Dounya Saidi Saidi

-Supervised and optimized LogRhythm SIEM to enhance threat detection and incident response through comprehensive reporting and analysis.

- Conducted thorough threat investigations using CrowdStrike to identify, analyze, and remediate security incidents, reporting findings to stakeholders and contributing to enhanced security strategies.

-Leveraged Microsoft security tools to ensure robust endpoint protection and vulnerability management strategies, including the development and enforcement of security policies across the organization.

-Monitored and maintained Fortinet firewalls to enforce network security policies, improving threat prevention and reducing unauthorized access incidents.

-Led user access and permissions through systematic user access management, ensuring compliance with security policies and minimizing unauthorized access risks.

- Generated detailed security report to provide insights on user activity and access patterns, informing management decisions and guiding policy adjustments.

- Utilized Tripwire for continuous monitoring and compliance reporting, ensuring the integrity of critical systems while creating policies to govern system changes.

-Enforced security policies for Brivo access control systems, integrating physical security measures with cybersecurity protocols for comprehensive protection.

-Managed email security solutions using Proofpoint, effectively filtering threats and enhancing user training and policy development.

-Utilized IBM Security Console for centralized management of security alerts, streamlining incident response workflows and creating incident response policies.

- Provided technical support and troubleshooting via ServiceDesk, ensuring timely resolution of cybersecurity-related issues and enhancing user satisfaction while documenting processes for future reference.

- Collaborated with Kyndryl for infrastructure security assessments, identifying and mitigating potential risks in hybrid cloud environments while establishing policies to maintain security compliance

• Data Loss Prevention (DLP):

Develop, implement, and enforce DLP policies that align with the organization's data protection requirements and industry regulations.

Monitor DLP alerts and incidents to identify potential data breaches, policy violations, or other security threats.

Investigate data security incidents and policy violations, determining the root cause and implementing remediation actions.

Configure and manage DLP tools and technologies to ensure they effectively prevent data loss across various channels (email, web, endpoints, etc.).

Develop and deliver training programs to educate employees on DLP policies, best practices, and the importance of data protection.

Maintain documentation of DLP policies, incident details, investigations, and remediation actions for future reference and analysis.

Collaborate with IT teams to enforce DLP policies across different platforms, networks, and storage systems.

Generate regular reports on DLP activities, incident trends, policy effectiveness, and compliance status. Provide insights and recommendations to management.

• SQL, Identify unauthorized access attempts in security logs. Check for suspicious network activity. Find systems with high-severity vulnerabilities. Look for failed login attempts. Count security incidents by date for reporting. Check for recent admin access to databases.
• Conducted security audits to identify vulnerabilities.
• Detecting cybersecurity events in Realtime & address them as quickly & effectively as possible (SOC/ISOC) team
• Authored security incident reports, highlighting breaches, vulnerabilities and remedial measures.
• Developed and maintained incident response protocols to mitigate damage and liability during security breaches.
• Analyzed network traffic and system logs to detect malicious activities.
• Executed penetration testing to identify security weaknesses and develop disaster recovery plans.
• Encrypted data and erected firewalls to protect confidential information.
• I take pride in my role in safeguarding customer data, mitigating potential risks, and ensuring integrity of our systems. This commitment not only preserves trust of our customers but also plays pivotal role in preventing significant financial losses for company.
• Conducted forensic analysis on disk and cloud storage, ensuring data integrity.
• - Maintained chain of custody, adhering to legal standards and authentication measures
• Implemented secure storage practices with encryption and access controls.

• Developed plans to safeguard computer files against modification, destruction, or disclosure.
• Researched and developed new computer forensic tools.
• Used critical thinking to break down problems, evaluate solutions and make decisions.
• Proven ability to learn quickly and adapt to new situations.
• Worked well in team setting, providing support and guidance.
• Paid attention to detail while completing assignments.
• Identified issues, analyzed information and provided solutions to problems.
• Reviewed violations of computer security procedures and developed mitigation plans.
• Monitored use of data files and regulated access to protect secure information.

• Creation of Incident Response
• Network security monitoring
• Working with firewalls and antivirus software
• Web application security testing
• Penetration testing techniques
• Threat research and evaluation