Mohammed Aldahash — Cybersecurity Consultant

Cyber Security Consultant with 4+ years in SOC operations, incident response, and cloud security.

01 // Overview

Operational Profile

Cybersecurity Consultant with 4+ years of experience in SOC operations, administration, and incident response. Certified and passionate about understanding environments to implement proper protection, detection, and response. Hands-on across SIEM/XDR/CNAPP platforms, multi-cloud (Azure, GCP, AWS, OCI), and frameworks including NCA, NIST, CIS, and MITRE ATT&CK.

02 // Career Log

Professional Experience

Cyber Security Consultant

Elm // 2026 — Present
  • Lead the SOC Enablement unit to ensure comprehensive security visibility over 10K+ assets and 23 NCA-critical applications across hybrid multi-cloud and containerized environments for multiple subsidiaries.
  • Oversee the full lifecycle (design, deployment, and operations) of SIEM, XDR, CNAPP, DLP, and M365 E5 platforms.
  • Automate visibility KPI reporting for asset coverage and required log types against the organization's CMDB as per the log standard.
  • Serve as the primary technical point of contact for the SOC, aligning operations with GRC, Security Architecture, Internal Audit, and ERM teams.

Cyber Security Senior Analyst

Elm // 01/2025 — 12/2025
  • Investigated L1-escalated alerts; contained and documented incidents end-to-end.
  • Built use cases to close MITRE ATT&CK coverage gaps mapped to the organization's threat model.
  • Created procedures, KPIs, dashboards, reports, shift schedules, and playbooks for SOC.
  • Worked closely with SIEM Admins and IT teams to close visibility gaps in SIEM and raise infrastructure risks to GRC.

Cyber Security Specialist (SOC Engineer)

Ministry of Education // 01/2024 — 12/2024
  • Administered SIEM/SOAR/NDR solutions.
  • Enhanced security detection by creating and testing use cases that cover gaps in the organization's MITRE TTPs.
  • Configured and onboarded logs from endpoints, security solutions, and network devices to SIEM.
  • Conducted PoCs to test security solutions and create evaluation reports.

Cyber Security Analyst (L1)

Ministry of Education // 06/2022 — 12/2023
  • Triaged alerts on SIEM from EDR, IPS, IDS, WAF, FW, and escalated true positives in a 24x7 SOC.
  • Documented all analysis of alerts and incidents on a SOAR following approved playbooks.
  • Responded to incidents and IOCs from NCA's Haseen portal and contacted relevant teams for further actions.
03 // Academic Background

Education

Bachelor's Degree // 08/2017 — 08/2022

Information Technology (Cybersecurity Track)

Al Majmaah University — Al Majmaah, Saudi Arabia

cGPA: 4.3

Graduation project focused on improving website availability by utilizing AWS cloud services.

04 // Credentials

Certifications

GIACWIP

Defensible Security Architect (GDSA)

SANS Institute

GIAC01/2026

Cloud Forensics Responder (GCFR)

SANS Institute

GIAC04/2025

Continuous Monitoring (GMON)

SANS Institute

GIAC04/2024

Certified Detection Analyst (GCDA)

SANS Institute

OffSec12/2023

Defense Analyst (OSDA)

Offensive Security

INE08/2023

eJPTv2

INE / eLearnSecurity

CompTIA01/2023

Security+ & CySA+

CompTIA

AWS12/2021

Certified Cloud Practitioner

Amazon Web Services

05 // Capabilities

Skills

Technical Stack

QRadarElasticSentinelDefenderXSIAMSplunkSecOpsAzureGCPAWSOCIWindowsLinuxKubernetesLog Analysis

Core Competencies

SOC OperationsIncident ResponseThreat HuntingMITRE ATT&CKNCA ComplianceNISTCISThreat IntelligenceNetwork SecurityCloud SecurityCommunicationLeadership