monitor.
  • Also work on products from Symantec security suites, CA technologies, Solarwinds, VmWare, Palo Alto, D-Link, Cisco.
  • On above mentioned products covered Pre-Sale, POC's and implementation at customer sites and follow up advice to any questions from customers.
  • Actively taking part of complete implementation, including Planning phase, outlining benefits, risks, roles and before after state.
  • Execution phase, analysis and design, testing, implementation, post implementation.
  • Covered organizations ranging from the small business to large organizations, Councils and organizations working with the Ministry Of Defence.
  • Customer visits on a weekly basis (or on basis after contract) to ensure high compliance, security solution is running as planned.
  • Assisting customers in writing Change request for any implementations and to avoid any implementation problems.
  • Writing executive reports for ongoing service contracts.
  • Create guides for products after implementation, this for end user experience as well as for administrators.
  • As part of my work I do follow different regulations to make companies and organizations compliant and within frames of an audit, example GRC Governance risk management and compliance, Payment Card Industry Data Security Standard (PCI DSS) standards, ISO/IEC International Organization for Standardization and the International Electrotechnical Commission.

Education

University -

University
01.1985

Sigma Education - Computer knowledge, Database construction, Computer communication, Visual Basic programming, LAN administration, Hardware and software, Java Programming, Technical English

Sigma Education
01.2000

Semcon Education - C, C++, Java, SQL, HTML and CSS

Semcon Education
01.1999
full-time education for one year

Skills

Troubleshooting

Certification

McAfee Accredited Channel Engineer

Permit

Switzerland C-Permit

Personal Information

  • Visa Status: Swedish National with Switzerland C-Permit
  • ID Type: Date of Birth
  • ID Number: 591215
  • Date of Birth: 591215
  • Nationality: Swedish
  • Marital Status: Married with children
  • Work Permit: C-Permit

Timeline

Project Endpoint Security - Solcom GmbH
01.2024 - 01.2025
Endpoint, System Engineer - Bank Julius Baer
01.2020 - Current
Security Engineer - Avaloq
01.2019 - 12.2019
Endpoint Security Engineer - Pro Informatik GMBH
01.2018 - 12.2018
ICT Architect Expert - Swisscom
01.2018 - 12.2018
Specialist Security / End-User - Bechtle Steffen Suisse SA
01.2017 - 12.2017
Security Engineer - SwissRE
01.2017 - 12.2017
Security Engineer - Credit Suisse
01.2016 - 12.2017
Senior McAfee Engineer / Cyber Security - Barclays PLC
01.2016 - 12.2016
Technical consultant - ITB
01.2015 - 12.2015
Security Consultant - Caretower Limited
01.2012 - 12.2012
Sigma Education - Sigma Education, Computer knowledge, Database construction, Computer communication, Visual Basic programming, LAN administration, Hardware and software, Java Programming, Technical English
Semcon Education - Semcon Education, C, C++, Java, SQL, HTML and CSS
University - University,

Similar Profiles

  • Patrick Arnet

    Patrick ArnetPatrick Arnet

    Product Owner / OPS Analyst/ Deputy Dep. Head at Bank Julius Baer & Co Ltd.Product Owner / OPS Analyst/ Deputy Dep. Head at Bank Julius Baer & Co Ltd.

  • Akash Tyagi

    Akash TyagiAkash Tyagi

    Associate Director at Bank Julius BaerAssociate Director at Bank Julius Baer

  • CHRISTOPHER KHOO KEE AUN

    CHRISTOPHER KHOO KEE AUNCHRISTOPHER KHOO KEE AUN

    SECURITIES TRADE PROCESSING OFFICER (Bonds/ Structured Products) (Contract Expired) at BANK JULIUS BAER SINGAPORESECURITIES TRADE PROCESSING OFFICER (Bonds/ Structured Products) (Contract Expired) at BANK JULIUS BAER SINGAPORE

  • Anna Miroshnychenko

    Anna MiroshnychenkoAnna Miroshnychenko

    Boutique Director at Royal Gift Niche Perfumery | Korloff Jewerly & WatchesBoutique Director at Royal Gift Niche Perfumery | Korloff Jewerly & Watches

  • Nishant Bhatnagar

    Nishant BhatnagarNishant Bhatnagar

    Project Manager, Pharma/ Food/ Plastic Industry at Coperion K-TronProject Manager, Pharma/ Food/ Plastic Industry at Coperion K-Tron

CREATE PROFILE
Uno OienCyber Security Architect Specialist