Hey there! My name is Diab.
I hack things for fun!
Passionate cybersecurity expert! I tend to spend my time searching for new cybersecurity knowledge.
About Me
I am a computer engineer graduate working as a SIEM/SOC analyst at OKIOK Data ltd in Montreal, Quebec, Canada. I am also currently pursuing a master’s degree in computer engineering with a cybersecurity option, minoring in GRC and Management (see Education section).
I have a strong interest in the intersection of technology and cybersecurity. I am always looking to further improve my skills and knowledge in cybersecurity as well as computer engineering.
I aim to learn anything there is to know about security in the Cloud, such as AWS, Azure and GCP. To do so, I aim to aquire certifications in the most known cloud providers and achieve the role of Cloud Security Architect.
Professional Experience
I am currently responsible of managing, improving, and supporting a SIEM-as-a-service (SaaS) tool packaged for clients. It is based on Elasticsearch, Kibana, AWS, and custom pipelines wirtten in Python, Golang and Terrafom.
- Develop, update, and maintain over 150 detection use cases, using Lucene and KQL, ensuring continuous improvement in threat identification and response on Elasticsearch and Kibana, as well as provide cybersecurity insights to clients and management.
- Engineer server-less pipeline structures, such as log parsing, using Golang, Python and Terraform, optimizing performance and scalability, as well as enhance parsing capabilities for various new systems including Microsoft logs, Linux, Mac, and cloud providers (Azure, GCP), contributing to comprehensive threat visibility.
- Create, organize, and present new KPIs to management to showcase the team’s yearly upgrade in security coverage and tendencies using Elastic Dashboard.
- Assist and support current clients with log analysis and threat hunting by demonstrating a proactive and technical approach, as well as engaging with potential new clients through sales pitches and presentations.
I was tasked of managing, improving, and supporting our internal SIEM for the company. We used Microsoft Sentinel, a bunch of Azure services, deployed using Ansible, and automations done using Logic Apps and Azure functions.
- Created over 70 new security detection rules and upgraded and maintained old ones, as well as automated and improved standard incident response to multiple procedures using Azure Logic Apps, Azure Functions and PowerShell scripts.
- Improved security coverage by implementing multiple and different monitoring methods through Azure Monitor and Azure AD to implement DLP procedures.
- Implemented multiple infrastructure as code (IaC) through code logic using Ansible, reducing errors and implementation time by over 30% and reducing time required for tasks.
I was tasked to assist a non-technical team in their transition to Azure DevOps Boards, an Azure web-based service for team management and tracking. I also helped them by creating custom extensions in Typescript/JavaScript to improve effiency.
- Developed, tested, and released custom extensions in Typescript/JavaScript on Azure DevOps Boards according to the demands of the team, improving team efficiency by over 20%.
- Learned and used Azure’s REST API implemented in extensions using HTTP requests and REST API clients.
Education
August 2023 - December 2024
Master’s in Computer Engineering (M. Eng)
Polytechnique Montreal
GPA:
3.88 out of 4.0
Cybersecurity option, GRC (Governance, Risk, Compliance) and Management
August 2018 - May 2022
Bachelor’s in Computer Engineering (B. Eng)
Polytechnique Montreal
Minor in IT Security and Mobility
Get in Touch
My inbox is always open. Whether you have a question or just want to say hi, I’ll try my best to get back to you!