Arwa Al-Hnaiani
Digitial Forensics and Incident Response
Riyadh
Summary
Cybersecurity Digital Forensics and Incident Response Specialist - Highly skilled and analytical Cybersecurity Incident Response Specialist with +4 years experience in incident handling, threat hunting, and security monitoring. Proficient in utilizing various security tools and technologies, and possesses multiple industry certifications. Seeking a challenging role leveraging expertise to enhance organizational cybersecurity posture.
Overview
5
5
years of professional experience
6
6
Certifications
Work History
Incifent Response Consultant
Innovative Solutions
04.2025 - Current
- Conducted Compromise Assessments (CAs) across clients environments.
- Developed IR documents, procedures, and reporting templates to standardize response activities.
- Conduct in-depth forensic analysis of endpoints and servers using industry tools.
Cybersecurity Incident Response Specialist
Riyadh Bank
05.2023 - 01.2025
- Responded to and investigated security incidents as a key member of the cybersecurity defense team.
- Conducted in-depth analysis of malware, phishing emails, and network traffic using various tools.
- Implemented mitigation strategies, developed playbooks, and documented incident response procedures.
Cybersecurity Defense Specialist
sirar by STC
10.2022 - 05.2023
- Coordinated the monitoring process as a shift lead within a Managed Security Service Provider (MSSP) environment. Enhanced use cases and improved service delivery to customers.
Cybersecurity Defense Analyst
sirar by STC
01.2021 - 10.2022
- Monitored and analyzed security alerts, and preparing reports for multiple clients within MSSP environment. Utilized SIEM solutions (Splunk & ArcSight) for security event monitoring and analysis.
Education
Bachelor of Science - Information Technology
Qassim University
05.2020
Skills
Incident Response:
Forensics Investigation Root-Cause Analysis Network and PCAP Analysis Timeline Analysis Malware and Email Analysis Threat Hunting Mitigation and Lesson-Learned Actions Incident Reports Compromise Assessment
Security Monitoring & Detection: Security Logs Validation and Integration Use-case development and enhancement SOC (Daily, Weekly, Monthly) Reports Writing Playbooks MITRE ATT&CK® framework
Tools and Technology:
Technical Assessment and Evaluation of Security Tools and Controls SIEM, EDR, NDR, UBA, Email Security, Sandbox Linux and Windows Investigation Tools (For example: Velociraptor, KAPE, Volatility, EZ Tools, FTK Imager, Redline, Autopsy, Wireshark) SNORT, YARA, and SIGMA Rules
Root-Cause AnalysisNetwork and PCAP AnalysisTimeline AnalysisMalware and Email AnalysisThreat HuntingMitigation and Lesson-Learned ActionsIncident ReportsSecurity Monitoring & Detection: Security Logs ValidationUss-case development and enhancementSOC (Daily, Weekly, Monthly) ReportsWriting PlaybooksMITRE ATT&CK frameworkTechnical Skills: Conducting Technical Assessment and Evaluation of Security Tools and ControlsSIEM, EDR, NDR, UBA, Email Security, SandboxLinux and WindowsInvestigation Tools Including (Volatility, EZ Tools, Redline, Autopsy, Wireshark, Kali Linux)SNORT, YARA, and SIGMA RulesCertification
SANS GCIA – SEC503 (Advisory Board Member)
Training
- APR 2019 – AUG 2019
- Tuwaiq Cybersecurity Bootcamp | Saudi Federation for Cybersecurity, Programming and Drones | Riyadh, SA
- Completed 5 courses, earning 3 certificates in penetration testing techniques and tools.
Timeline
Incifent Response Consultant
Innovative Solutions
04.2025 - Current
Cybersecurity Incident Response Specialist
Riyadh Bank
05.2023 - 01.2025
Cybersecurity Defense Specialist
sirar by STC
10.2022 - 05.2023
Cybersecurity Defense Analyst
sirar by STC
01.2021 - 10.2022
Bachelor of Science - Information Technology
Qassim University