Description

I am a cybersecurity professional with 9 years of hands-on experience in Security Operations Centers (SOC), currently leading L1 and L2 analysts as a SOC Team Lead. Skilled in incident response, threat hunting, vulnerability management, and SIEM solutions including Splunk, QRadar, McAfee ESM, and Elastic Stack. Proven ability to coordinate with MSSP and MDR providers, drive SOC automation, and deliver clear, actionable intelligence to senior leadership. Holds a

B.Sc

. in Electronics & Communications Engineering and multiple certifications including EC-Council CSA and CCNA Cyber Ops. Known for strong communication, analytical thinking, and a passion for advancing cybersecurity capabilities in high-stakes environments.

Languages

Arabic
Native or bilingual
English
Fluent

Workplace preferences

Can work on-site

Dubai (up to 50km)

HelpAG
SOC Team Lead
December 2024 - Today (1 year and 6 months)
Abu Dhabi - United Arab Emirates
• Primary liaison between MSSP, MDR teams, and the client's IT Team to ensure compliance to SLA and polices of the client.
• Analyze the SOC service performance, industry threats, advisories, and general industry developments on a continuance basis.
• Provide advice for automating & enhancing the ongoing SOC operations as well as general cybersecurity improvements.
• Creation of reports, dashboards to measure SOC operations effectiveness and presentation to Senior Management.
• Work with IT team to implement vuln management, endpoint protection.
• Support L2 SOC Analysts in contextualizing the alerts.
• Support Cyber Threat Intelligence Analysts.
Cybersecurity Splunk Risk analysis Tech Lead
PureHealth
L2 SOC Analyst - Shift Lead
September 2022 - December 2024 (2 years and 3 months)
Abu Dhabi - United Arab Emirates
• Incident Handling: I am responsible for investigating and responding to security incidents, such as malware infections, data breaches, and unauthorized access attempts. As well as collaborate with other teams to coordinate the incident response process effectively.
• Intrusion Detection: Monitoring security alerts and logs from various security devices, including firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint protection platforms, to identify suspicious or malicious activities.
• Threat Hunting: Proactively searching for advanced threats and vulnerabilities within the organization's network and systems, often using threat intelligence feeds and advanced analytics.
• Analysis and Triage: Conducting in-depth analysis of security events to determine their severity and impact, and prioritizing incidents based on their risk level.
• Malware Analysis: Performing basic analysis of malware samples to understand their behavior and potential impact on the organization's infrastructure.
• Network Traffic Analysis: Analyzing network traffic patterns to detect anomalies and potential security breaches.
• Security Tool Management: Managing and maintaining security tools used in the SOC, including SIEM, EDR, E-Mail Gateway, Web Security Gateway and other security monitoring tools.
HelpAG
Senior SOC Analyst
May 2021 - September 2022 (1 year and 4 months)
Dubai - United Arab Emirates
• Working in rotating shifts within a 24/7 operating environment to provide analysis and trends of security log data from a large number of heterogeneous IT security devices and forensic analysis.
• Provide input on fine-tuning and optimization of security systems.
• Review SOC ticket queue regularly for closure or reassignment as needed.
• Provide threat and vulnerability analysis as well as security advisory services.
• Provide Incident Response when analysis confirms an actionable incident.
• Analyze and respond to undisclosed software and hardware vulnerabilities.
• Create/review/modify documentation as needed, to ensure they are up to date.
• Create daily Shift Handoff and summary and send them to all shifts as needed.
• Assist Team Leads with daily/weekly/monthly reporting, projects, and administrative work as needed.
• Integrate and share information with other analysts and other teams, participate in evaluating, recommending, implementing, and troubleshooting security solutions, and evaluating IT security of the new IT Infrastructure systems.
• Answer SOC incoming phone calls/emails and triage phone calls/emails that are not related to monitoring.
• Maintain a high degree of awareness of the current and emerging threat landscape and Zero-day exploits, Staying up to date with applicable regulatory security requirements
• Drive innovation and enhancements to SOC security processes by testing and promoting new initiatives or approaches.