Alaa Shalaan
Cybersecurity Specialist | SOC Analyst | IR | TH
Cybersecurity Engineer and SOC Analyst with 4+ years of experience in threat detection, EDR, SIEM (Splunk, QRadar), SOAR, and incident response. Skilled in designing and implementing detection rules, automating response workflows, conducting phishing and malware investigations, and aligning with MITRE ATT&CK. Adept at deploying and managing security solutions in enterprise environments
Experience
Senior Blue Teaming Specialist
· Expenditure and Projects Efficiency Authority (EXPRO)11/1/2023 — Present- Deployed and configured Splunk SIEM from scratch: parsing, dashboards, use cases - Implemented CrowdStrike (EDR), VMware (NDR), Mail Gateway, TrendMicro IPS & Sandbox - Built security policies: IPS profiles, EDR rules, Zscaler proxy filters - Automated incident response using SOAR and MITRE ATT&CK alignment - Created and tuned detection rules; collaborated with Red Team on simulations - Worked on TrendMicro stack: ApexOne, Mail Gateway, Deep Discovery, DDI - Wrote policies for SIEM, SOAR, Proxy, EDR, and NDR solutions
SOC L2 & Information Security Engineer
· EFG-HERMES5/1/2021 — 11/1/2023- Investigated and escalated advanced alerts; developed SIEM use cases - Led phishing investigations; extracted and blocked IOCs - Configured QRadar log sources and correlation rules - Participated in threat intelligence sharing and malware triage