Jan 2023 – Present · 3 yrs 2 mos · Dubai, United Arab Emirates · On-site

• 1. Security Monitoring and Analysis:
• Monitor SIEM alerts through IBM Qradar and Azure Sentinel.
• Conduct endpoint investigations using CrowdStrike Falcon
• Analyze detected threats across the company.
• 2. Email Security:
• Monitor company emails using Mimecast and Proofpoint.
• Investigate phishing threats and malware events in emails.
• 3. Incident Response:
• Assume responsibility for meticulous documentation using SHQ platforms.
• Operate in rotational shifts for real-time threat detection and rapid incident response.
• 4. Investigations and Analysis:
• Analyze security incidents, including phishing emails.
• Investigate high-priority threat campaigns and malicious actors.
• Assess legitimacy using online resources (VirusTotal, IBM X-Force Exchange, urlscan.io, MX Toolbar).
• 5. Continuous Learning:
• Stay current with the evolving cybersecurity landscape.
• Conduct research and engage in ongoing learning.
• 6. Documentation and Reporting:
• Document all levels of security threats Use IBM Resilient ticket system for reporting.
• Create tickets in IBM Resilient and escalate to technical teams in Shq platform.
• 7. Collaboration:
• Work closely with teammates to fine-tune and deploy scalable security controls.
• Collaborate with teams to brainstorm and prototype solutions.
• 8. Shift Responsibilities:
• Responsible for initiative shift turnover.
• Document shift activities summary.
• 9. Cybersecurity Knowledge:
• Possess comprehensive knowledge of Cyber Kill Chain, CVE catalog, and MITRE ATT&CK framework.
• 10. Analysis and Mitigation:
• Provide analysis and containment of compromised systems.
• Mitigate issues with root cause analysis.