Doha, Qatar
Cybersecurity Professional | Cloud Security | SIEM Engineer | Detection Engineer | Threat Hunting | Cloud DFIR With over 8 years of experience in cybersecurity, I currently work as a Sr Security Analyst, SIEM Engineer, and Detection Engineer at beIN Media, helping my organization meet critical security objectives. My expertise spans identifying vulnerabilities, patch management, threat monitoring, and incident reporting. I maintain and update SIEM solutions (including QRadar) to align with security policies and compliance standards, while also integrating new log sources using DSM and custom regex. As a Detection Engineer, I develop detection rules based on threat-informed defense strategies. I contribute to automating playbooks, work with EDR tools, and integrate SOAR technologies. I have extensive experience detecting SaaS-based attacks, such as Graph API and OAuth attacks, and addressing cloud permission issues that lead to lateral movement and privilege escalation. In cloud environments, I specialize in threat hunting (including Kubernetes) and Digital Forensics & Incident Response (DFIR). I deploy the MITRE ATT&CK framework for cloud security and help organizations identify the critical logs required to detect cloud-based attacks in Azure, AWS, and Google Cloud environments. I also assist with building and refining cloud security policies to strengthen organizational defenses. I hold industry certifications including CISSP, CCSP, GCFR, and GCIH, highlighting my commitment to cybersecurity best practices. My work also covers threat intelligence, Blue Teaming, SIEM Engineer, Incidense Response & DFIR (Cloud and On Prem) , Malware Analysis. With a hacker mindset—gained through certifications like Pentest+, CySA+, GCIH, and CEH—I excel at developing detection rules and identifying new threats. I also have foundational experience in malware analysis and played a key role in thwarting several cyberattacks during the Qatar World Cup. I’m passionate about staying ahead of emerging threats and continuously enhancing security frameworks to protect organizations in an ever-evolving cyber landscape.
Senior SOC Analyst | beIN Media Group (Qatar World Cup Project) Joined the SOC team as part of the Qatar World Cup project, helping build the entire Security Operations Center from the ground up. At the time, we were at CMM Level 1 with no defined processes. Today, we have matured to the Optimization stage, delivering a proactive and highly responsive SOC. Daily responsibilities include monitoring security alerts across endpoints, servers, web applications, and controls (firewalls, AVs, EDRs, SIEM, and native cloud tools) across AWS, Azure, and GCP. I lead bi weekly Threat Hunt Missions, Actively shaping hunt hypotheses, defining hunt objectives, and executing full hunt missions targeting evolving TTPs across both on-prem and cloud environments. Built detections mapped to MITRE ATT&CK, tuned noisy rules (Sysmon, Windows Event Logs), and onboarded custom log sources and use cases into SIEM. Conducted basic malware analysis and helped build a lightweight open-source sandbox lab using FLARE VM and REMnux for behavioral analysis. Recommended and implemented cloud security best practices across IAM and logging (e.g., Azure Unified Audit Logs, Subscription logs, AWS CloudTrail Management & Data). Developed and Maintain Incident Response Playbooks for the SOAR based on the Threat Informed defense and Use Cases for the beIN. As a Senior Incident Responder have Responded to Advanced forms of attacks such as Rita Ransomware, QakBot Phishing Campaigns, IcedID malware, Kerberoasting attacks and Certificate Based Persistence Mechanisms Collaborated on beIN’s multi-hybrid cloud migration, enabling centralized security monitoring and improving detection posture. Worked closely with Threat Intel to deploy detection and prevention controls aligned with threat-informed defense. Contributed to compliance efforts with Qatar MOI (NCSA), aligning detection, logging, and response strategies with regulatory expectations.
I believe that a SIEM solution is like a Baby and to nurture a baby you have to treat it with Creative and a Rational thinking and I am a Blend of both. My Job being a Security Analyst and a SIEM Engineer requires me to Implement SIEM solution such as IBM QRadar, Patching, Maintenance and Troubleshooting of QRadar, Monitoring Threats, updating SIEM according to the Security Policy, Creating Reports, Helping Clients to update their security to the latest Threats, Pen-testing to Identify the vulnerabilities and how to remediate them, Doing Network Analysis and Log Analysis and updating the Security Policy accordingly. System hardening against Security threats and Patch management via tools such as Big Fix.
I motivate and Lead the Team of 10 Telephone Operators and 2 Telephone Technicians. I train newly Enrolled Telephone Operators on Telephony Ethics and how to Operate the Console. I also evaluate the Daily Performance of the Telephone Operators and Technicians. Encouraging the ones who top the Rank and Motivating the ones who rank below Average. I Listened to the Complaints of the End Users, and then i forward it to the Technicians or myself to to the field to Troubleshoot it. I Configure and Troubleshoot Avaya Soft Consoles. Installation , Configuration, Operation and Maintance of Avaya IP DeskPhone 1608. In June 2016, I did the Installationa and Configuration of Panasonic PBX at New Building of RMI for RMI Free Welfare Hospital. On 27th April I delieverd a 3 Days Training to all the Communication Staff on Basic Excel and Verbal Communication Skills and i was Awarded the Official Trainer Certificate from RMI. I Architectured the Number Plan system for all the Departments at RMI. I Defined the Work Flow for all kinds of Communication Bills. Keeping the Record of almost 650 Extensions which includes 420 plus IP Phones and 240 Analog Extensions.
Training, Motivating and Leading the Team of 10 Telephone Operators and 2 Technicians. Listening to the Complaints of Users and Forwarding them to the Technicians or my Self trouble Shooting them. Evaluating the Daily Performance of Telephone Operators and Technicians. Keeping the Record of almost 650 Telephone Extensions which Includes Both IP DeskPhones and Analog Telephones. Also their Installation, Configuration and Troubleshooting.
As an Internee i was involved with the experts at Optical Fiber in my Province. My normal routine was Installation, Operation and Maintenance of the Fiber Optics. Whenever a fiber will get damaged we had to up the link with in 3 Hours. We had installed Aerial and Ground Fibers. We dealt with Single Mode and Multimode Fibers. Checking the Fiber Breakage, Fiber Connectivity , Data Loss across the Fiber.