Summary
Overview
Work History
Education
Skills
Certification
Main Tasks And Expertise
Software
Timeline
Generic

Sirin AlSaleh

SOC Engineer
Dubai

Summary

Detail-oriented Security Operations Center (SOC) Engineer with 6+ years of experience in cybersecurity incident detection, analysis, and response. Highly skilled in utilizing SIEM technologies, threat intelligence platforms, and security tools. Demonstrate ability to investigate complex security incidents, automate detection processes, and implement security improvements. Strong communicator who thrives in fast-paced environments.

Overview

7
7
years of professional experience
10
10
Certifications
3
3
Languages

Work History

SoC Engineer

MDS System Integration (MDS SI Group)
Dubai
10.2023 - Current
  • Work shifts as part of a 24x7 team
  • Monitor a range of security systems resolving and documenting findings accurately through tickets and weekly & monthly reports
  • Mentor and assist Lv1 SOC analysts and provide guidance on daily tasks, SOC design, troubleshooting techniques for efficient problem solving in incident investigations
  • Conduct knowledge transfer and security awareness sessions to junior team members and trainees
  • Participate in security planning and analysts’ activities
  • Perform in-depth data and incident reporting to customers
  • Manage customers’ requests and deliver sufficient results in-line with their expectations
  • Keep up with the RE teams on fine tuning for rules and alerts to reach a mature level for each customer
  • Work in combination with senior analysts/ SOC lead/ RE’s teams to ensure security is engaged correctly for customers
  • Able to lead independently and only involve senior analysts as necessary
  • Perform reliable threat hunting analysis and security alerts data reports
  • Lead triage and investigation of medium to high-complexity security incidents across network, endpoint, and cloud environments
  • Develop and implement custom detection rules in RSA Netwitness that improved alert quality and reduced false positives
  • Coordinate incident response activities for the SOC during major security events and provide regular status updates to management
  • Perform threat hunting exercises bi-weekly, resulting in early detection
  • Conduct security analysis on new infrastructure deployments and provide recommendations for security improvements

SoC Engineer

CyberFort365
Dubai
09.2020 - 10.2023
  • Support and guide Level 1 analysts in daily operations.
  • Conduct knowledge transfer and security awareness sessions for junior team members and trainees.
  • Contribute to security planning and analysis activities.
  • Deliver in-depth incident analysis and reporting to customers.
  • Manage customer requests efficiently, ensuring alignment with expectations.
  • Collaborate with the Resident Engineers team to refine rules and alerts for enhanced security.
  • Work alongside senior analysts, SOC leads, and Resident Engineers to ensure optimal security engagement.
  • Operate independently, escalating to senior management only when necessary.
  • Perform thorough threat-hunting analysis and generate detailed security reports.

Lvl2 SOC Analyst

IT Security Consulting & Training
Amman
05.2019 - 09.2020
  • Perform in-depth security monitoring and reporting of security incidents
  • Analyze security alerts and escalating them to support RE teams
  • Ongoing review of SIEM dashboards, system, application logs, and custom monitoring tools
  • Performing DESC advisories for customers to manage threats at the earliest
  • Malware and Threat analysis

Lvl1 SOC Analyst

IT Security Consulting & Training
Amman
06.2018 - 04.2019
  • Execute day to day SOC Operations
  • Basic Incidents Handling and admitting data analysis to Lvl2
  • Preparing weekly and monthly reports for security breaches and extent of damage and submitting them to customers
  • Ensuring all devices and Health records are maintained and working properly as per to company guidelines

Education

Bachelor of Science - Telecommunication Engineer (2018)

Yarmouk University
Jordan

Skills

Log analysis

SIEM management

Incident response

Endpoint security

Vulnerability assessment

Intrusion detection

undefined

Certification

Certified Linux+

Main Tasks And Expertise

  • Execute day to day SOC Operations
  • Develop and enhance SOC and IR Processes during shift
  • Work as SOC Assistant for Lvl1 SOC analysts and help SOC Management for any tasks that required advanced experience in SOC Operation
  • Manage Lvl1 SOC and work process during shifts
  • Respond on a timely manner (as per and within documented SLA) to support teams, incidents, and other tickets/ cases
  • Monitor and manage artefacts and intelligence hosts by threat intel platforms
  • Analysis and involving in rules tuning and optimize threat intelligence platforms
  • Conducting incident handling and coordinating with both parties, SOC analysts and RE’s
  • Performing IR and Threat hunting
  • Training of new team members in SOC and involved with extensive knowledge transfer to new hires around RSA ECAT, RSA SIEM, Forensics, and packet capture
  • Engaging with other system engineers and network engineers within the company to obtain a high level of support and teamwork
  • Cooperating with SOC Lead and RE’s to ensure maintaining the correct work process through SOC department and working on enhancing it
  • Adhering to Enhancement Plans for SOC Operations provided by SOC Lead to enhance the operation service and service level to achieve customer satisfaction
  • Providing periodic weekly, monthly, and yearly reports as needed and advised by RE’s and SOC Lead
  • Provide comprehensive incident analysis reports as per customers’ requests
  • Provide threat hunting reports as advised by SOC Lead to help RE’s in their tuning and threat mitigation

Software

RSA NetWitness

Splunk

LogRhythm

IBM Qradar

Timeline

SoC Engineer

MDS System Integration (MDS SI Group)
10.2023 - Current

SoC Engineer

CyberFort365
09.2020 - 10.2023

Lvl2 SOC Analyst

IT Security Consulting & Training
05.2019 - 09.2020

Lvl1 SOC Analyst

IT Security Consulting & Training
06.2018 - 04.2019

Bachelor of Science - Telecommunication Engineer (2018)

Yarmouk University
Certified Linux+
ITSecurity C&T
Certified Splunk SIEM
Certified Security+, CompTIA
Certified Network+, CompTIA
Certified Incident Handling Engineer-CIHE, Mile2
Certified Penetration Testing Engineer-CPTE, Mile2
Certified Security Analyst, RSA
Certified Security Admin, RSA
Certified CyberSec First Responder (CFR)

Similar Profiles

  • ABRAR ALAHMADI

    ABRAR ALAHMADIABRAR ALAHMADI

    Account Manager at MDS for Computer Systems (MDS CS)Account Manager at MDS for Computer Systems (MDS CS)

    View Profile
  • Matthew DeRonda

    Matthew DeRondaMatthew DeRonda

    Service Technician at MDS HVAC-RService Technician at MDS HVAC-R

    View Profile
  • Tiffany Gaytan

    Tiffany GaytanTiffany Gaytan

    Integration & Interoperability Manager at CompuGroup Medical (formerly E-MDs)Integration & Interoperability Manager at CompuGroup Medical (formerly E-MDs)

    View Profile
Sirin AlSalehSOC Engineer