M.ALDHAFEERI/sec
available · ksa
SOC / THREAT DETECTION / INCIDENT RESPONSE

Mohammad
Aldhafeeri.
// defender

Cybersecurity fresh graduate from University of Hafr Al-Batin. I monitor, hunt, and respond — from SOC dashboards to MITRE ATT&CK chains, log pipelines and honeypots.

> view projects contact.me()
mohammad@soc-kfmc — ~/ops
whoami --verbose
> mohammad_aldhafeeri
> role: cybersecurity_analyst
> location: Riyadh, KSA
 
cat ./stack.json
{
  "siem": ["ELK", "Wazuh", "Splunk"],
  "offense": ["Metasploit", "Burp", "Nmap"],
  "framework": "MITRE ATT&CK",
  "compliance": ["NCA ECC", "SAMA"]
}
 
./status --check
[OK] graduated · May 2026
[OK] co-op completed · KFMC
[OK] open to opportunities
 
[ 01 ]

About.

identity · origin · mission

I'm a cybersecurity fresh graduate with hands-on experience in security monitoring, network defense, and information security auditing.

My recent chapter includes a Cybersecurity Specialist co-op at King Fahad Medical City (KFMC), where I worked across SOC operations — real-time threat detection, log analysis, incident response, and endpoint protection across hospital infrastructure.

Outside the co-op, I build lab environments: a honeypot + SIEM pipeline for my capstone, offensive security exercises on TryHackMe and HackTheBox, and certifications from Cisco, SDAIA, and Tuwaiq Academy.

I'm aiming for SOC Analyst, Threat Hunter, or Security Audit roles — with a particular interest in the intersection of detection engineering and the Saudi regulatory landscape (NCA ECC, SAMA).

Education
BSc Cybersecurity Univ. of Hafr Al-Batin Feb 2022 — May 2026
Based in
Riyadh, Saudi Arabia open to relocation
Languages
Arabic — Native English — Professional
Status
● Available for hire graduation · May 2026
[ 02 ]

Experience_

log entries
JUN — AUG
2025

Cybersecurity Specialist · Co-Op

King Fahad Medical City (KFMC), Riyadh

Monitored and analyzed cybersecurity systems and network protection, supporting real-time threat detection across hospital infrastructure.

Participated in incident response operations and log analysis, supported IT teams in managing security systems and endpoint protection.

SOC Monitoring Incident Response Log Analysis Endpoint Protection Healthcare Infra
FEB 2022
— MAY 2026

Bachelor in Cybersecurity

University of Hafr Al-Batin (UHB)

College of Computer Science & Engineering — coursework across network security, cryptography, secure systems, digital forensics, and governance/compliance. Capstone: Honeypot + SIEM Threat Detection Platform.

Network Security Cryptography Forensics Governance
[ 03 ]

Projects/

selected works · 2025–2026
#01
PROJECT 001 · CAPSTONE 2026

Honeypot + SIEM

> Threat Detection & Centralized Security Monitoring Platform

Designed and deployed a Cowrie / T-Pot honeypot integrated with an ELK / Wazuh SIEM to capture and analyze real-world attacker behavior in a controlled environment. Built log collection pipelines, wrote threat detection rules, and created dashboards — mapping observed TTPs to MITRE ATT&CK and generating SOC-style incident reports.

Cowrie T-Pot ELK Stack Wazuh MITRE ATT&CK Detection Rules Dashboards
ACTIVE
[ATTACKER]
    │
    ▼
[HONEYPOT]
 Cowrie/T-Pot
    │
    ▼
[LOG PIPELINE]
    │
    ▼
[SIEM]
 ELK · Wazuh
    │
    ▼
[MITRE ATT&CK]
    │
    ▼
[SOC REPORT]
#02
PROJECT 002 · CO-OP 2025

KFMC Monitoring

> Hospital SOC contribution

Contributed to security monitoring and incident response operations during the KFMC internship — supported log review, alert triage, and network protection workflows inside a live healthcare SOC environment.

SOC Alert Triage Log Review Network Defense
COMPLETED
[ HOSPITAL NET ]
      │
   ┌──┴──┐
   │ SOC │
   └──┬──┘
      │
 ┌────┴────┐
 │ TRIAGE  │
 │ REVIEW  │
 │ DEFEND  │
 └─────────┘
#03
PROJECT 003 · LAB

Pentest Lab

> Offensive security exercises

Hands-on vulnerability assessment and exploitation — web app testing, network recon, and privilege escalation chains — using Kali Linux, Metasploit, Nmap, Burp Suite, and Wireshark. Ongoing practice on TryHackMe and HackTheBox.

Kali Linux Metasploit Nmap Burp Suite Wireshark THM / HTB
ONGOING
[ RECON ]
    │
[ SCAN ]
    │
[ EXPLOIT ]
    │
[ PRIV-ESC ]
    │
[ PERSIST ]
    │
[ REPORT ]
[ 04 ]

Technical Stack*

tools · frameworks · domains
DEF
SOC Operations & Monitoring
alerting · triage
SIEM
ELK · Wazuh · Splunk
log pipelines · dashboards
OFF
Penetration Testing
web · network · wireless
HUNT
Threat Intelligence & Hunting
IoC · behavioral
VA
Vulnerability Assessment
scanning · reporting
IR
Incident Response & Forensics
containment · analysis
TOOL
Kali · Metasploit · Nmap
offense toolkit
TOOL
Wireshark & Burp Suite
traffic · web testing
FW
MITRE ATT&CK Framework
TTP mapping
NET
Firewalls · IDS/IPS · VPN
perimeter defense
DEV
Log Analysis · Python
scripting · automation
GOV
NCA ECC · SAMA Compliance
KSA regulatory
[ 05 ]

Certifications#

credentials · verified
40H
CERT

Information Security Systems Audit

Tuwaiq Academy · 40 hours
FEB 2026
NET
102

Network Security 102

Satr — Tuwaiq Academy
JAN 2026
CISCO
EH

Ethical Hacker

Cisco Networking Academy
JAN 2026
CISCO
ND

Network Defense

Cisco Networking Academy
JAN 2026
AI
HRZ

AI Horizons

IBM SkillsBuild & eYouth
JAN 2026
SDAIA
AI

Fundamentals of Artificial Intelligence

SDAIA (SAMAI)
SEP 2025
[ 06 ]

Contact.

establish connection

let's build
something secure
together.

// Open to SOC Analyst · Threat Hunter · Security Audit roles across KSA.
// Reach out — response guaranteed within 24 hours.

email
Mohmmad.Aldhfeeri@outlook.com
phone
+966 59 291 7727
linkedin
/in/mohmmad-aldhfeeri
github
@Mohmmadaldhfeeri