Teamlead SOC

IT Security Analyst

Incident Response

Digital Forensics

Sebastian Heise

Aloha! I'm Teamlead of the Security Operation Center at Bechtle Cyber Defense Center. Since joining in 2022 as a Security Analyst and stepping into the team lead role in January 2026, I oversee SOC operations, drive incident response processes, and lead a team of cybersecurity professionals — while staying hands-on with DFIR and threat intelligence.

Social Media Contact

Resolved Incidents

600+

Days in DFIR

Days
* Last edited: 01/2026

What I Do

Incident Manager

As an Incident Manager, I oversee the complete incident response process in organizations. My role involves managing incidents, prioritizing based on severity, coordinating communication among teams and stakeholders, escalating high-severity incidents, and conducting post-incident reviews for continuous improvement. Essentially, my job ensures efficient incident handling to minimize their impact on our operations.

Digital Forensics

As a Digital Forensics Analyst, I investigate cyber incidents by analyzing digital evidence from devices and networks. My tasks include identifying, preserving, extracting, and documenting digital data, using specialized tools to retrieve even manipulated or deleted information. I maintain the integrity of evidence for legal use, collaborate with professionals like law enforcement, and aim to uncover the details of digital security incidents to assist in their prevention.

Cyber Threat Intelligence

As a Security Analyst, I believe that Cyber Threat Intelligence and Research are crucial elements of proactive defense. By gathering and analyzing information about potential threats and threat actors, we can better anticipate, prepare for, and respond to attacks. In my role, I actively engage in this intelligence gathering and research to understand the current threat landscape and bolster our cybersecurity measures accordingly.

Incident Responder

As an Incident Responder, I identify, assess, and mitigate cybersecurity threats in organizations. My key duties involve detecting security incidents, containing the threat by isolating affected systems, and eliminating the root cause. After handling the incident, I help to restore the systems to normal operation and conduct a review to improve future responses.

SOC Analyst

As an SOC Analyst, I monitor and safeguard our customer's cybersecurity. I detect potential threats, respond to security incidents, conduct proactive threat hunting, and maintain security tools and procedures. I also provide regular security status updates to stakeholders.

Projects

OSINT-Haven
Mailcow

Resume

IT-Security | Digital Forensics | Incident Response

Experience

01/2026 - Current
Bechtle

Teamlead Security Operation Center

As Teamlead of the Security Operation Center at Bechtle Cyber Defense Center, I lead and develop a team of SOC analysts, establish workflows and processes, and serve as the primary escalation point for critical security incidents. I maintain close collaboration with incident response, DFIR, and consulting teams while staying hands-on with threat detection and analysis.

2022 - 2026
Bechtle

IT Security Analyst

At the Bechtle Cyber Defense Center, my role spanned Incident Response, Digital Forensics (DFIR), Security Operation Center (SOC) duties, and Security Consulting. I actively detected, analyzed, and mitigated cybersecurity threats, ensuring an efficient incident resolution process. My DFIR work involved investigating cyber incidents, analyzing digital evidence, and helping to prevent future threats.
As part of the SOC, I monitored our digital infrastructure for potential threats, maintaining our security systems and procedures.
In my security consulting capacity, I provided valuable insights into security risks and assisted in formulating robust defense strategies.

2019 - 2022
Bechtle

Training as IT Specialist in System Integration

As an IT Specialist, one plans, configures, and networks modern IT systems or software. This can be accomplished within one's own company or at client locations. Additional responsibilities include troubleshooting system disruptions and providing user training.

2018 - 2019
RFC GmbH

IT Administrator

2017 - 2018
RFC GmbH

IT Intern / Working Student

Education

2019-2022
Bechtle

Training as IT Specialist in System Integration

2015-2018
TU Chemnitz

Study of Applied Computer Science

2012-2015

Fachabitur

Tech Skills

Windows Forensics (Client/Server)

80%

Linux Forensics (Client/Server)

65%

Firewall

40%

IoT (Work in Progress)

20%

Coding Skills

Bash

85%

Python

65%

PowerShell

60%

Go

45%

Languages

Deutsch

100%

Englisch

85%

Knowledges

  • IT-Security
  • Digital Forensics
  • IoT
  • Webserver
  • Windows Forensics
  • Linux Forensics
  • nginx
  • Hosting
  • Git
  • Cloudflare
  • Time Management
  • Webapplication Firewall
  • Communication
  • Team Leadership
  • SOC Operations

Certificates & Trainings

Certificates

301 - Yubico Technical Accelerator Certification

Show Credential
July 2025
Yubico

201 - Yubico Sales Accelerator Certification

Show Credential
July 2025
Yubico

101 - Yubico Essentials

Show Credential
July 2025
Yubico

Certified Threat Hunter

Credly
June 2022
Cybereason

Trainings

C# Programmierung Basiswissen

June 2020
Bechtle

Cisco Routing & Switching Fundamentals

August 2021
Bechtle

Certified Technical Specialist

September 2021
Cybereason

VMware Carbon Black EDR Administrator

August 2022
VMware Carbon Black

VMware Carbon Black EDR Advanced Analyst

October 2022
VMware Carbon Black

SOC Analyst Course

Accredible
September 2022
CQURE Academy

System Forensics and Incident Handling

Accredible
October 2022
CQURE Academy

Contact

Get in Touch

DE, Chemnitz

sebastian.heise@bechtle.com

Business

sebastian@b717.dev

Private