Mohammed Aldahash — Cybersecurity Consultant
Cyber Security Consultant with 4+ years in SOC operations, incident response, and cloud security.
01 // Overview
Operational Profile
Cybersecurity Consultant with 4+ years of experience in SOC operations, administration, and incident response. Certified and passionate about understanding environments to implement proper protection, detection, and response. Hands-on across SIEM/XDR/CNAPP platforms, multi-cloud (Azure, GCP, AWS, OCI), and frameworks including NCA, NIST, CIS, and MITRE ATT&CK.
02 // Career Log
Professional Experience
Cyber Security Consultant
Elm // 2026 — Present- Lead the SOC Enablement unit to ensure comprehensive security visibility over 10K+ assets and 23 NCA-critical applications across hybrid multi-cloud and containerized environments for multiple subsidiaries.
- Oversee the full lifecycle (design, deployment, and operations) of SIEM, XDR, CNAPP, DLP, and M365 E5 platforms.
- Automate visibility KPI reporting for asset coverage and required log types against the organization's CMDB as per the log standard.
- Serve as the primary technical point of contact for the SOC, aligning operations with GRC, Security Architecture, Internal Audit, and ERM teams.
Cyber Security Senior Analyst
Elm // 01/2025 — 12/2025- Investigated L1-escalated alerts; contained and documented incidents end-to-end.
- Built use cases to close MITRE ATT&CK coverage gaps mapped to the organization's threat model.
- Created procedures, KPIs, dashboards, reports, shift schedules, and playbooks for SOC.
- Worked closely with SIEM Admins and IT teams to close visibility gaps in SIEM and raise infrastructure risks to GRC.
Cyber Security Specialist (SOC Engineer)
Ministry of Education // 01/2024 — 12/2024- Administered SIEM/SOAR/NDR solutions.
- Enhanced security detection by creating and testing use cases that cover gaps in the organization's MITRE TTPs.
- Configured and onboarded logs from endpoints, security solutions, and network devices to SIEM.
- Conducted PoCs to test security solutions and create evaluation reports.
Cyber Security Analyst (L1)
Ministry of Education // 06/2022 — 12/2023- Triaged alerts on SIEM from EDR, IPS, IDS, WAF, FW, and escalated true positives in a 24x7 SOC.
- Documented all analysis of alerts and incidents on a SOAR following approved playbooks.
- Responded to incidents and IOCs from NCA's Haseen portal and contacted relevant teams for further actions.
03 // Academic Background
Education
Bachelor's Degree // 08/2017 — 08/2022
Information Technology (Cybersecurity Track)
Al Majmaah University — Al Majmaah, Saudi Arabia
cGPA: 4.3
Graduation project focused on improving website availability by utilizing AWS cloud services.
04 // Credentials
Certifications
GIACWIP
Defensible Security Architect (GDSA)
SANS Institute
GIAC01/2026
Cloud Forensics Responder (GCFR)
SANS Institute
GIAC04/2025
Continuous Monitoring (GMON)
SANS Institute
GIAC04/2024
Certified Detection Analyst (GCDA)
SANS Institute
OffSec12/2023
Defense Analyst (OSDA)
Offensive Security
INE08/2023
eJPTv2
INE / eLearnSecurity
CompTIA01/2023
Security+ & CySA+
CompTIA
AWS12/2021
Certified Cloud Practitioner
Amazon Web Services
05 // Capabilities
Skills
Technical Stack
QRadarElasticSentinelDefenderXSIAMSplunkSecOpsAzureGCPAWSOCIWindowsLinuxKubernetesLog Analysis
Core Competencies
SOC OperationsIncident ResponseThreat HuntingMITRE ATT&CKNCA ComplianceNISTCISThreat IntelligenceNetwork SecurityCloud SecurityCommunicationLeadership