Hanan Almutairi
Summary
Cybersecurity Specialist skilled in threat detection, security monitoring, and incident investigation within banking. Utilises SIEM, EDR, NDR, and SOAR platforms to analyse security events, identify threats, and optimise detection capabilities. Conducts threat hunting and improves alert quality, while collaborating with cross-functional teams to strengthen operational security.
Overview
2
2
years of professional experience
5
5
years of post-secondary education
1
1
Certification
Work history
Specialist Threat Detection
Alrajhi Bank
2026.04 - Current
- Performed quality assessments of security alerts, investigations, and incident closures to ensure compliance with SOC standards and investigation procedures.
- Reviewed security use cases, detection logic, and monitoring content to identify tuning opportunities, coverage gaps, and alert quality issues.
- Evaluated SOC playbooks, SOPs, and operational procedures, recommending enhancements to improve investigation consistency and operational effectiveness.
- Identified and documented technical and process-related findings, including detection gaps, workflow deficiencies, and monitoring issues, and tracked remediation activities with relevant stakeholders.
- Assessed investigation quality, evidence collection, escalation decisions, and analyst conclusions to ensure accurate incident handling.
- Collaborated with SOC, Detection Engineering, and supporting teams to address identified findings and improve security monitoring capabilities.
- Developed reports and tracking metrics to provide visibility into review outcomes, recurring issues, and continuous improvement initiatives.
Senior Officer Threat Detection
Alrajhi Bank
2025.04 - 2026.03
- Performed end-to-end investigation and handling of security incidents in line with SOC processes.
- Performed deep-dive analysis of complex alerts (phishing campaigns, access anomalies, endpoint threats), providing clear conclusions and escalation recommendations.
- Actively contributed to detection improvement efforts by recommending use-case tuning and alert logic refinements based on investigation findings.
- Ensured consistent and compliant incident closure by applying predefined SOAR playbooks and enforcing documentation standards.
- Produced incident reports with root cause analysis and actionable remediation insights.
- Supported management visibility by contributing to KPI/KRI security dashboards.
- Conducted threat hunting activities and provided recommendations to improve detection coverage and alert quality.
- Reviewed pending incidents to validate resolution paths and close cases without external dependency when possible, improving case turnaround efficiency.
Officer Cybersecurity Defense Center
Alrajhi Bank
2024.10 - 2025.03
- Performed triage and investigation of security alerts following SOC processes and incident handling procedures.
- Analyzed and classified security incidents, ensuring accurate documentation, containment recommendations, and timely escalation when required.
- Conducted investigations using SIEM, EDR, email security, and network security monitoring tools to identify potential threats.
- Participated in SIEM use-case testing, log validation, and detection tuning activities to improve alert quality and monitoring effectiveness.
Graduate Development Program (GDP)
Alrajhi Bank
2024.02 - 2024.09
- Assisted in governance and compliance activities, contributing to policy development, control implementation, and risk management initiatives.
- Enhanced security monitoring and incident triage through active participation in operational cybersecurity processes.
- Applied threat intelligence concepts to improve security monitoring and strengthen threat detection capabilities.
- Completed cross-functional rotations across SOC Operations, Governance, Risk & Compliance (GRC), and Cyber Threat Intelligence (CTI).
Education
Bachelor - Computer Science
Imam Muhammad Bin Saud Islamic University
2018.09 - 2023.09
Skills
- Technical Skills: SOC Monitoring & Alert Investigation, Security Incident Handling & Analysis, SIEM Monitoring & Splunk SPL Query Development, Detection Rule Tuning & Use Case Optimization, Log Analysis & Event Correlation, Threat Hunting & Threat Detection, Phishing Email Investigation, Endpoint Detection & Response (EDR) Analysis, VPN and User Activity Analysis, Threat Intelligence Analysis, Security Playbook & SOP Review, Security Reporting, Documentation & Case Management, KPI/KRI Security Metrics & Reporting, Security Monitoring Quality Assurance
- Soft Skills: Analytical Thinking, Investigation & Problem Solving, Technical Documentation, Stakeholder Communication, Process Improvement, Time & Priority Management
Websites
Certification
- GIAC Continuous Monitoring Certification (GMON) – SANS – Dec 2025 — Dec 2029
- Certified Ethical Hacker (CEH) – EC-Council – Jun 2025 — Jul 2026
- Certified in Cybersecurity (CC) – ISC2 – Apr 2025 — Apr 2028
- CompTIA Cybersecurity Analyst (CySA+) – CompTIA – Nov 2024 — Nov 2027
- ITIL v4 Foundation – PeopleCert – Jul 2024 — Jul 2027
Languages
Arabic
Native
English
Advanced
Timeline
Specialist Threat Detection
Alrajhi Bank
2026.04 - Current
Senior Officer Threat Detection
Alrajhi Bank
2025.04 - 2026.03
Officer Cybersecurity Defense Center
Alrajhi Bank
2024.10 - 2025.03
Graduate Development Program (GDP)
Alrajhi Bank
2024.02 - 2024.09
Bachelor - Computer Science
Imam Muhammad Bin Saud Islamic University
2018.09 - 2023.09