Senior Cybersecurity Engineer focused on threat detection, threat hunting, threat intelligence, cloud security, endpoint security, and incident response.
I build practical security engineering projects that convert attacker behavior into detections, hunts, playbooks, and automation.
- Threat Detection Engineering
- Threat Hunting
- Cloud Security: AWS, Azure
- Endpoint Security: Windows, Linux, Sysmon, EDR telemetry
- Threat Intelligence Operationalization
- SIEM Engineering: Splunk, Microsoft Sentinel, Elastic
- Python Security Automation
- MITRE ATT&CK Mapping
| Area | Repository |
|---|---|
| Detection Engineering | sigma-detection-rules |
| AWS Cloud Security | cloudtrail-threat-detection-lab |
| Endpoint Threat Hunting | windows-endpoint-threat-hunting-lab |
| Azure Identity Security | azure-identity-detection-engineering |
| Threat Intelligence | threat-intel-ioc-enrichment-pipeline |
| Security Automation | security-automation-python-tools |
| Malware Triage | malware-triage-yara-rules |
Splunk, Microsoft Sentinel, Sigma, KQL, SPL, YARA, Python, AWS CloudTrail, Azure Entra ID, Sysmon, Windows Event Logs, Linux logs, MITRE ATT&CK, GitHub Actions.
- LinkedIn: https://linkedin.com/in/abdalla-soliman-b7347910b
- GitHub: https://github.com/so1iman