BASHAIR AL HINDI

-Investigating and responding to security incidents.
- Work with the SOC L1 team to identify and prioritize security alerts.
- Conducting in-depth investigations to determine the root cause of incidents.
- Responsible for keeping track of SLAs.
- Review SOC documentation and the Incident Response plan based on the trends and lessons learned
- Responsible for communicating status and updates of incidents to the CISO.
- Communicate complex technical concepts to non-technical stakeholders.
- Provide support for audit and compliance activities.

-Guide the overall day to day operations and ensuring events and/or incidents are detected and responded to in adherence to established process as well as procedures

- helping in Create use cases based on the MITRE ATT&CK framework to ensure comprehensive coverage of potential threats and tactics commonly employed by APT groups.
- Ensure documentation is being maintained and tracked based on existing SLAs and act as the escalation point should issues arise.
- Review SOC documentations include Runbooks, Playbooks and the Incident Response plan based on the trends and lessons learned.

• Managed incident response operations to ensure quick resolution of security breaches.
• Delivered on-site support during critical cyber incident situations to minimise damage.

• Company Overview: King Abdulaziz International Airport, Jeddah, Makkah
• Monitoring and analysis of security events: have experience in monitoring security events and analyzing alerts from security devices such as SEIM (Splunk), firewalls (Cisco and FortiGate FW)
• Incident response and investigation
• Vulnerability management: have experience with vulnerability management tools such as Tenable to analyse the results to identify vulnerabilities and work with system owners to ensure that vulnerabilities are remediated in a timely manner
• Endpoint security: have experience in implementing and managing endpoint security solutions such as antivirus, endpoint detection and response (EDR) to detect and respond to security incidents on endpoints
• Threat intelligence: gathering, analyzing, and interpreting data to identify potential security threats and vulnerabilities and Collect data from various sources,
• understanding of industry regulations and compliance standards such as NCA to ensure that security controls are implemented to meet these requirements

• Security awareness training: You develop and deliver security awareness training programs to educate employees on best practices for protecting sensitive information and preventing cyber attacks
• Recommended changes to security posture to reduce emerging threats to environment
• Analyzed system designs to create plans for correct and efficient security policies