Mahmoud EL-MOUDAD

MAHMOUD EL-MOUDAD

SOC Analyst & Cybersecurity Professional

Specialized in SIEM administration, threat detection, and incident response with 6+ years of hands-on experience securing enterprise and public sector systems.

6+ Years Exp

50+ Clients

5+ Certs

3 Languages

About Me

I am a dedicated SOC Analyst with over 6 years of experience in cybersecurity and security operations. My expertise spans SIEM administration, threat detection, incident analysis, and security governance across enterprise and public sector environments.

Passionate about protecting digital assets, I specialize in designing detection strategies aligned with the MITRE ATT&CK framework, analyzing complex security incidents, and implementing continuous improvements to SOC operations.

Currently advancing toward an Information Security Officer role, with a focus on security governance, risk management, and enterprise-level threat intelligence.

Professional Experience

SOC Analyst

EDAN / POST Luxembourg

Oct 2024 – Present

Monitor and analyse security events for POST and external customers using SIEM and EDR solutions with precision and efficiency.
Handle high-volume alert processing per shift, delivering accurate initial analyses aligned with customer SLAs.
Correlate SIEM and EDR data with external intelligence sources to investigate alerts and provide actionable recommendations.
Reduce false positives through strategic rule tuning and whitelisting to enhance detection effectiveness.

SIEM Admin Engineer

Sogeti Luxembourg

Nov 2022 – Sep 2024

Deployed and upgraded IBM QRadar and Microsoft Sentinel platforms across multiple enterprise environments.
Designed and fine-tuned detection rules aligned with MITRE ATT&CK framework for optimal threat detection.
Conducted technical audits of logging and monitoring infrastructure, recommending improvements for enhanced security visibility.
Managed access controls via Active Directory and Keycloak while maintaining SOC systems with VMware vCenter.

Support & MSSP Consultant

Dataprotect

Mar 2022 – Oct 2022

Deployed and configured IBM QRadar, IBM Guardium, and Tripwire Enterprise in diverse client environments.
Provided comprehensive support and incident resolution on deployed platforms within agreed SLA timelines.
Contributed to vulnerability assessment activities and delivered strategic remediation recommendations.

IT Consultant

Corporate Software

Apr 2019 – Feb 2022

Led enterprise-scale implementation projects for IBM QRadar and IBM Guardium across government and commercial sectors.
Designed sophisticated use cases, reports, and dashboards to enhance visibility and improve threat detection capabilities.
Orchestrated SVN to Git migration project ensuring data integrity and seamless user adoption.

Technical Skills

🔐 Security & Governance

ISMS fundamentals & security policies
Technical risk analysis & incident response
MITRE ATT&CK framework
Vulnerability assessment & remediation

🎯 SIEM & Detection

IBM QRadar administration
Microsoft Sentinel configuration
Detection rule design & tuning
Log correlation & parsing

🛠️ Security Tools

Splunk, Cortex XDR, Microsoft Defender
IBM Guardium, Tripwire Enterprise
Active Directory, Keycloak, Passbolt
ServiceNow ITSM, VirusTotal, AbuseIPDB

☁️ Infrastructure

VMware vCenter administration
Red Hat Linux 7 & Rocky Linux
Docker & containerization basics
Cloud security monitoring

Certifications & Education

Master's Degree

INTENSE – Innovation and Digital Transformation

Université Côte d'Azur, France

Engineering Degree

EMSI – Computer Engineering and Networks

École Marocaine des Sciences de l'Ingénieur, Morocco

Certified in Cybersecurity (CC) – ISC² ITIL v4 Foundation IBM QRadar SIEM V7.3.2 MTA: Windows Server Admin MTA: Database Fundamentals CompTIA CySA+ (In Progress)

About Me

Current Role

Location

Expertise