Summary
Overview
Work History
Education
Skills
Certification
Accomplishments
Courses and Training
Timeline
Generic

Mushabab Alasmari

Cybersecurity Expert
Riyadh

Summary

Developed over 8 years experiences in cybersecurity within high-stakes, dynamic environment, focusing on threat detection and incident response. Adept at identifying vulnerabilities and implementing effective security measures, with proven ability to adapt and apply skills to new challenges.

Overview

2026
2026
years of professional experience
2
2
Certifications

Work History

Digital Forensics & Incident Response Professional

Saudi Telecom Company (STC)
Riyadh, Saudi Arabia
6 2023 - Current
  • Led incident response activities for complex security events, including detection, containment, eradication, and recovery. Performed deep forensic analysis across endpoints, servers, and network data to determine root cause, impact, and attacker activity.
  • Analyzed data from firewalls, VPNs, proxies, 2FA, AD, applications, and network devices using SIEM, EDR, and NDR to identify IOCs and reconstruct attack timelines.
  • Investigate and respond to alerts and directives from NCA and CST.
  • Conducted disk, memory, and network forensics, uncovering persistence mechanisms, lateral movement, and malware behavior.
  • Developed incident response playbooks and supported containment and recovery during critical incidents.
  • Collaborated with SOC, threat intel, and red teams to share findings and improve detection capabilities.
  • Created detailed investigation reports outlining attack vectors, technical findings, and remediation steps.
  • Performed proactive threat hunting to uncover hidden threats and early-stage compromises.

Senior Cybersecurity Specialist

Communications, Space And Technology Commission
Riyadh, Saudi Arabia
08.2021 - 05.2023
  • Served as an L3 Analyst, leading advanced incident response, threat hunting, and managing complex cases escalated from Tier 1 & 2 teams.
  • Conducted penetration testing and vulnerability assessments across web, mobile, and network environments to identify and remediate security risks.
  • Administered Privileged Access Management (PAM) solutions and oversaw the issuance and lifecycle of digital certificates for secure access and communication.
  • Operated a broad stack of tools and technologies including SIEM, EDR, NDR, IDS/IPS, WAF, Qualys, Nessus, Kali, Burp Suite, Acunetix, and others.
  • Managed and delivered cybersecurity projects and advisory services, aligning technical execution with strategic objectives and compliance frameworks.
  • Supported Secure SDLC practices, integrated DevSecOps, and conducted secure code reviews to ensure application and infrastructure security.
  • Played an active role in security awareness initiatives, helping drive organization-wide security education and behavior change.

Cybersecurity Specialist

Communications, Space and Technology Commission
Riyadh, Saudi Arabia
08.2018 - 08.2021
  • Served as an L2 SOC Analyst, responsible for monitoring and analyzing security events using SIEM, EDR, and NDR technologies. Handled advanced alert triage, threat hunting, phishing analysis, and incident escalation.
  • Performed Digital Forensics tasks, evidence collection, log, event and memory analysis as well as malware examination.
  • Supported incident response efforts, contributing to detection, containment, eradication and recovery operations.
  • Conducted penetration testing and vulnerability assessments on web applications, mobile applications, APIs, and network infrastructure to identify and remediate security weaknesses.
  • Participated in ISO/IEC 27001 implementation and certification processes.
  • Delivered security awareness training to reduce user-related risks across departments.
  • Served as Project Manager for key cybersecurity initiatives, ensuring alignment with organizational strategy, roadmap, and regulatory requirements.

Software Development and Security

Communication and Information Technology Commission.
Riyadh, Saudi Arabia
03.2017 - 08.2018
  • Full Stack Developer following Agile methodology.
  • OWASP, Secure SDLC, and assessing Application security.
  • ASP.NET C# Web Forms, Entity Framework, Stored Procedure, JQuery, Bootstrap, TFS, Source Control (Git,TFS), BPM, MSSQL.

Software Development and Security

Centre for Studies and Media Affairs at Royal Court.
Riyadh, Saudi Arabia
05.2016 - 02.2017
  • Full Stack Developer following Agile methodology.
  • OWASP, Secure SDLC and Assess application security.
  • ASP.NET C# MVC, Entity Framework, JQuery, Bootstrap, Razor, Source Control (Git), MSSQL.

Education

Bachelor of Science - Computer Science, GPA: 4.56, Excellent With Honors

King Saud University
Riyadh
01.2012 - 2016.01

Skills

Teamwork and collaboration

Friendly, positive attitude

High commitment

Critical Thinking

Problem Solving

English Proficiency Level

Incident Response

Digital Forensic

Threat Hunting

Application Security

Vulnerability Assessment

Penetration Testing

Project Management

Leadership

Certification

GIAC Web Application Penetration Tester (GWAPT)

Accomplishments

  • stc Hackathon 2024 Galactic Gratitude Award
  • GIAC Advisory Board Member
  • IELTS: Total band of 7.0
  • I have been awarded 4 times by CST governor.
  • Scoring 96% at SANS GWAPT exam.
  • SANS Lethal Forensicator Coin holder (FOR500 )
  • SANS NetWars Tournament Winner and coin holder.
  • I got rank (1) out of (17) students graduated in my major at King Saud University at the end of the first semester of the academic year 2015/2016.
  • Internship to IBM (US) for two months.

Courses and Training

  • SANS FOR500, FOR508, SEC542, SEC560 and SEC575.
  • Project Management and Leadership.
  • Offensive Security Web-300.
  • Practical DevSecOps.
  • CISSP and CGEIT.
  • Qualys (VA, SSBP and WAS).
  • CyberPro Boot-camp Intermediate level.
  • Plus many online courses in Cybersecuirty, Software Development and Leadership.

Timeline

GIAC Web Application Penetration Tester (GWAPT)

11-2021

Senior Cybersecurity Specialist

Communications, Space And Technology Commission
08.2021 - 05.2023

Cyber Security Foundation - CSFPC™

04-2021

Cybersecurity Specialist

Communications, Space and Technology Commission
08.2018 - 08.2021

Software Development and Security

Communication and Information Technology Commission.
03.2017 - 08.2018

Software Development and Security

Centre for Studies and Media Affairs at Royal Court.
05.2016 - 02.2017

Bachelor of Science - Computer Science, GPA: 4.56, Excellent With Honors

King Saud University
01.2012 - 2016.01

Digital Forensics & Incident Response Professional

Saudi Telecom Company (STC)
6 2023 - Current
Mushabab AlasmariCybersecurity Expert