Description

I help businesses strengthen their security posture by combining hands on SOC expertise, threat intelligence analysis, and proactive defense strategies. With experience supporting a UK government department and managing high stakes security operations, I know how to balance technical depth with clear communication to stakeholders.

What I bring to the table:

SOC Experience: Skilled in incident response, log analysis, and complex troubleshooting.

Threat Intelligence & Detection: Designed canary token deployments to detect unauthorized access attempts.

Security Operations & Defense: Built and reported on privileged access activities, ensuring compliance and actionable insights.

System & Infrastructure Security: Knowledge across Windows, Linux, Active Directory, and virtualization environments.

Crypto/Web3 Security Enthusiasm: Actively building expertise in blockchain, smart contract security, and DeFi threat models.

SKILLS

Languages

English
Native or bilingual

Workplace preferences

Can work on-site

Dubai (up to 50km)

Microsoft Corporation
Security Engineer II
April 2023 - Today (3 years and 2 months)
London, UK
Led advanced threat hunting operations for critical healthcare infrastructure
• Advanced Threat Hunting Leadership: Conducted proactive threat hunting across Microsoft's AI-powered healthcare environments, utilizing advanced SIEM analytics and threat intelligence correlation to identify sophisticated threats and APTs before impact
• Senior Incident Response: Led complex security incident investigations for high-value government client (HMRC), conducting detailed kill chain analysis and implementing MITRE ATT&CK framework methodologies to trace attack progression and implement containment strategies
• Custom Detection Development: Designed and implemented advanced KQL queries and detection rules in Microsoft Sentinel, creating custom analytics that improved threat detection capabilities by 40% while reducing false positive rates by 60%
• Threat Intelligence Analysis: Conducted comprehensive threat intelligence assessments, correlating IOCs across multiple sources and providing strategic recommendations that enhanced proactive defense capabilities and threat visibility
• Security Operations Leadership: Represented SOC team in executive briefings and cross-functional security meetings, providing expert analysis of threat landscapes and driving continuous improvement in security operations processes
• Advanced Analytics Implementation: Deployed sophisticated detection mechanisms including canary tokens and deception-based controls, establishing advanced threat detection capabilities across critical infrastructure environments
• Junior Analyst Mentorship: Provided technical guidance and knowledge transfer to junior security team members during complex investigations, ensuring skill development and operational excellence across security operations
Threat Hunting Cybersecurity Sentinel Engineering Implementation
Arqit Quantum Encryption
CSOC Security Analyst
April 2022 - March 2023 (11 months)
London, UK
• Advanced Security Analysis: Conducted sophisticated threat analysis of critical applications using advanced toolsets (Process Explorer, Nmap, Burp Suite), performing deep-dive investigations to identify potential security threats and attack vectors
• Threat Detection & Investigation: Led comprehensive security assessments and threat hunting activities, analyzing network connections, system processes, and application behaviors to detect advanced persistent threats and malicious activity
• Security Operations Process Improvement: Developed and implemented enhanced security assessment procedures and threat detection methodologies, improving overall security posture and threat identification capabilities
• Technical Reporting & Analysis: Produced detailed threat analysis reports and security assessments for leadership, providing actionable intelligence and strategic recommendations for security operations enhancement
Cyberclan/Cyjax
SOC Analyst
August 2019 - December 2021 (2 years and 4 months)
London, UK
• 24/7 Security Operations: Round-the-clock security monitoring and incident response operations, analyzing an average of 100+ security events monthly using advanced SIEM platforms and threat intelligence feeds
• Advanced Incident Investigation: Conducted sophisticated cybersecurity investigations including Business Email Compromise (BEC) cases, utilizing Hawk PowerShell and forensic analysis techniques to trace attack sources and identify compromise indicators
• Threat Intelligence Correlation: Analyzed complex security events to identify intrusions, malicious activity, and advanced persistent threats, correlating IOCs across multiple intelligence sources to enhance threat detection accuracy
• Client Communication & Escalation: Managed security incident communications with enterprise clients, providing detailed technical analysis and coordinating response activities while maintaining SLA compliance and customer satisfaction