AHMED ALGHAMDI
Riyadh,01
Summary
a Cybersecurity Professional with experience completing multiple tasks in Cyber Defense , with desire to create a safe environment.
Overview
5
5
years of professional experience
Work History
Incident Responder
Saudi Electricity Company
01.2023 - Current
- Conducted thorough post-incident analysis, identifying root causes and lessons learned to prevent future occurrences.
- Investigate on escalated security alerts.
- Creating use-cases/watchlists on both EDR/XDR and SIEM Solution based on MITRE ATT&CK.
- Update and enhance Incident Response Plan.
- Conducting compromised assessments on critical servers.
- Identifying root cause of use-cases
- Handling all NCA updates and alerts.
- Initiate security tools assessment initiative.
- Enhanced incident response efficiency by developing and implementing comprehensive incident management processes.
- Provided ongoing training and support for Incident Response Team members, fostering a culture of continuous improvement and professional development.
- Analyzed network security and current infrastructure, assessing areas in need of improvement.
- Collaborated with external partners to share threat intelligence, enhancing the organization''s ability to detect and respond to emerging threats.
- Perform behavior and static analysis of malware samples to understand their behavior.
Splunk Admin
Saudi Electricity Company
01.2022 - 12.2022
- Daily activities checking health check of the system and guarantee that all data sources sending the logs into Splunk successfully.
- integrating new security controls with Splunk
- Create and Review Use cases on Splunk
- Review Data Sources and Evaluate the quality of the data being ingested into Splunk
- Enhanced system performance by optimizing Splunk queries and dashboards.
- Reduced incident response times with efficient use of Splunk alerts and notifications.
SOC Analyst
Saudi Electricity Company
01.2021 - 12.2021
- Monitored real-time security alerts to identify potential threats, significantly reducing incident response times.
- Dealing and deep dive on EDR alerts.
- Handling Phishing Ticketing System.
- Follow-up with CTI and PT reports.
IT Auditor
Human Resources Fund
05.2020 - 12.2020
- Review NCA Cyber Security Regulations
- Perform Cybersecurity Audit on IT and Information Security Departments
Education
Bachelor of Science - Cybersecurity
Marymount University
Virginia - USA12.2019
Skills
Compromise Assessment: Splunk and EDR
SIEM Solutions: Splunk
EDR/XDR Solutions: Carbon Black and Cortex XDR
TIP Solutions: Anomali and Recorded Future
Malware Analysis: Static, Dynamic and code Analysis
Threat Hunting: YARA and Sigma Rules
Programming languages: Java
Timeline
Incident Responder
Saudi Electricity Company
01.2023 - Current
Splunk Admin
Saudi Electricity Company
01.2022 - 12.2022
SOC Analyst
Saudi Electricity Company
01.2021 - 12.2021
IT Auditor
Human Resources Fund
05.2020 - 12.2020
Bachelor of Science - Cybersecurity
Marymount University
Similar Profiles
Nasser AlhothilyNasser Alhothily
Network operator at Saudi Electricity Company, Alkharj, Saudi ArabiaNetwork operator at Saudi Electricity Company, Alkharj, Saudi Arabia
MOHAMMED AWADH ALSHABANMOHAMMED AWADH ALSHABAN
Root Cause Analyst – Outages & Failures at Saudi electricity company. designtec consultingRoot Cause Analyst – Outages & Failures at Saudi electricity company. designtec consulting
moathe alnajemmoathe alnajem
IT Intern (Cooperative Training) at Saudi Electricity Company (SCECO)IT Intern (Cooperative Training) at Saudi Electricity Company (SCECO)
HASSAN SAYEED HASSAN HURESHIHASSAN SAYEED HASSAN HURESHI
Electricalt Engineer (Design & Support) at Saudi Electricity Company (SEC), Generation – Western SectorElectricalt Engineer (Design & Support) at Saudi Electricity Company (SEC), Generation – Western Sector
Omar MesallamOmar Mesallam
Investment Team Intern at Access Bridge VenturesInvestment Team Intern at Access Bridge Ventures