AHMED ALGHAMDI
Riyadh,01
Summary
a Cybersecurity Professional with experience completing multiple tasks in Cyber Defense , with desire to create a safe environment.
Overview
5
5
years of professional experience
Work History
Incident Responder
Saudi Electricity Company
01.2023 - Current
- Conducted thorough post-incident analysis, identifying root causes and lessons learned to prevent future occurrences.
- Investigate on escalated security alerts.
- Creating use-cases/watchlists on both EDR/XDR and SIEM Solution based on MITRE ATT&CK.
- Update and enhance Incident Response Plan.
- Conducting compromised assessments on critical servers.
- Identifying root cause of use-cases
- Handling all NCA updates and alerts.
- Initiate security tools assessment initiative.
- Enhanced incident response efficiency by developing and implementing comprehensive incident management processes.
- Provided ongoing training and support for Incident Response Team members, fostering a culture of continuous improvement and professional development.
- Analyzed network security and current infrastructure, assessing areas in need of improvement.
- Collaborated with external partners to share threat intelligence, enhancing the organization''s ability to detect and respond to emerging threats.
- Perform behavior and static analysis of malware samples to understand their behavior.
Splunk Admin
Saudi Electricity Company
01.2022 - 12.2022
- Daily activities checking health check of the system and guarantee that all data sources sending the logs into Splunk successfully.
- integrating new security controls with Splunk
- Create and Review Use cases on Splunk
- Review Data Sources and Evaluate the quality of the data being ingested into Splunk
- Enhanced system performance by optimizing Splunk queries and dashboards.
- Reduced incident response times with efficient use of Splunk alerts and notifications.
SOC Analyst
Saudi Electricity Company
01.2021 - 12.2021
- Monitored real-time security alerts to identify potential threats, significantly reducing incident response times.
- Dealing and deep dive on EDR alerts.
- Handling Phishing Ticketing System.
- Follow-up with CTI and PT reports.
IT Auditor
Human Resources Fund
05.2020 - 12.2020
- Review NCA Cyber Security Regulations
- Perform Cybersecurity Audit on IT and Information Security Departments
Education
Bachelor of Science - Cybersecurity
Marymount University
Virginia - USA12.2019
Skills
Compromise Assessment: Splunk and EDR
SIEM Solutions: Splunk
EDR/XDR Solutions: Carbon Black and Cortex XDR
TIP Solutions: Anomali and Recorded Future
Malware Analysis: Static, Dynamic and code Analysis
Threat Hunting: YARA and Sigma Rules
Programming languages: Java
Timeline
Incident Responder
Saudi Electricity Company
01.2023 - Current
Splunk Admin
Saudi Electricity Company
01.2022 - 12.2022
SOC Analyst
Saudi Electricity Company
01.2021 - 12.2021
IT Auditor
Human Resources Fund
05.2020 - 12.2020
Bachelor of Science - Cybersecurity
Marymount University
Similar Profiles
Giby JosephGiby Joseph
Section Head / Sr. System Specialist at Saudi Electricity CompanySection Head / Sr. System Specialist at Saudi Electricity Company
Reem AlateeqReem Alateeq
Executives HR Services Analyst at Saudi Electricity CompanyExecutives HR Services Analyst at Saudi Electricity Company
Yazeed Al-JaberYazeed Al-Jaber
Senior Program Manager at Saudi Electricity CompanySenior Program Manager at Saudi Electricity Company