Summary
Overview
Work History
Education
Skills
Certification
Accomplishments
Languages
Timeline
Generic

Ahmad Kokandi

Riyadh

Summary

Dynamic security professional with extensive experience at Aljazira Bank, specializing in threat intelligence and incident response. Proven track record in enhancing detection capabilities and reducing false negatives through custom rule development. Adept at cross-team collaboration and mentoring, leveraging skills in Splunk and the MITRE ATT&CK framework to drive impactful security outcomes.

Overview

5
5
years of professional experience
1
1
Certification

Work History

Assistant Manager – Security Threat Intelligence

Aljazira Bank
Riyadh
03.2022 - Current
  • Led threat intelligence operations using Splunk and threat intel platforms to detect advanced threats targeting the financial sector.
  • Created structured APT reports using the MITRE ATT&CK framework, supporting SAMA regulatory requirements and internal decision-making.
  • Enhanced threat detection coverage by developing custom detection rules and IOC-based searches, reducing false negatives by 25%.
  • Led monthly threat briefings with IT risk and incident response teams to communicate evolving threats and attack trends.
  • Conducted in-depth malware and phishing investigations, supporting digital forensics activities.
  • Mentored junior analysts on threat research, IOC extraction, and analytical methodologies.
  • Played a key role in cyber tabletop exercises and audits, improving IR readiness and compliance posture.
  • Maintained active relationships with external TI vendors and FS-ISAC to stay informed of sector-specific threats.

SOC Analyst – Level 2

TCS at Bank Aljazira
Jeddah
11.2020 - 02.2022
  • Monitored security alerts from multiple sources using SIEM (Splunk), escalating critical incidents and performing triage.
  • Investigated phishing emails and malicious attachments, contributing to weekly phishing campaign threat profiles.
  • Assisted in developing detection logic and refining alert tuning to reduce noise by 30%.
  • Collaborated with IR team during incidents to collect artifacts and extract indicators.
  • Authored daily operational reports and incident summaries used by senior security stakeholders.

Education

Bachelor of Science - Cyber Forensics and Information Security

Robert Morris University
Moon Township, PA
09.2019

Skills

  • Threat Intelligence: MITRE ATT&CK
  • TIP Platforms
  • MISP
  • IOC Management
  • Threat Actor Profiling
  • Detection & Response: Splunk
  • SIEM
  • Incident Triage
  • Malware Analysis
  • YARA
  • Sigma Rules
  • Threat Hunting: IOC Collection
  • Custom Rule Development
  • APT TTP Tracking
  • Anomaly Detection
  • Frameworks & Compliance: SAMA
  • Cyber Kill Chain
  • Communication & Leadership: Cross-team Collaboration
  • Report Writing
  • Executive Briefing
  • Team Mentoring

Certification

  • Certified Ethical Hacker (CEHv12), EC-Council, 07/23
  • Certified Threat Intelligence Analyst (CTIA), EC-Council, 10/23
  • CompTIA CySA+, 05/25
  • GCIH in progress

Accomplishments

  • Recognized by senior management for exceptional threat intelligence reporting and response support in 2023.
  • Enabled executive decision-making through monthly threat reports tailored to business risk.
  • Developed playbooks that identified 15+ hidden threats and enhanced detection rule logic by 30%.
  • Supported compliance audits and SAMA threat intel reporting with no major findings.

Languages

  • Arabic, Native
  • English, Fluent

Timeline

Assistant Manager – Security Threat Intelligence

Aljazira Bank
03.2022 - Current

SOC Analyst – Level 2

TCS at Bank Aljazira
11.2020 - 02.2022

Bachelor of Science - Cyber Forensics and Information Security

Robert Morris University

Similar Profiles

CREATE PROFILE
Ahmad Kokandi