Threat intelligence
Open To Work
Mohamed Farah
Cyber Security
Lakeville,MN
Work Preference
Summary
Dynamic cybersecurity leader with over 10 years of progressive experience in developing and scaling enterprise Cyber Threat Intelligence (CTI), and Threat Hunting programs across diverse sectors, including healthcare, financial services, and industrial environments. Proven track record of operational leadership enhances the ability to influence executive stakeholders and drive proactive security strategies that significantly mitigate organizational risk. Expertise in managing multi-million dollar budgets and leading global 24/7 security operations has resulted in successful intelligence-driven security transformations across public cloud, enterprise, and operational technology (OT) environments. Committed to fostering a culture of security awareness and resilience within organizations.
Overview
10
10
years of professional experience
3
3
Certification
Work History
Manager Threat & Detection Engineering
Rockwell Automation
Minneapolis, MN
04.2024 - Current
- Led initiatives to own and execute comprehensive CTI and proactive defense strategies, significantly impacting security posture in a multi-billion dollar organization.
- Designed and implemented enterprise threat hunt program, significantly increasing proactive threat detection coverage and improving response times.
- Oversaw development and execution of cloud security strategies, focusing on advanced detection methodologies.
- Spearheaded initiatives that integrated intelligence into SOC incident response and engineering workflows, resulting in measurable risk reduction and expedited response times.
- Administered cybersecurity budget exceeding multi-million dollars, focusing on strategic vendor investments and effective management of security tool deployment for improved visibility.
- Developed and presented intelligence briefings and regulatory reports that shape security roadmaps and investment strategies.
- Initiated and structured a comprehensive global threat hunting program, ensuring full operational capability within the first year.
- Implemented strategies to drive measurable improvements in threat detection, safeguarding organizational assets.
Staff Security Analyst, Threat Intelligence
Robinhood
Minneapolis, MN
11.2022 - 04.2024
- Spearheaded strategic initiatives to enhance global security capabilities within a highly regulated finance environment.
- Spearheaded design and launch of enterprise threat hunting program to enhance proactive threat identification.
- Presented executive-level intelligence briefings, driving strategic security investment decisions.
- Implemented comprehensive threat intelligence playbooks, significantly reducing manual analysis duration and improving incident response speed.
- Developed and implemented comprehensive threat hunting strategies to strengthen organizational security posture.
- Developed and integrated automated solutions to improve operational efficiency and scalability of intelligence processes.
Senior Manager, Cyber Threat Operations
Morgan Franklin Consulting
Minneapolis, MN
04.2022 - 11.2022
- Led global teams in delivering incident response and cyber threat intelligence services for enterprise clients across healthcare, manufacturing, and finance sectors.
- Directed end-to-end technical resolution for critical incidents, managing stakeholder escalations and ensuring compliance with business and regulatory standards.
- Crafted executive-level briefings for leadership, regulators, and legal stakeholders, translating complex technical findings into actionable risk insights.
- Directed complex incident response engagements, ensuring executive visibility and adherence to regulatory standards.
- Engineered scalable CTI program frameworks embraced by numerous enterprise clients.
Sr Threat Intelligence Analyst 1
Principal Financial
Minneapolis, MN
11.2020 - 04.2022
- Oversaw the development of the enterprise CTI program, integrating strategic intelligence products with key business objectives and stakeholder expectations.
- Coordinated team efforts to monitor emerging threats while optimizing vendor service procurement processes.
- Directed attack surface management efforts to enhance defensive posture, providing executive stakeholders with timely updates on landscape changes.
- Conducted thorough quality assessments of intelligence products and provided guidance and mentorship to junior analysts.
- Oversaw vendor partnerships and played a key role in selecting tools aimed at improving intelligence capabilities and reducing costs.
- Collaborated with cross-functional teams to launch a comprehensive enterprise CTI program, improving threat detection and response capabilities.
- Delivered high-impact intelligence reports to enhance strategic decision-making at the executive level.
Lead Threat Intelligence Analyst
Thrivent Financial
Minneapolis, MN
03.2020 - 11.2020
- Directed implementation of enterprise solution to optimize operational efficiency and streamline integration processes.
- Performed comprehensive data mining and integrated multi-source analysis to identify and mitigate potential risks to company assets.
- Collaborated with global security teams and vendors to optimize defensive measures and ensure robust security protocols.
Senior CTI Analyst & Threat Hunter
Express Scripts/Cigna
Minneapolis, MN
04.2018 - 03.2020
- Maintained operational continuity during a large-scale corporate merger while Caring for team stability.
- Directed implementation of CTI technology stack, focusing on TIP and case management systems, to modernize digital forensics and incident response operations.
- Developed and implemented comprehensive hunting engagements, mapping log sources to MITRE ATT&CK framework to strengthen threat detection coverage.
- Provided technical guidance on control measures for emerging threats during situational awareness briefings, supporting leadership in risk management and operational readiness.
- Developed and executed structured threat hunting strategies to advance detection maturity in cybersecurity operations.
Education
Master of Science - Security Technologies, Cyber Security
University of Minnesota
Minneapolis, MNBachelor of Science - Information Technology
Saint Mary’s University of Minnesota
Minneapolis, MNSkills
- Team leadership
- Time management
- Decision-making
- Continuous improvement
- Regulatory requirements
- Regulatory reporting
- Operational leadership
- Project management
- Root cause analysis
- Automation
- Incident response
- Threat intelligence
- Threat hunting
- Cloud security
- Insider threat
- Vulnerability management
- Attack Surface Reduction
- Security Operations
- Global security
- Cyber security
Certification
- Certified Expert in Cyber Investigations (CECI)
- Certified Cyber Investigative Expert (CCIE)
- Certified Counterintelligence Threat Analyst (CCTA)
Work Availability
monday
tuesday
wednesday
thursday
friday
saturday
sunday
morning
afternoon
evening
swipe to browse
Interests
Threat Hunting
Insider Threat
Attack Surface Reduction
Leadership
Timeline
Manager Threat & Detection Engineering
Rockwell Automation
04.2024 - Current
Staff Security Analyst, Threat Intelligence
Robinhood
11.2022 - 04.2024
Senior Manager, Cyber Threat Operations
Morgan Franklin Consulting
04.2022 - 11.2022
Sr Threat Intelligence Analyst 1
Principal Financial
11.2020 - 04.2022
Lead Threat Intelligence Analyst
Thrivent Financial
03.2020 - 11.2020
Senior CTI Analyst & Threat Hunter
Express Scripts/Cigna
04.2018 - 03.2020
Bachelor of Science - Information Technology
Saint Mary’s University of Minnesota
Master of Science - Security Technologies, Cyber Security
University of Minnesota