Ashraf Roshdy
Riyadh,Saudi Arabia
Summary
A cybersecurity professional with expertise in incident response, digital forensics, and malware analysis. Demonstrates strong problem-solving abilities and effective communication skills, complemented by leadership capabilities. Aiming to leverage technical skills to enhance organisational security measures.
Overview
10
10
years of professional experience
1
1
Certification
Work history
Incident Response Specialist
Kaspersky
03.2023 - 11.2025
- Deliver computer incident response and digital forensic projects for enterprise customers onsite and remotely.
- Perform system and network forensics analysis of suspected or potential security incidents.
- Conduct Malware analysis on discovered new suspicious samples during incident response process.
- Create Hands-On trainings for Kaspersky Products (KATA-KEDR \ KUMA)
- Forensic support of Kaspersky Anti Targeted Attacks Platform in Multiple projects.
- Report findings in technical reports.
DFIR Lead
EG-CERT
Cairo
01.2021 - 02.2023
- Monitor, Investigate and Respond to computer suspicious activities
- Analyze and evaluate anomalous network and system activity.
- Apply Dynamic malware analysis to understand malware activities
- Understanding of malware and the modern threat landscape.
- Use combination of manual and automated tools to proactively analyze various data and analyze logs and digital forensic artifacts.
- Provide recommendation and Improvements on remediation for cybersecurity operation to detect, prevent, and mitigate intrusions.
- Co-operate with other National CERTs to handle common incidents if required.
- Perform evidence acquisition and conduct digital forensic analysis on forensically imaged evidence on live systems.
- Conduct and participate in local trainings for other entities about cyber security either for awareness or to share high level knowledge.
- Preform Memory Analysis and Registry Analysis using various tools.
- Experience with various forensic log artifacts found in SIEM logs, web server logs, AV logs.
- Excellent oral and written communication skills including communicating status and creating customer technically detailed reports based on intrusions and events.
- Experience with APT actor group evidence including familiarity with Indicators of Compromise (IOCs), Indicators of Activity (IOAs) and attack Tools, Techniques and Procedures (TTPs).
- Experience in helping Governmental Entities manage vulnerabilities, measure security, and ensure compliance as my role working in Egyptian National CERT.
Incident Response Engineer
EG-CERT
Cairo
01.2016 - 12.2020
- Handling different incidents reported in the scope of Egypt.
- Interfacing with other CERTs and local ISPs to handle incidents.
- Performing evidence acquisition and creating exact images of evidences
- Conducting digital forensic analysis on forensically imaged evidences or on live systems
- Performing Network Forensics.
- Reporting findings of the forensic analysis in formal technical reports.
- Reporting findings with recommendations for remediation.
- Conduct technical trainings.
Education
Bachelor of Engineering - Communications Technologies
Arab Academy for Science and Technology
Egypt /2007 - /2012
Skills
- Incident Response
- Digital Forensics
- Malware Analysis
- Python Scripting
- Bash Scripting
- Problem Solving
- Communication skills
- Leadership
Certification
GCFA (GIAC Certified Forensics Analyst)
Languages
Arabic - Native
English - Fluent
Timeline
Incident Response Specialist
Kaspersky
03.2023 - 11.2025
DFIR Lead
EG-CERT
01.2021 - 02.2023
Incident Response Engineer
EG-CERT
01.2016 - 12.2020
Bachelor of Engineering - Communications Technologies
Arab Academy for Science and Technology
/2007 - /2012