AHMED ALANAZI
SOC Analyst L2 - Threat Hunter
Riyadh
Summary
Highly skilled Cybersecurity professional with 8 years of experience providing top-notch security services to clients in various sectors. Successfully transitioned from IT Business Development and IT Lead roles to a SOC L2 Threat Hunter, demonstrating my adaptability and versatility. Expertise in monitoring and analyzing network traffic, identifying potential security threats, and responding to security incidents. Known for my technical expertise, analytical skills, and ability to collaborate with cross-functional teams to develop and implement security strategies. Recognized for my successful performance in SOC L1, VAPT, and IT Lead roles. A proactive and result-driven team player with a passion for Cybersecurity and a commitment to delivering high-quality services.
Overview
9
9
years of professional experience
4
4
years of post-secondary education
7
7
Certifications
2
2
Languages
Work History
SOC L2 - Threat Hunter
Security Matterz
03.2022 - Current
- Threat intelligence: Understanding of the latest threats and threat actors, as well as the ability to analyze threat intelligence feeds to identify new and emerging threats.
- Incident response: Experience with incident response methodologies and the ability to investigate and remediate security incidents.
- Network and system analysis: Knowledge of network protocols, operating systems, and applications to analyze network traffic and system logs for signs of malicious activity.
- Data analysis and visualization: Ability to analyze large volumes of data to identify patterns and anomalies, and present findings in a clear and concise manner.
- Malware analysis: Understanding of malware analysis techniques to identify and analyze malware samples and understand their behavior.
- Threat hunting tools: Familiarity with various threat hunting tools such as SIEM, EDR, and threat intelligence platforms.
- Communication and collaboration: Ability to communicate effectively with cross-functional teams, including security analysts, incident responders, and IT teams, to share findings and develop response plans.
- Continuous learning: A strong desire to continuously learn and stay up-to-date with the latest security trends, tools, and techniques.
SOC Analyst and VAPT
Riyad Bank
08.2020 - 03.2022
- Perform vulnerability assessments and penetration testing to identify and mitigate security risks
- Conduct security assessments and audits to ensure compliance with industry standards and regulations
- Collaborate with cross-functional teams to identify security gaps and develop solutions
- Provide recommendations for improving security posture
- Monitor security events and alerts to identify potential security threats
- Investigate security incidents and provide timely and effective response
- Assist in the development of security policies and procedures
- Maintain and update security tools and technologies
- Collaborate with cross-functional teams to identify security gaps and develop solutions
IT Support Team Lead
Almaali Hospital
01.2018 - 01.2020
- Manage IT projects and oversee the development and implementation of IT solutions
- Supervise a team of IT professionals to ensure the delivery of high-quality services
- Collaborate with cross-functional teams to identify and address IT-related issues
- Develop and maintain IT policies and procedures
- Ensure compliance with industry standards and regulations
Senior IT Support Engineer
Almaali Hospital
01.2017 - 01.2018
- Provide technical support to end-users on hardware, software, and network-related issues
- Troubleshoot and resolve technical problems in a timely and efficient manner
- Install, configure, and maintain hardware and software systems
- Collaborate with cross-functional teams to identify and address IT-related issues
- Develop and maintain IT policies and procedures
- Ensure compliance with industry standards and regulations
IT Business Development
ATS Company
01.2014 - 01.2016
- Identify potential business opportunities and develop strategies to generate revenue in the IT industry
- Build and maintain strong relationships with clients and partners
- Analyze market trends and competitors to develop marketing and sales strategies
- Collaborate with cross-functional teams to develop and implement business plans
- Ensure customer satisfaction through the delivery of high-quality services
Education
Computer Science & Engineering Technology in KFUPM
King Fahd University of Petroleum And Minerals
10.2010 - 06.2014
Skills
Endpoint Detection and Response (EDR,XDR)
Log and Network Traffic Analysis
Security Analytics
Cyber Threat Hunting Methodologies
Cyber Threat Intelligence Analysis
Behavioral Analytics
Security Incident Response
Security Automation and Orchestration - SOAR
Open-Source Threat Intelligence Tools
OSINT (Open Source Intelligence) Tools and Techniques
Vulnerability Assessment and Penetration Tester
Malware Analysis and Reverse Engineering
Experience with threat hunting frameworks and methodologies, such as the Diamond Model, Cyber Kill Chain, or MITRE ATT&CK
Understanding of the incident response process and the ability to communicate effectively with other teams during the response effort
Ability to document and report on threat hunting activities, including writing clear and concise reports detailing findings and recommendations
Ability to perform analysis of malware and other malicious artifacts to understand the nature of the threat and determine potential impact
Certification
Certified Threat Hunting Professional - eCTHPv2
Training
- INE - eLearnSecurity Certified Digital Forensics Professional
- INE - eLearnSecurity Certified Incident Reponder
- INE - eLearnSecurity Malware Analysis Professional
- Advanced Incident Response, Threat Hunting, and Digital Forensics
- ISC CISSP Course Through Cybrary
- ISACA CISM course through Udemy
- Cisco CCNA Course Through PluralSight
- Python Programming Course Through PluralSight
- Splunk Fundamentals 1 and 2
- Microsoft MCITP and MCSE
Software & Tools
SIEM Solutions:
Splunk - ELK - ArcSight - RSA Netwitness - LogRhythm
EDR & NDR:
FireEye NX - RSA Netwitness NDR - FireEye HX - RSA Netwitness EDR - VMWare CarbonBlack - Symantec - Kaspersky - TrendMicro Apex One
Tools:
WireShark - Network Miner - Autopsy - Volatility - FTK Imager - Empire Powershell - Metasploit - PowerSploit - Searchsploit - Social Engineer Toolkit (SET) - Responder - BloodHound - Mimikatz - Nishang s - BeEF - GoPhish - aircrack-ng - burpsuite - crunch - DirBuster - gobuster - hydra/xhydra - john the ripper - maltego - metasploit- ncat - powercat - nmap - openvas F-Responder - sqlmap - wfuzz
Programming Language
Python - Java and javascript - C/C++ - SQL - Perl - Powershell -Bash - YARA - SIGMA - Splunk Processing Language (SPL) - ELK (Elasticsearch, Logstash, Kibana)
Timeline
Certified Red Team Professional - CRTP
03-2023
Certified Threat Hunting Professional - eCTHPv2
12-2022
Netwitness XDR Certified Administrator
11-2022
Netwitness XDR Certified Associate
10-2022
Netwitness XDR Certified Analyst
10-2022
SOC L2 - Threat Hunter
Security Matterz
03.2022 - Current
Junior Penetration Tester - eJPT
06-2021
CompTIA - Security+
01-2021
SOC Analyst and VAPT
Riyad Bank
08.2020 - 03.2022
IT Support Team Lead
Almaali Hospital
01.2018 - 01.2020
Senior IT Support Engineer
Almaali Hospital
01.2017 - 01.2018
IT Business Development
ATS Company
01.2014 - 01.2016
Computer Science & Engineering Technology in KFUPM
King Fahd University of Petroleum And Minerals
10.2010 - 06.2014