Ahmeda Rusdan

1. Lead end-to-end forensic investigations covering evidence acquisition, timeline reconstruction, root cause analysis, and remediation planning.

2. Conduct digital evidence acquisition across physical endpoints, Microsoft 365 cloud environments, and proprietary system logs; maintain strict Chain of Custody (CoC) per ISO/IEC 27037:2012.

3. Produce forensic analysis reports supporting legal proceedings and executive stakeholders.

1. Led Managed Threat Intelligence and darkweb monitoring service, proactively identifying emerging threats targeting client environments.

2. Designed and implemented custom SOAR playbooks on XDR platforms to automate detection and response workflows, reducing MTTD (Mean Time to Detect) and MTTR (Mean Time to Respond) across managed client tenants.

3. Performed in-depth malware analysis and developed YARA and Sigma detection rule sets to strengthen SOC detection coverage.

4. Reviewed and triaged L1/L2 escalations using real-time threat intelligence; mapped attacker activity to MITRE ATT&CK to determine impact scope and recommend containment.

5. Delivered threat landscape assessments, threat briefings, and intelligence reports for C-suite and executive stakeholders.

6. Performed Threat Hunting and DFIR operations across Windows and Linux environments using EDR and SIEM tooling

1. Led Red Teaming activities within the DevSecOps framework, assessing pipeline security posture and identifying exploitable weaknesses.

2. Implemented open-source XDR (Wazuh) for on-premise server hardening; introduced SBOM visibility practices for application development teams.

3. Conducted penetration testing on web and mobile applications; performed CSA CoC GDPR self-assessment to validate cloud security compliance

1. Conducted asset discovery, vulnerability assessment, and PoC testing on 0-day vulnerabilities to validate system resilience and guide remediation priorities.

2. Performed malware analysis and developed YARA rule sets to improve threat detection across client infrastructures.

3. Reviewed escalated L1 tickets using real-time threat intelligence; identified impacted systems and scoped attack campaigns.

1. Defined requirements for information security solutions and delivered strategic MSSP and penetration testing vendor recommendations to the CISO.

2. Executed vulnerability assessments, digital forensic investigations, and penetration testing on mobile and web applications.

1. Conducted vulnerability assessments, digital forensics, and penetration testing engagements across multiple industry clients.

2. Delivered proof-of-concept exploits and risk-rated findings reports with actionable remediation guidance.