Thanks to our own salaried and highly qualified cyber security experts we are your trusted partner for first-class cyber security services.

40+ highly qualified cyber security experts – including certified penetration testers (OPST, OPSA, OSCP, OSCE, GXPN), digital forensics specialists (ISO 27035, CERT-CSIH, GCIH, GCFA, GCFE, GREM, GNFA), ISO security auditors (ISO 27001 Lead Auditor, ISO 27005 Risk Manager), Lead Incident Manager (ISO 27035 Incident Manager) and IT security researchers – solve your most demanding information security challenges.

For quality reasons all our services are provided by our own salaried certified security specialists.

Christoph Baumgartner
CEO Oneconsult AG & Chairman Oneconsult International AG
Senior Security Consultant & IT Forensics Specialist

MSc UZH IS, ISO 27001 Senior Lead Auditor, OPST

Christoph Baumgartner founded Oneconsult AG in 2003 and has been Chief Executive Officer since. Together with Tobias Ellenberger he represents the operative management of Oneconsult group and heads the management team. Christoph is responsible for consulting, human resources, marketing, finance and administration. He holds a master’s degree in information systems from the university of Zurich and since 1996, he has been working as a consultant focusing on IT security and IT strategy with many years' experience as a project manager and consultant in a wide range of industries. Before setting up Oneconsult, Christoph has held a number of management positions at various respected system and security integrators. He specializes in ISO 27001 und ISO 27002 security audits, security guidelines and concepts, IT forensics as well as strategic consulting. Christoph is a certified ISO 27001 Senior Lead Auditor, an OSSTMM Professional Security Tester (OPST) and an ISECOM board member.

Tobias Ellenberger
COO Oneconsult AG & CEO Oneconsult Deutschland GmbH
Senior Security Consultant & IT Forensics Specialist

Mediamatiker EFZ, OPSA, OPST

Tobias Ellenberger is Chief Operating Officer at Oneconsult AG and a member of the operational management. Since 2017 Tobias is as well Chief Executive Officer of Oneconsult Deutschland GmbH. Together with Christoph Baumgartner, he is in charge of the strategic and operational management of the Oneconsult Group. Tobias is responsible for incident response & IT forensics, account management and strategic projects throughout the group. He also shares his expertise as a regular speaker at universities, trade fairs, customer events and seminars. He advises key accounts on the topics of cyber security and incident response and have held several positions as Chief Information Security Officer (CISO). Before joining Oneconsult in 2010 as a penetration tester and security consultant, he worked for various international companies in the fields of engineering and consulting. Tobias Ellenberger heads the CSIRT of Oneconsult International AG (OCINT-CSIRT). He is a board member of the Swiss Cyber Experts Association and a member of the «Cyber Security» commission of ICT Switzerland.

Tobias Castagna
Chief Technical Officer Oneconsult AG
Senior Penetration Tester & IT Forensics Specialist

BSc FH CS, GCFA, GCFE, OPST

Tobias Castagna is Chief Technical Officer at Oneconsult AG and has been a member of the extended management team since 2015. He is responsible for penetration testing. Tobias attended university at the Scuola Universitaria Professionale della Svizzera Italiana (SUPSI), and then at the Berner Fachhochschule (BFH) in Biel focusing on IT security. In 2009 he started at Oneconsult as a penetration tester and became a team leader in 2012 and department head in 2015. Tobias specializes in malware incident response and digital forensic investigations as well as penetration tests of (web) applications and mobile apps. He is a GIAC Certified Forensic Analyst (GCFA), a GIAC Certified Forensic Examiner (GCFE) and a certified OSSTMM Professional Security Tester (OPST).

Key ID: 0x39557F3A Key FP: 377C 8B8B BCC2 B352 CB2F B760 FE10 E6E9 3955 7F3A

Jan Alsenz
Chief Research Officer Oneconsult AG
Senior Penetration Tester & Security Consultant

MSc ETH CS, OPSA, OPST, OSSTMM Trainer

Jan Alsenz has been a member of the extended management team since 2010 and is Chief Research Officer since 2015. He leads the research team at Oneconsult, which analyzes and develops new exploits and attack scenarios, and publishes security advisories and specialist IT security articles. After his master’s degree in computer science at ETH Zurich, Jan joined Oneconsult in 2009 and has since been active in penetration testing and security consulting with a special focus on sophisticated technical audits (e.g. APT and SCADA), code reviews, reverse engineering, exploit development and training. Jan is a certified OSSTMM Professional Security Tester (OPST), OSSTMM Professional Security Analyst (OPSA), OSSTMM trainer and member of the ISECOM Core Team.

Michael von Arx
Head of Consulting
Senior Security Consultant

BSc FHO BA/BIT, Senior Information Security Consultant, ISO 27001 Lead Auditor, ISO 27005 Risk Manager, ITIL Foundation, COBIT 5 Foundation, IPMA Level D

studied Business Administration (BA) at the University of Applied Sciences St. Gallen and graduated in September 2015 as BSc FHO in BA. After his studies, he worked as a senior consultant in the Risk Advisory Team of one of the «Big Four» auditing firms. During this time Michael von Arx continued his education as a Certified Project Management Asso-ciate (IPMA Level D) and Certified Professional for Requirements Engineering (IREB). Since May 2018 he has been working at Oneconsult as an Information Security Consultant, since October 2018 as a Senior Information Security Consultant. He is Head of Consulting since August 2019. Michael is an ISO 27001 Lead Auditor, ISO 27005 Risk Manager, and ITIL Foundation as well as COBIT 5 Foundation certified.

Adrian Schoch
Head of Incident Response & IT Forensics
IT Forensics Specialist & Security Consultant

MSc ETH EEIT, ISO 27035 Lead Incident Manager, CERT-CSIH, GCIH, GCFA, OSCP, OPST

Adrian Schoch has studied Electrical Engineering and Information Technology at Swiss Federal Institute of Technology (ETH) in Zurich. During his master studies, he developed a viterbi decoder chip for 3G mobile telecommunications technology and worked as a software engineer for a leading semiconductor manufacturer. After earning his degree, Adrian was hired by one of the “Big Four” audit firms as a cyber security consultant where he reviewed IT security concepts and carried out vulnerability tests and mobile application security audits, amongst others. In June 2016, he joined Oneconsult as a penetration tester and IT forensics specialist and has been leading the incident response & IT forensics team since September 2016. Adrian is a ISO 27035 Lead Incident Manager, CERT-Certified Computer Security Incident Handler (CERT-CSIH), a GIAC Certified Incident Handler (GCIH), a GIAC Certified Forensic Analyst (GCFA), an Offensive Security Certified Professional (OSCP) and a certified OSSTMM Professional Security Tester (OPST).

Gregor Wegberg
Head of Security Service Automation
Senior Security Consultant & IT Forensics Specialist

MSc ETH CS, CAS in Leadership Basic IAP, ISO 27001 Lead Auditor, ISO 27035 Lead Incident Manager, OSCP, OPST, OPSA, eCDFP, PSM I, PSPO I, OCAJP8

After his IT apprenticeship with a focus on software development at a Swiss financial service provider, Gregor Wegberg decided to study computer science at the Swiss Federal Institute of Technology (ETH) in Zurich. During his studies, he specialized in information security and worked as a teaching assistant taking care of the ETH course “Applied Security Lab”. Furthermore, Gregor was employed as a part-time software engineer, being in charge, amongst others, for the requirements analysis and implementation of a solution for a large private bank. After graduating with a master’s degree in computer science (MSc ETH CS), he joined Oneconsult in January 2017 as a penetration tester and security consultant and is a senior security consultant & penetration tester since December 2017. Since August 2019 he is the Head Security Service Automation team. Gregor Wegberg holds a Certificate of Advanced Studies in Leadership from the IAP of the ZHAW and is a certified ISO 27001 Lead Auditor, ISO 27035 Lead Incident Manager, Offensive Security Certified Professional (OSCP), OSSTMM Professional Security Tester (OPST) and OSSTMM Professional Security Analyst (OPSA), eLearnSecurity Certified Digital Forensics Professional (eCDFP), Professional Scrum Master I (PSM I), Professional Scrum Product Owner I (PSPO I), Oracle Certified Associate and Java SE 8 Programmer (OCAJP8).

Thomas Tunkel
Head of Sales

Thomas Tunkel has many years of managerial experience in the service industry in the German- and English-speaking world. Beginning in 1999, he turned to strategy implementation and gained experience in sales, customer orientation and management. Thomas is a lecturer for sales, project management and organization at various colleges and educational institutes and joined Oneconsult in April 2017 as a Security Sales Executive. He is Head of Sales since August 2017.

Zeynep Knobel
Head of Resource & Backoffice Management
Dipl. Betriebswirtschafterin HF

After finishing her commercial education at a vocational high school, Zeynep Knobel (ex Coblar) studied at the business school in Rapperswil where she gained her Advanced Federal Diploma of Higher Education in Business Administration. Before joining Oneconsult in March 2015, she worked as a managing clerk and sales manager for a transport organization and two international trading companies. Since July 2016, Zeynep has been leading the backoffice team and is responsible for proposal management, project planning as well as invoicing.

Marco Wohler
Head of IT
System Engineer & Penetration Tester

Informatiker EFZ, GCED, OPST

Already during his apprenticeship and professional activity in logistics, Marco Wohler was interested in computer science. This is why he decided to attend a vocational college to do an IT apprenticeship. During his practical training, Marco has gained extensive experience with Linux and Windows systems as well as in IT support, release and project management. Since November 2014 he has been employed as a system engineer and penetration tester at Oneconsult; since October 2018 he has also been leading the IT team. Marco is a GIAC Certified Enterprise Defender (GCED) and a certified OSSTMM Professional Security Tester (OPST).

Yves Kraft
Branch Manager Bern
Senior Penetration Tester & Security Consultant

BSc FH CS, ISO 27001 Lead Auditor, OSCP, OPST, OPSA & OPSE, CTT+, SVEB 1, OSSTMM Trainer

After his IT apprenticeship in the public administration, Yves Kraft worked as a system engineer for an IT service provider in financial services and public administration among other industries. Next, he studied computer science at the Berner Fachhochschule in Biel with a focus on IT security, while working for a large Swiss university as a system administrator. Since February 2011, Yves has been working as a security consultant at Oneconsult, focusing on penetration tests, security consulting and training. He was promoted to team leader in 2013 and branch manager Bern in 2015. Yves is an Offensive Security Certified Professional (OSCP), a certified OSSTMM Professional Security Tester (OPST), OSSTMM Professional Security Analyst (OPSA), OSSTMM Professional Security Expert (OPSE), OSSTMM trainer, ISO 27001 Lead Auditor and CompTIA Certified Technical Trainer (CTT+) and owns the SVEB certificate (Level 1).

Rafael Scheel
Branch Manager Munich
Senior Penetration Tester, IT Forensics Specialist & Security Researcher

BSc BIT, OSCP, GREM, OPST

Rafael Scheel finished his IT apprenticeship at the ETH Institute for Snow and Avalanche Research with a thesis on intrusion detection systems in 2011. Afterwards, he enrolled at the Lucerne University of Applied Sciences and Arts to study business information technology and gained his BSc BIT degree in September 2015. At the beginning of his studies he worked part-time in the field of network security for a leading Swiss IT security vendor. In March 2014, Rafael joined Oneconsult focusing on penetration testing and security research with an emphasis on exploit development and became branch manager Munich in June 2017. He is an Offensive Security Certified Professional (OSCP), holds the GIAC Reverse Engineering Malware (GREM) certificate and is an OSSTMM Professional Security Tester (OPST).

Claudio Anliker
Team Leader Penetration Testing
Senior Penetration Tester

MSc UZH in Informatics, OSCE, OSCP, OPST

Claudio Anliker studied computer science at the University of Zurich and gained his master degree (MSc in Informatics UZH). The focus of his bachelor studies was the development of software systems. During his master, Claudio focused on information security. Claudio has been working as a penetration tester at Oneconsult since May 2016 and became a senior penetration tester in April 2018. Due to his achievements he was promoted to Team Leader Penetration Testing in November 2019. Claudio is an Offensive Security Certified Expert (OCSE), an Offensive Security Certified Professional (OSCP) and a certified OSSTMM Professional Security Tester (OPST).

Fabian Gonzalez
Team Leader Penetration Testing
Senior Penetration Tester

BSc FHO CS, GXPN, OSCE, OSCP, OPST

Fabian Gonzalez completed his apprenticeship in information technology with a focus on systems engineering at a Swiss major bank. During this time, he worked for one and a half years in the Security Operations Center (SOC). Afterwards Fabian studied information technology at the University of Applied Sciences Rapperswil and finished 2014 with a BSc FH degree in computer science. He then worked at one of the „Big Four” auditing companies as an information security consultant. Fabian joined Oneconsult in January 2016 as a penetration tester and became a senior penetration tester in April 2018. Due to his achievements he was promoted to Team Leader Penetration Testing in November 2019. Fabian is a GIAC Exploit Researcher and Advanced Penetration Tester (GXPN), an Offensive Security Certified Expert (OSCE) and an Offensive Security Certified Professional (OSCP) and is a certified OSSTMM Professional Security Tester (OPST).