Cyber Security Professional | 5+ Years Exp CEH | GRC | DLP | SOC | SIEM | ISO 27001

INFORMATION SECURITY SPECIALIST — AVAILABLE NOW · RIYADH
‎ ‎ ‎
Data Protection · SOC Operations · GRC · Penetration Testing
CEH | ISO 27001 Lead Auditor | CISSP (Expected Q4 2026)
Location: Riyadh, KSA | Iqama: Transferable | Experience: 5+ Years

------------------------------------------------------------
BY THE NUMBERS
------------------------------------------------------------
37+ CVEs disclosed — CERT-In Hall of Fame
96 Vulnerabilities discovered across 8 pentest engagements
40% Drop in data exfiltration incidents within 60 days
1,200+ Security alerts triaged monthly in SOC operations

------------------------------------------------------------
WHO I AM
------------------------------------------------------------
A cybersecurity professional with 5+ years across SOC operations,
enterprise DLP, SOC, and offensive security — with hands-on delivery
inside Saudi Arabia's regulatory landscape (SAMA CSF, NCA ECC, PDPL).

I don't just flag risks. I remediate them, build the governance
around them, and reduce noise so security teams focus on what matters.
Recognized by India's national cyber authority CERT-In for responsible
disclosure of critical vulnerabilities across major organizations.

------------------------------------------------------------
WHAT I'VE DELIVERED
------------------------------------------------------------
► Deployed enterprise DLP across 3,000+ endpoints at Zahf Technologies,
reducing data exfiltration incidents by 40% within 60 days of go-live
— fully aligned to SAMA CSF and ISO 27001 Annex A.

► Reduced DLP false positives by 35% by reengineering 40+ detection
rules using regex, keyword dictionaries, and document fingerprinting
— cutting SOC alert fatigue by half.

► Integrated DLP with Splunk and Microsoft Sentinel via custom
correlation rules, slashing DLP incident response time by 45%.

► Identified 14 critical logic flaws across 8 pentest engagements
— privilege escalation, broken access controls, insecure APIs —
that had evaded existing controls for an average of 18 months.

► Built an organizational risk register covering 20+ threat categories
with a heat-mapped treatment plan adopted for board-level quarterly
reporting (NIST SP 800-30 methodology, mapped to SAMA CSF & NCA ECC).

► Triaged 1,200+ monthly alerts at Fronesis Solutions, reducing
mean-time-to-detect from 6 hours to under 2 hours — and uncovered
6 previously undetected threat actors through proactive threat hunting.

► Automated 8 high-frequency SOC tasks using Python and PowerShell,
recovering 20% of analyst capacity monthly.

------------------------------------------------------------
RECOGNITION
------------------------------------------------------------
CERT-In Hall of Fame — India's National Cyber Authority

Responsibly disclosed 37+ critical vulnerabilities across:
• TATA Health (1MG) • L&T Metro (TSavaari)
• Shopclues • Lenskart
• TApp Folio • Multiple fintech platforms

Zero vulnerabilities exploited in the wild post-disclosure.

------------------------------------------------------------
CORE EXPERTISE
------------------------------------------------------------
Saudi Frameworks: SAMA CSF | NCA ECC | PDPL | CITC Regulations
Compliance: ISO 27001:2022 | NIST CSF | PCI-DSS v4.0 | GDPR
DLP & Protection: Policy Design | Data Classification | Fingerprinting
Security Ops: SIEM | SOAR | IDS/IPS | SOC Procedures | Playbooks
Threat Operations: MITRE ATT&CK | Threat Hunting | DFIR | Malware Analysis
GRC & Risk: Risk Register | BIA | TPRM | KPI/KRI | Audit Readiness
Vuln Management: Pentest | CVSS | OWASP Top 10 | SAST/DAST
Cloud & Endpoint: AWS GuardDuty | Azure Defender | CrowdStrike Falcon
SIEM Platforms: Splunk | Microsoft Sentinel | QRadar | Kibana
Network Security: Fortinet | Palo Alto | Cisco
Testing Tools: Burp Suite | Metasploit | Nmap | Nessus | Qualys
Automation: Python | PowerShell | Bash | Git

------------------------------------------------------------
CERTIFICATIONS
------------------------------------------------------------
[]✓] CEH — Certified Ethical Hacker
[]✓] ISO/IEC 27001:2022 Lead Auditor
[]✓] Fortinet Cybersecurity Associate
[]✓] Google Cybersecurity Analyst
[]✓] Cisco Ethical Hacker
[]✓] Palo Alto Networks Cybersecurity
[] ] CISSP — Expected Q4 2026

------------------------------------------------------------
OPEN TO ROLES IN RIYADH
------------------------------------------------------------
Information Security Specialist | SOC Analyst | GRC Analyst | DLP Engineer | Cyber Security Analyst | Information Security Consultant | Penetration Test Consultant | IT Security | and any IT, Network or security related roles.

Please reach out via:

Phone:+966-542926188
Portfolio: https://fahads.info
Email: [email protected]
LinkedIn: https://www.linkedin.com/in ...

============================================================
Riyadh, Job Seekers, Cyber Security Professional | 5+ Years Exp CEH | GRC | DLP | SOC | SIEM | ISO 27001 Riyadh, Job Seekers, Cyber Security Professional | 5+ Years Exp CEH | GRC | DLP | SOC | SIEM | ISO 27001 Riyadh, Job Seekers, Cyber Security Professional | 5+ Years Exp CEH | GRC | DLP | SOC | SIEM | ISO 27001 Riyadh, Job Seekers, Cyber Security Professional | 5+ Years Exp CEH | GRC | DLP | SOC | SIEM | ISO 27001
Back Next