Nabhan Mohamed Ahmed
SOC Analyst Tier 3
Giza
Summary
Certified individual with excellent customer service skills and a Bachelor’s degree in Computer Science. Hopeful for the position of Senior Information Security Analyst-Cyber Security, to utilize 3 years information security experience. Bringing advanced computer skills, including: expertise in security log review on operating systems, database, applications, and networks.
Overview
6
6
years of professional experience
3
3
years of post-secondary education
4
4
Certifications
Work History
SOC Analyst Tier 3
SAIB Bank Based in Egypt
06.2023 - Current
- Building rules on EDR based on MITRE AT&CK, support Team in response regarding incidents, building playbook for each attack, follow-up in vulnerabilities patching, create Yara rules to detect IOA, make log assessment for SIEM in environment, investigate in each signature in IPS/ISDS, enhance SOC operation workflow, make TH activity across all the environment, provide guidance on control implementation for post-incident risk reduction, support Use Case development cycle, exporting IOCs from malicious mails and blocking them on security controls, update signatures on IPS/IDS, handle real incidents and threats when our customers are being targeted, generate Weekly/Monthly reports regarding incidents, tuning false positive alerts.
- Enhanced network security by monitoring systems for potential threats and vulnerabilities.
- Reduced false alarms by fine-tuning intrusion detection system configurations based on historical analysis of incidents.
- Collaborated with IT teams to implement effective security measures, safeguarding critical data and systems.
- Identified root causes of security breaches through thorough investigation and analysis of log data.
- Recommend improvements in security systems and procedures.
- Led cybersecurity awareness programs, increasing staff vigilance against phishing and social engineering attacks.
- Strengthened network security by implementing advanced threat detection systems.
- Conducted in-depth analysis of security breaches to determine their root causes and prevent future incidents.
- Trained junior analysts in threat intelligence gathering techniques, improving overall team efficiency.
Senior SOC Analyst and Incident Responder
Boubyan Bank Based in Kuwait
03.2023 - 06.2023
- Generate weekly/monthly report regarding incident cases during the week. Investigate all alerts that hit on all security controls. Update signatures in IPS/IDS. Report vulnerability reports to the concerned team that affected the environment. Build detection use cases on SIEM based on MITRE AT&CK. Build TH rules on EDR. Build threat intelligence reports based on news from the threat intelligence platform.
- Maintained accurate documentation of all SOC activities, facilitating knowledge sharing across the organization.
- Recommend improvements in security systems and procedures.
- Identified root causes of security breaches through thorough investigation and analysis of log data.
- Monitored real-time security alerts to identify potential threats, significantly reducing incident response times.
- Streamlined incident response processes for quicker threat detection and remediation.
- Improved incident management workflows through streamlined communication between SOC Analysts, IT departments, and other relevant parties.
- Enhanced network security by monitoring systems for potential threats and vulnerabilities.
- Reduced false alarms by fine-tuning intrusion detection system configurations based on historical analysis of incidents.
SOC Analyst Tier 2
Liquid C2 MEA (Previous SecureMisr)
09.2019 - 03.2023
- Provide analytical feedback on client network traffic patterns, provide analytical feedback related to malware and other network threats, understand information security policies and best practices in client environments, review and understand collected metrics from monitoring systems and be aware of patterns and anomalies, facilitate effective and appropriate communication to all stakeholders to meet SLAs and expectations.
SOC Analyst Tier 1
Liquid C2 MEA (Previous SecureMisr)
07.2018 - 08.2019
- Familiarity with: Netflow data, DNS logs, Proxy Logs, IPS/IDS logs, and firewall logs, etc. Monitor all traffic to detect any suspicious behavior. Detect incidents and open tickets, then assign them to a concerned team with recommended actions. Conduct vulnerability assessments, investigations, and report them to tier 2. Make a daily report for the status of important assets in the environment.
- Identified root causes of security breaches through thorough investigation and analysis of log data.
- Streamlined incident response processes for quicker threat detection and remediation.
- Monitored real-time security alerts to identify potential threats, significantly reducing incident response times.
Junior Php Developer
Campaign Egypt
8 2016 - 10.2016
- Responsible for managing backend services and the interchange of data between the server and the users.
- Primary focus will be the development of all server-side logic, definition, and maintenance of the central database, ensuring high performance and responsiveness to requests from the frontend. Responsible for integrating the front-end elements built by your coworkers into the application.
- Streamlined data processing tasks for better user experience with well-designed database queries.
- Developed and maintained dynamic web applications, resulting in increased user engagement and satisfaction.
- Planned, coded, and deployed web-based applications using PHP, MySQL, and JavaScript.
Education
BA Computer Science - Computer Science
Misr For Science And Technology (M.U.S.T)
Egypt 12.2012 - 05.2016
Skills
CCNA R&S
CCNA Security
SIEM (ArcSight, Logrythm)
IPS/IDS
EDR (Crowdstrike, Fidelis, FireEye)
NDR
Email Security (Forcepoint, Fortimail,)
DLP (Forcepoint, McAfee)
Reverse/Forward Proxy
Threat Intelligence (crowdstrike, Group IB)
Firewalls (Palo Alto, Fortinet, ASA, Checkpoint)
FireEye (NX, HX, FX, EX)
Vulnerability Management (Skybox)
Team Player
Understanding Legal Process
Time Management
Time Response
Solving Problem
Deep Researcher
Love To Gain More & Advanced Knowledge
Log Analysis
Incident Response
Intrusion Detection
Data Loss Prevention
Threat Intelligence
Wireshark Usage
PowerShell Scripting
Certification
SANS GCIH (SEC 504)
Activities
- Squash
- GYM
- Chess
Personal Information
- Date of Birth: 03/05/1993
- Gender: Male
Militarystatus
Completed
Training
- 3 Months Intensive Training Program (ITP) - ITI - Nasr City Branch - Security Operation Center (SOC) Track, 02/01/18, 07/01/18
- 1 Month Internship Php Developer In Company Diamond Technology, 06/01/16, 08/01/16
References
Up On Request
Timeline
SOC Analyst Tier 3
SAIB Bank Based in Egypt
06.2023 - Current
Senior SOC Analyst and Incident Responder
Boubyan Bank Based in Kuwait
03.2023 - 06.2023
SOC Analyst Tier 2
Liquid C2 MEA (Previous SecureMisr)
09.2019 - 03.2023
SOC Analyst Tier 1
Liquid C2 MEA (Previous SecureMisr)
07.2018 - 08.2019
BA Computer Science - Computer Science
Misr For Science And Technology (M.U.S.T)
12.2012 - 05.2016
Junior Php Developer
Campaign Egypt
8 2016 - 10.2016
SANS GCIH (SEC 504)
ArcSight
CCNA
ECSA V10
Similar Profiles
Sarah Mamdouh IbrahimSarah Mamdouh Ibrahim
Office Manager at SAIB BankOffice Manager at SAIB Bank
Eslam Mahmoud ShehataEslam Mahmoud Shehata
Business Relation Manager at Saib Bank (Société Arabe Internationale De Banque)Business Relation Manager at Saib Bank (Société Arabe Internationale De Banque)
Islam Mohamed YoussefIslam Mohamed Youssef
Cluster Head Branches OutSide Cairo at SAIB BankCluster Head Branches OutSide Cairo at SAIB Bank