محمد العشيرى, Cyber Security Engineer

محمد العشيرى

Cyber Security Engineer

Coordinates Middle East

البلد
مصر - القاهرة
التعليم
بكالوريوس, Electronics and Computer Engineering
الخبرات
3 years, 10 أشهر

مشاركة سيرتي الذاتية

حظر المستخدم


الخبرة العملية

مجموع سنوات الخبرة :3 years, 10 أشهر

Cyber Security Engineer في Coordinates Middle East
  • مصر - القاهرة
  • أشغل هذه الوظيفة منذ ديسمبر 2021

- Handling Centralized tickets/alerts generated from SOAR of multiple MDR and MSS Clients’ SIEMS, EDRs and NDRs in UAE and Egypt.
- Working on the new automated and enriched model for the new and critical clients for the baseline purposes and enrichments recommendation.
- Hands-on experience on Forti-SIEM, LogRhythm and QRadar.
- Hands-on experience on MSATP, Sophos EDR, CrowdStrike EDR, FireEye EDR, Cisco AMP and Symantec EDR.
- Hands-on experience on NDR (Dark Trace) but only from alerts handling perspective by correlation with SIEMs and EDRs.
- Hands-on experience on Mail Security Gateways FireEye ETP, Office 365 portal, and Mimecast.
- Use cases creation on SIEMs and Hunting Queries creation on EDRs. (recently)

Cyber-Security Senior Analyst في Cysiv MEA
  • مصر - القاهرة
  • مارس 2021 إلى نوفمبر 2021

Working on a centralized SOC model by providing SOC managed services to well-known financial sector clients in Egypt.
- Use Cases (Rules and Dashboards) and Report’s creation, implementation and fine-tuning.
- Alerts monitoring, triaging, investigation, verification, Incident Handling & Responding, following up with the corresponding teams and closing.
- Qradar SIEM Administration with Admin privilege Account
• System Configuration (Index, Network Hierarchy, License, Reference Set, Extensions and Routing Rules Management).
• User Management (Users, Roles and Security Profiles).
• Data Source (Events and Flows) management.
• Applications Management (IBM Resilient Qradar Integration, Log Source Management, Use Case Manager, Threat Intelligence Management, DNS Analyzer, etc.)
- Incident Playbooks manually Creation and Updating.
- IBM Resilient SOAR Administration with Admin Privilege Account, Incident Runbooks implementation and automation.
- Incident Management and Automation Using Qradar Side
• Incident Mapping Templates using JINJA Syntax
• Automation Escalation conditions creation
• Enable resilient users to search the Ariel databases from an incident using AQLs.
- Incident Management and Automation Using Resilient Side
• Incident types creating and mapping.
• Phases, Tasks, Functions, Workflows and Rules implementation and updating.
- Mail Analysis using Open-Source Threat Intelligence (OSINT) to detect and respond to phishing mails.

Cyber-Security Analyst في IP Protocol INC
  • مصر - القاهرة
  • يوليو 2020 إلى فبراير 2021

- Incident Monitoring, Triage, Investigation, Verification, Escalation and Closing.
- Use Cases Creation, Implementation and Fine-Tuning on the SIEM Solution.
- Vulnerability Management using Tenable Security Center and Nessus Scanners.
- Vulnerability Management, using the SCAP Terminologies (CVEs and CVSS) to verify and report related and Zero-Day vulnerabilities.
- Mail Analysis using Open-Source Threat Intelligence (OSINT) to detect and respond to phishing mails.
- SIEM Solution Clean installation, License Management, Log/Flow Sources Integration, Network Hierarchy insertion, Server Discovery, Asset Management, and EPS/FPM Tuning based on suitable Log sources’ Events.

الخلفية التعليمية

بكالوريوس, Electronics and Computer Engineering
  • في Menofia University
  • يونيو 2018

Faculty of Electronic Engineering, Menoufia University Bachelor of Engineering - BE, Computer Science and Engineering (CSE)Bachelor of Engineering - BE, Computer Science and Engineering (CSE) 2013 - 2018 Grade: Very Good - Top 10Grade: Very Good - Top 10 Activities and societies: Volunteer at IEEE-Menofia Student Branch (IEEE-MSB).Volunteer at Delta Academy

Specialties & Skills

Log Analysis
Network Security
Incident Management
Incident Analysis
Cyber Security
Detail-Oriented
Public Speaking
Log Analysis
lifelong learner
Microsoft Office
Well-Organized
Communication

اللغات

العربية
اللغة الأم
الانجليزية
متمرّس
الفرنسية
مبتدئ

العضويات

Egyptian Engineering Syndicate
  • Member
  • January 2018

التدريب و الشهادات

MCIT- Summer Training Data, VoIP, and Wireless Networks (تدريب)
معهد التدريب:
Ministry of Communication and Information Technology
تاريخ الدورة:
July 2018
ICSI-CNSS Certified Network (الشهادة)
تاريخ الدورة:
June 2020
Fortinet-NSE3 Certificate (الشهادة)
تاريخ الدورة:
January 2022
صالحة لغاية:
January 2024
CISCO-CyberOps Assocai-letter of Merit (الشهادة)
CISCO-CCNA Security -letter of Merit (الشهادة)
ICDL (الشهادة)
Cyber-Security Specialization- Colorado University (الشهادة)
Cyber-Security Specialization- Maryland University (الشهادة)
CompTIA- IT Strate Certificate (الشهادة)
CompTIA- Network+ Certificate (الشهادة)
تاريخ الدورة:
June 2019
CompTIA- A+ Certificate (الشهادة)
تاريخ الدورة:
June 2019
صالحة لغاية:
June 2022

الهوايات

  • Cyber-Security, Chess, Running, Soccer, and workout.