Cybersecurity specialist from Egypt, combining blue team defense and
red team offense expertise.
Specializing in SOC operations, threat detection, incident response, malware analysis,
and digital forensics — with 1,000+ hours of hands-on training.
I'm Ahmed Shaban Owaid, an experienced cybersecurity professional from Egypt, specializing in SOC operations, threat detection, and incident response. With over 1,000 hours of hands-on training in advanced malware analysis, digital forensics, and both blue team defense (proactive threat hunting and system hardening) and red team offense (penetration testing and vulnerability exploitation), I deliver comprehensive security solutions. What sets me apart is my dual expertise in blue team strategies using SIEM platforms (Splunk, QRadar, Wazuh, FortiSIEM) and red team tactics for offensive simulations — enabling me to anticipate and neutralize threats effectively, as demonstrated in my top-of-class achievements in Kayfa SOC Analyst and NTI FortiGate Firewall programs. I excel in building secure environments, from designing full-scale homelabs to delivering court-ready forensic reports.
🔍
SOC Operations & Threat Detection
Real-time threat monitoring, custom dashboard creation, and alert triage across multiple SIEM platforms.
Leverage expertise in blue team, security operations, and incident handling to provide seamless integration of detection-as-code, NIST-aligned controls, and detailed incident response reporting across IBM QRadar, Splunk, Wazuh, and FortiSIEM — minimizing downtime and enhancing your security posture. Contact me today to optimize your SOC and strengthen threat detection capabilities.
🔬
Digital Forensics & Incident Response
Court-admissible investigations on Windows, Linux, and macOS with full chain-of-custody documentation.
Thorough evidence acquisition, preservation, and anti-forensics countermeasures delivering structured reports that support legal proceedings and rapid recovery. Trust my forensic integrity to turn breaches into actionable insights. Reach out now to secure expert forensic support for your incident response needs.
🦠
Advanced Malware Analysis
Static and dynamic malware investigations using sandbox environments and behavioral analysis techniques.
Deep investigation uncovering payload mechanisms, persistence methods, evasion tactics, and C2 communications using sandbox environments, hashing tools, network/registry monitoring, and behavioral analysis techniques honed through Mahara-Tech training. Comprehensive reports empower SOC and IR teams to neutralize sophisticated threats.
⚔️
Penetration Testing & Vulnerability Assessment
Targeted red team offensives — web app testing, network reconnaissance, and Active Directory attacks.
Manual web application testing against OWASP Top 10 (authentication bypasses, logic flaws), network recon, and AD penetration with privilege escalation and credential attacks. eJPT-backed skills combined with custom Python/Bash scripting yield professional reports with business impacts and remediation strategies.
🏗️
Homelab Design & Training
Bespoke enterprise simulations with OPNsense, Active Directory, TheHive, Cortex, MISP, and Velociraptor.
Build enterprise-grade simulations with VLAN segmentation, DNS/DHCP, TheHive for case management, Cortex for automated analysis, MISP for threat intelligence sharing, and Velociraptor for endpoint forensics — offering dual blue/red team training to upskill your staff and test defenses in a controlled, realistic environment.
Academic Background
🎓
Bachelor of Science in Electronics and Communication Engineering
Beni-Suef University
📍 Egypt📅 2021 – 2026
// 03 Skills
Technical Arsenal
With a blend of technical prowess and analytical mindset, I deliver value through rapid threat mitigation and enhanced security postures. Key skills include:
Active DirectoryDNS/DHCPTheHiveCortexMISPVelociraptorDetection as CodeDVWA
Professional Timeline
Digital Forensics Investigator
DEPI
Nov 2025 – Jul 2026
INTERNSHIP
Full-cycle digital forensics investigations on Windows, Linux, and macOS — evidence acquisition, preservation, chain-of-custody, analysis, and court-ready reporting.
Forensic imaging and analysis of file systems, disk artifacts, network traffic, malware, databases, web apps, and email evidence.
Applied anti-forensics countermeasures and maintained strict forensic integrity to ensure legal admissibility.
Completed real-world capstone project delivering structured forensic reports and findings.
Penetration Testing
IPP INC — Cairo, Egypt
Aug 2025 – Sep 2025
INTERNSHIP
In-depth network reconnaissance, traffic analysis, and manual vulnerability discovery across Linux and Windows environments.
Hands-on web application security testing targeting OWASP Top 10, authentication logic, and custom attack vectors.
Privilege escalation and credential attacks using manual methods and controlled exploitation.
Developed Python and Bash scripts to automate repetitive tasks and support custom testing scenarios.
Produced professional penetration testing reports with findings, business impact, and remediation recommendations.
Fortinet FortiGate Firewall
NTI & ITIDA
Jun 2025 – Jul 2025
🏆 TOP OF CLASS — 100% SCORE
Configured FortiGate firewalls, security policies, IPS, web filtering, and user authentication.
Implemented SSL/IPSec VPNs and SD-WAN configurations.
Built Splunk dashboards/queries, performed incident response (phishing, exfiltration), Linux CLI, and Wireshark traffic analysis.
Applied NIST 800-53, Cyber Kill Chain, and OWASP Top 10 frameworks.
SOC Professional Analyst
Kayfa
Jun 2024 – Dec 2024
🏆 TOP OF CLASS — 350 HOURS
Monitored and analyzed security events using Splunk and IBM QRadar SIEM.
Configured Microsoft Active Directory, hardened Linux systems, and supported SOC incident response.
Studied real-world Splunk case studies and applied DFIR techniques.
Featured Work
PROJECT 01
Enterprise Homelab Simulation
Designed and operated a full-scale security lab with VLAN segmentation, Active Directory (DNS/DHCP), OPNsense firewall, DVWA, MailHog, TheHive, Cortex, MISP, and Velociraptor. Integrated QRadar SIEM with custom detection rules — 1,000+ hours invested.
Active DirectoryQRadar SIEMOPNsenseTheHiveMISPVelociraptor
Investigated lateral movement and persistence in a simulated attack. Used packet captures, log correlation, and Wireshark to map TTPs — improving detection by 40% in lab metrics. Delivered structured reports with actionable findings.
Conducted static and dynamic analysis on real-world malware samples, producing comprehensive reports that supported SOC teams in mitigation strategies. Uncovered payload mechanisms, persistence methods, and C2 communications.
Ready to elevate your cybersecurity defenses? Let's discuss how my blue/red team expertise can protect your organization. I respond within 24 hours and am available for remote work or relocation.
