Ahmed Nader

- Perform in-depth analysis of escalated alerts and incidents from Tier 1,
conducting root cause analysis to determine the scope and impact of security
events.

- Conduct dark web monitoring to identify leaked employee credentials and
advise on proactive mitigation actions.

- Develop and refine detection rules and correlation logic to improve overall
threat visibility.

- Utilize Microsoft Defender for Endpoint (MDE) to investigate alerts across user
endpoints.

- Execute threat hunting activities based on intelligence, Indicators of
Compromise (IOCs), and behavioral patterns.

- Support ISO 27001 and PCI DSS audit cycles by documenting SOC playbooks,
responsibilities, and assisting in policy updates.

- Monitored alerts from SIEM and EDR tools and triaged events for escalation to
Tier 2.

- Investigated logs from various sources including Firewalls, WAF, Proxies, and
IDS/IPS.

- Performed real-time event correlation and initial incident triage.

- Secured networks using Cisco ASA, Firepower, and FortiGate appliances.

- Implemented firewall rules, VPNs, and IPS configurations.