profile-img

Ramy Tarek Ahmed

Threat Hunting Team Leader at Diyar United Company

Sidi Gaber, Alexandria, Egypt

Work Experience

  • Incident Response Assistant ManagerFull Time

    Kpmg

    Nov 2022 - Present -2 yrs, 8 months

    United Kingdom , London

    • Threat Hunting Team LeaderFull Time

      Diyar United Company

      Oct 2019 - Present -5 yrs, 9 months

      Kuwait , Kuwait City

      • Job Details: Acting as a threat hunting and analysts team leader in a 24x7 Cyber Security Operations Center (CSOC) environment.  Responsible for working as a tier-2 analyst in terms of investigating the alarms and assisting the tier-1 analysts.  Conducting weekly threat hunting for suspicious and anomalous activities based on data alerts or data outputs from various toolsets in terms of data-based and attack-based approaches.  Proactively driving hunting and analysis on behalf of multiple clients.  Leveraging internal and external resources to research threats, vulnerabilities, and intelligence on various attackers and attack infrastructure.  Working with the Threat Intelligence feeds and solutions to identify threats, develop or recommend countermeasures, and perform advanced network and host analysis in the event of a compromise.  Implementing attack based and digital forensics techniques using the available technologies to hunt for threats in specific customer environments, based on available threat intelligence reports and knowledge of the attackers TTPs.  Analyzing malicious campaigns and zero-day vulnerabilities and dissecting attacks targeting the enterprise.  Delivering threat hunting reports to management in business terms.  Analyzing network traffic, IDS/IPS/EDR/DLP events, packet capture, firewall logs, etc...  Performing advanced assessment, network, and host analysis in the event of a compromise.  Assisting in fine tuning the SIEM use cases and creating new ones.  Assisting in the incident response activities.  Assisting in reviewing policies and settings of different security solutions.  Analyzing malicious campaigns and zero-day vulnerabilities.  Dissecting attacks and evaluating the effectiveness of the security technologies and devices and creating use cases accordingly.  Leading the investigation and the response efforts into the advanced attacks and the critical incidents.  Performing Root Cause Analysis of security incidents.

    • Cyber Security Analyst L1Full Time

      Diyar United Company

      Jan 2018 - Oct 2019 -1 yr, 9 months

      Kuwait , Kuwait City

      • Job Details:Member of Security Operation Center (MSS), responsible for maintaining the security and integrity of data by planning and carrying out security measures to protect an organization’s computer networks and systems.

      • Education

      • B.Sc in Electronics and Communications Engineering

        Arab Academy for Science, Technology and Maritime Transport (AAST)

        Jan 2010 - Jan 2015 - 5 yr

      • High School - Thanaweya Amma

        El Najah Private School

        Jan 2010 

      Activities

      • Volunteer at IEEE AAST SB

        Student Activity

        May 2012 - Jun 2016 -4 yrs, 1 month

      • International ROV Competition at TORBINI AAST ROV Team

        Student Activity

        May 2011 - Jun 2016 -5 yrs, 1 month

      • Volunteer at ACM ACPC

        Student Activity

        May 2012 - Jun 2015 -3 yrs, 1 month

      Skills

      • Microsoft Office
      • SIEM LogRhythm
      • Dell SecureWorks
      • BMC Remedey
      • IBM Resilient
      • FireEye
      • FireSight
      • PhishME
      • Carbon Black

      Languages

      • Arabic

        Fluent

      • English

        Advanced

      Training & Certifications

      • GIAC Certified Intrusion Analyst (GCIA)

        GIAC·2019

      • Cofense Triage Operator

        PhishMe·2019

      • PhishMe Certification

        PhishMe·2019

      • CEH V 10

        EC Council·2019

      • LRPA | Exam 7.3

        LogRhythm·2018

      • LRSA | Exam 7.3

        LogRhythm·2018
      Share this Profile