Cairo, Egypt
Cybersecurity Portfolio
Esmail Nouralden
Cybersecurity Analyst
Cybersecurity Analyst with hands-on experience in SOC operations, log analysis, threat detection, and Linux administration. Skilled in Splunk, IBM QRadar, ELK Stack, Suricata, Wireshark, and Python for security monitoring, alert triage, and incident response. Knowledgeable in phishing investigation, malware analysis basics, brute-force attacks, ransomware scenarios, and network traffic analysis.
SOC OperationsThreat DetectionIncident ResponseSIEM Monitoring
Skills
Technical Skills
Detection & Analysis
Security Tools
Incident Response
Networking
Systems
Programming
Experience
Professional Experience
Linux System Administrator
Oct 2024 - June 2026ISTQSERVERMaadi, Egypt
- Maintain and harden Linux servers, ensuring 99.9% uptime and secure operations.
- Conduct system audits, patching, and health checks to reduce vulnerabilities.
- Monitor and analyze logs, troubleshoot servers, coordinate with datacenter teams.
Cybersecurity Trainee
Sep 2025 - Nov 2025National Telecommunication Institute (NTI)Internship
- Performed SOC, network, and cloud security labs using F5 and Trellix.
Projects
Projects
Smart Road Security System
Built an AI-based stolen car detection system in Python/C paired with real-time alerting.
Security Triage Project
Ingested and correlated Windows, Linux, and Suricata logs in Splunk; validated alerts, analyzed PCAP traffic, identified IOCs mapped to MITRE ATT&CK.
Video
IBM QRadar SIEM Lab — Linux & Windows Log Integration
Built a hands-on IBM QRadar SIEM lab and configured Linux and Windows log ingestion. Integrated Linux logs using rsyslog over Syslog and Windows Event Logs using IBM WinCollect. Validated event ingestion through Log Activity, tcpdump, and AQL searches. Created custom DSM parsing, regex-based custom properties, and QID mappings for authentication, privilege escalation, user creation, and command execution events.
SSH Brute Force Investigation using Wazuh SIEM
Built a hands-on Wazuh SIEM investigation lab to detect and analyze SSH brute-force activity using Linux authentication logs and endpoint telemetry. Correlated failed SSH login attempts with Wazuh alerts to identify the attacker source IP, targeted accounts, MITRE ATT&CK T1110/T1110.001 mapping, and confirmed that no successful authentication occurred.
Education
Education
Sep 2019 — Jul 2024
Bachelor of Engineering — Electrical, Communication & Electronic Systems
Modern Sciences and Arts University
Giza, Egypt
GPA: 3.28
Sep 2022 — Sep 2023
Diploma in Cybersecurity Engineering
IT Gate Academy
Nasr City, Egypt
Grade: Very Good
Certifications
My Certifications
Cyber Security SOC Analyst Training – SIEM (Splunk)
Udemy
May 2022
Verify
Preview available
Introduction to Cybersecurity
Cisco
July 2022
Verify
Preview available
CCNA: Introduction to Networks
Cisco
August 2022
Verify
Preview available
CCNAv7: Switching, Routing, and Wireless Essentials
Cisco
October 2022
Verify
Preview available
CCNA: Enterprise Networking, Security, and Automation
Cisco
November 2022
Verify
Preview available
eCIR Prep
Netriders Academy
June 2025
Verify
Preview available
NTI Certificate
NTI
September 2025
Preview available
SOC Analyst Job Role Path
Hack The Box (HTB)
January 2026
Verify
Preview available
SOC Level 1
Try Hack Me
June 2026
Verify
Preview available
Courses
Completed Courses
CCNA
MCSA
Linux Administration I
Python for Security
Fortinet NSE 4
CEH
IBM Security QRadar SIEM Foundations
eCIR Preparation
Contact
Get in Touch
Open to cybersecurity opportunities, SOC roles, and security engineering positions.