SOC Analyst L1 IT Infrastructure Architect DevOps & IAM Engineer
Riyadh, Saudi Arabia • 0507387633 • [email protected] • linkedin.com/in/shafiq-ullah-274206154 •
Iqama: (Valid & Transferable)
PROFESSIONAL SUMMARY
Cybersecurity and Infrastructure Specialist combining expertise as a SOC Analyst L1, IT Infrastructure Architect, and
DevOps & IAM Engineer, with 5+ years of experience delivering secure and scalable enterprise solutions. Experienced in
real-time security monitoring, alert triage, and incident response using SIEM tools, alongside strong capabilities in Linux
administration, VMware (vSphere, vCenter), and Infrastructure as Code (Terraform, Ansible). Skilled in DevOps practices,
containerization (Docker, Kubernetes), and Identity & Access Management, with a focus on automation and system
security. Proficient in networking (TCP/IP, SNMP), scripting (Bash, Python), and system integration to enhance performance
and resilience. Based in Riyadh with a transferable Iqama and available for immediate joining.
WORK EXPERIENCE
Senior IT Engineer Jul 2021 – Present
Andalus Gate Holding Riyadh, Saudi Arabia
• Architected and implemented enterprise-level IT solutions, managing and maintaining systems, infrastructure, and
networks across multiple locations, ensuring high availability, minimal downtime, and reliable connectivity
(LAN/WAN, Wi-Fi, Cisco Switch & Router Configuration).
• Installed, configured, and supported hardware including computers, printers, CCTV systems, IP phones, and end-user
devices across the organization.
• Provided day-to-day L1/L2 technical support to users onsite and remotely, resolving incidents efficiently using
ServiceNow and remote tools (AnyDesk, TeamViewer).
• Administered and monitored Windows Servers (2012/2016/2019), Active Directory, DNS, DHCP, file services, and
access controls to support business operations.
• Managed Microsoft 365, Azure AD, SharePoint, and Google Workspace environments for 50+ users, ensuring smooth
collaboration and system performance.
• Monitored network performance and uptime across branches; implemented failover solutions, bandwidth
optimization, and secure VPN connectivity (IPSec/OpenVPN).
• Configured and managed firewalls, antivirus, and security policies to ensure data protection and secure handling of
business and customer information.
• Designed and maintained high availability and disaster recovery solutions using QNAP NAS with RAID and offsite
synchronization, ensuring business continuity and resource optimization.
• Oversaw system integration of diverse internal and third-party applications, managing SNMP interfaces for network
monitoring and ensuring smooth integration and performance across platforms.
• Plan and manage disk space for entire network. Maintain accurate inventory of all technological devices.
• Maintained accurate IT documentation including asset inventory, licenses, SOPs, and network diagrams to ensure
compliance and audit readiness.
• Coordinated with vendors and service providers for system support, upgrades, and issue resolution.
• Planned and executed system upgrades, deployments, and infrastructure improvements to enhance operational
efficiency. Automate administrative tasks using PowerShell.
• Consult with others to assess/analyze/resolve computing needs and system requirements. Inspect, test, and diagnose
computer equipment/systems.
• Plan and coordinate information technology-related equipment installations, moves, additions, changes, and system
enhancements
• Trained end-users on IT systems, tools, and basic troubleshooting to improve productivity and reduce downtime.
• Managed IT equipment lifecycle including procurement, configuration, upgrades, and replacements.
• Monitored systems and generated performance reports to support management decision-making and continuous
improvement initiatives.
SOC Analyst L1 Jul 2020 – Jul 2022
Byteflow Information Technology Dubai, UAE
• Implemented and managed SIEM solutions including Splunk, ELK Stack, and Wazuh for centralized log collection,
monitoring, and threat detection across the organization.
• Deployed and configured EDR/XDR security tools (CrowdStrike, Microsoft Defender ATP) to enhance endpoint
visibility, threat detection, and automated response capabilities.
• Monitored and triaged security alerts using SIEM platforms (Splunk, ELK, Wazuh) to detect, analyze, and respond to
cyber threats in real time.
• Performed incident classification, log correlation, and alert prioritization using the MITRE ATT&CK framework and
IOC-based analysis.
• Investigated phishing campaigns, malware infections, and unauthorized access incidents using EDR/XDR tools and
threat intelligence sources.
• Conducted threat enrichment using VirusTotal, AbuseIPDB, Cisco Talos, and AlienVault OTX; escalated confirmed
incidents to L2/L3 teams for further action.
• Reduced false positives by 15% through fine-tuning SIEM correlation rules and improving detection logic in
collaboration with senior analysts.
• Documented the full incident lifecycle in ServiceNow/OTRS and generated daily, weekly, and monthly security
reports.
• Followed SOC playbooks, NIST Cybersecurity Framework, and standard operating procedures (SOPs) to ensure
consistent and effective incident response.
CORE TECHNICAL SKILLS
Networking TCP/IP, Network Security, LAN/WAN, DNS, DHCP, VLANs, Wi-Fi (Cisco),
IPSec/OpenVPN/SSL VPN, Sophos/ufw/iptables Firewalls, Network Architecture
Design, Cisco Routing & Switching Configuration
Systems & Servers Windows Server 2012/2016/2019, Active Directory, GPO, NTFS, Linux Administration
(Ubuntu, CentOS), VMware vSphere/vCenter, Hyper-V, Citrix/VDI, High Availability &
Disaster Recovery, WSUS, NAS, WorkStations, Email Servers
Network Monitoring SolarWinds, PRTG, Nagios, SNMP, Wireshark, Netflow, Bandwidth & Uptime
Tracking, Incident & Change Management
Cybersecurity SIEM: Splunk, Wazhu, ELK EDR: CrowdStrike, Defender ATP IDS/IPS MITRE
ATT&CK Vulnerability Management, IAM / PAM ProcMon, Nmap, Gobuster,
Netcat, sqlmap, SANS Incident Response Framework,
Cloud & Productivity Microsoft 365, Azure AD, MS Intune, MS Defender, Exchange Online, SharePoint,
Google Workspace, Teams, Zoom, Config & Maintain VoIP
IT Operations Bash Scripting, Python Development, Infrastructure as Code (IaC), Configuration
Management, IT Asset Management, Ven