AHMED ALGHAMDI
Riyadh,01
Summary
a Cybersecurity Professional with experience completing multiple tasks in Cyber Defense , with desire to create a safe environment.
Overview
5
5
years of professional experience
Work History
Incident Responder
Saudi Electricity Company
01.2023 - Current
- Conducted thorough post-incident analysis, identifying root causes and lessons learned to prevent future occurrences.
- Investigate on escalated security alerts.
- Creating use-cases/watchlists on both EDR/XDR and SIEM Solution based on MITRE ATT&CK.
- Update and enhance Incident Response Plan.
- Conducting compromised assessments on critical servers.
- Identifying root cause of use-cases
- Handling all NCA updates and alerts.
- Initiate security tools assessment initiative.
- Enhanced incident response efficiency by developing and implementing comprehensive incident management processes.
- Provided ongoing training and support for Incident Response Team members, fostering a culture of continuous improvement and professional development.
- Analyzed network security and current infrastructure, assessing areas in need of improvement.
- Collaborated with external partners to share threat intelligence, enhancing the organization''s ability to detect and respond to emerging threats.
- Perform behavior and static analysis of malware samples to understand their behavior.
Splunk Admin
Saudi Electricity Company
01.2022 - 12.2022
- Daily activities checking health check of the system and guarantee that all data sources sending the logs into Splunk successfully.
- integrating new security controls with Splunk
- Create and Review Use cases on Splunk
- Review Data Sources and Evaluate the quality of the data being ingested into Splunk
- Enhanced system performance by optimizing Splunk queries and dashboards.
- Reduced incident response times with efficient use of Splunk alerts and notifications.
SOC Analyst
Saudi Electricity Company
01.2021 - 12.2021
- Monitored real-time security alerts to identify potential threats, significantly reducing incident response times.
- Dealing and deep dive on EDR alerts.
- Handling Phishing Ticketing System.
- Follow-up with CTI and PT reports.
IT Auditor
Human Resources Fund
05.2020 - 12.2020
- Review NCA Cyber Security Regulations
- Perform Cybersecurity Audit on IT and Information Security Departments
Education
Bachelor of Science - Cybersecurity
Marymount University
Virginia - USA12.2019
Skills
Compromise Assessment: Splunk and EDR
SIEM Solutions: Splunk
EDR/XDR Solutions: Carbon Black and Cortex XDR
TIP Solutions: Anomali and Recorded Future
Malware Analysis: Static, Dynamic and code Analysis
Threat Hunting: YARA and Sigma Rules
Programming languages: Java
Timeline
Incident Responder
Saudi Electricity Company
01.2023 - Current
Splunk Admin
Saudi Electricity Company
01.2022 - 12.2022
SOC Analyst
Saudi Electricity Company
01.2021 - 12.2021
IT Auditor
Human Resources Fund
05.2020 - 12.2020
Bachelor of Science - Cybersecurity
Marymount University
Similar Profiles
Salem AlfarajSalem Alfaraj
Generation Engineer at saudi electricity companyGeneration Engineer at saudi electricity company
BASIM ABU AWWAHBASIM ABU AWWAH
Technician at Saudi Electricity CompanyTechnician at Saudi Electricity Company
Saud AlamraniSaud Alamrani
Electrical Maintenance Distribution at Saudi Electricity CompanyElectrical Maintenance Distribution at Saudi Electricity Company
Sultan Dhahian Al-DajaniSultan Dhahian Al-Dajani
Trainee Electrical Engineer at Saudi Electricity CompanyTrainee Electrical Engineer at Saudi Electricity Company
SHAIMAA NADY SALEM ALISHAIMAA NADY SALEM ALI
KG teacher at KIDS SARAY INTRNATIONAL SCHOOLKG teacher at KIDS SARAY INTRNATIONAL SCHOOL