Aymen Raissi

. Monitor EDR alerts and dashboards across 75,000+ endpoints.

. Tune and optimize detections to reduce false positives in high-volume environments.

. Build and manage custom detection rules.

. Lead investigations into endpoint-based incidents using EDR telemetry, log data, and threat intelligence.

. Conduct proactive hunts across enterprise endpoints based on emerging TTPs and IOCs.

. Develop and maintain endpoint security baselines and policies tailored to business needs.

• Performs network security monitoring and incident response for a large organization.
• Maintains records of security monitoring and incident response activities, utilizing case management and ticketing technologies (SOAR).
• Proficiency in using security tools and technologies including SIEM (Splunk, LogRhythm, Qradar, etc) IDS/IPS (RSA, Trellix, etc) EDR (Endgame, CrownStrike, DarkTrace, etc) and AV (Trend Micro, McAfee, etc).
• Knowledge of creating Security Information Event Management (SIEM) rules.
• Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
• Recommend changes to Standard Operating Procedures and other similar documentation.
• Generates reports for documentation and knowledge transfer to subsequent analysts on duty.

• Assigned as IT support in Ministry of Transportation and Communication.
• Research and identify solutions to software and hardware issues.
• Diagnose and troubleshoot technical issues, including account setup and network configuration.
• Track computer system issues through to resolution, within agreed time limits.
• Properly escalate unresolved issues to appropriate internal teams (e.g. software developers).
• Provide prompt and accurate feedback to customers.
• Ensure all issues are properly logged in ticketing system.
• Prioritize and manage several open issues at one time.
• Follow up with clients to ensure their IT systems are fully functional after troubleshooting.
• Prepare accurate and timely reports.
• Document technical knowledge in the form of notes and manuals. Maintain jovial relationships with clients.

• Work in multiple projects (Kahramaa, Al Qamra holding, Al Jazeera seashell)
• Install and configure computer hardware operating systems and applications.
• Monitor and maintain computer systems and networks.
• Talk staff or clients through a series of actions, either face-to-face or over the phone, to help set up systems or resolve issues.
• Troubleshoot system and network problems, diagnosing and solving hardware or software faults.
• Provide support, including procedural documentation and relevant reports follow diagrams and written instructions to repair a fault or set up a system.
• Support the roll-out of new applications.
• Set up new users' accounts and profiles and deal with password issues.
• Respond within agreed time limits to call-outs work continuously on a task until completion (or referral to third parties, if appropriate).
• Prioritise and manage many open cases at one time rapidly establish a good working relationship with customers and other professionals, such as software developers.
• Test and evaluate new technology.

• Monitor and respond quickly to incoming requests relate to IT issues.
• Maintain computer systems and act as support if any system goes down.
• Responsible for PC’s, Printers, Servers, and related equipment (monitor, keyboard, mouse, hard drive, etc).
• Maintain user PCs, including upgrades and configuration as needed.
• Assist with the onboarding of new users.
• Keep an inventory of all equipment, software, and license users.
• Install, configure, and upgrade PC software.
• Use of Remedy to report and track all local and enterprise issues associated with network and systems operations.