Information Security Senior Associate
Hussain Alassaf
Greetings, My name is Hussain Alassaf. An Information Security Senior Associate specializing in Security Operations (SOC), incident response, and cyber threat intelligence. I focus on proactively detecting, analyzing, and mitigating threats to protect critical systems and stay ahead of an evolving threat landscape.
01. About Me
Background
As an Information Security Senior Associate, I specialize in defending enterprise environments against sophisticated cyber threats. My focus is on continuous monitoring, rapid incident response, and strengthening organizational security posture.
I began my journey with a cooperative training program at SDAIA, where I worked in Vulnerability Assessment and Governance, Risk, and Compliance (VA/GRC), building a strong foundation in security frameworks and risk management. I later completed an internship at D360 Bank, focusing on Vulnerability Assessment and Cyber Fraud, gaining hands-on experience in identifying and mitigating real-world threats.
Currently, I serve as an L2 SOC Analyst and Incident Response Specialist at D360 Bank, where I investigate complex security incidents, lead response efforts, and contribute to enhancing detection and response capabilities across the organization.
Education
Alfaisal University
Bachelor’s Degree in Software Engineering – Cybersecurity Track
Graduated with Second Honors from one of the most prestigious universities in Saudi Arabia.
Relevant Coursework: Network Security, Secure Software Development, Cryptography, Ethical Hacking, Software Project Management
Certifications
02. Portfolio
MASTERM1ND.NET
Designed and released a comprehensive cybersecurity game called masterm1nd.net, aimed at testing and enhancing defensive security skills.
MASTERM1ND Research Paper
Lead co-author of a research paper examining hacking simulation games as a modern educational tool for cybersecurity awareness, based on the development of MASTERM1ND (masterm1nd.net). The research demonstrates how immersive, attacker-centric environments enhance understanding of cyber threats and strengthen mitigation strategies.
Second Honors Graduate
Graduated with second honors from one of the most prestigious and competitive universities in the Kingdom of Saudi Arabia.
Project 1932 Member
Selected to participate in Project 1932, a national initiative recognizing high-potential individuals and emerging talent in Saudi Arabia. The program focuses on developing future leaders and driving impactful contributions aligned with the Kingdom’s vision.
03. Core Skills
Cybersecurity SOC
- SIEM, EDR, Alert Management
- Case Management
- Dashboard Creation & Monitoring
- Threat Analysis, Digital & Brand Protection
Cloud Security Skills
- Microsoft Azure CSPM
- Vulnerability Assessment
- Incident Response Guide Creation
- Qualys
Soft Skills & Languages
- Native in Arabic (Speaking and Writing)
- Fluent in English (Speaking and Writing)
- Analytical Problem Solving
- Excellent Communication
- Time Management
04. Blog
Professional Certificates: Public Achievement or Exposed Identity?
A single document can often reveal more about an individual than dozens of posts. What is commonly shared as proof of achievement may, in reality, carry layers of identity and sensitive information. In the digital space, this distinction is often overlooked.
Read full article
Regaining Control of Your Data: A Battle Users Are Losing
Artificial intelligence is built on data, much of it generated by users in their everyday digital interactions. While these systems continue to advance, visibility and control over how that data is used remain limited. The balance between innovation and ownership is increasingly shifting away from the user.
Read full article
05. Experiences
Information Security Associate
D360 Bank | 04/2025 – Present
As an Information Security Associate within the Security Operations Center (SOC), I am responsible for monitoring, analyzing, and responding to security alerts and incidents across the organization. I work extensively with SIEM and EDR technologies, including ArcSight and Cybereason, to detect and investigate potential threats in real time.
I consistently handle a high volume of alerts, contributing to over 25% of the organization’s monthly incident closures. My role involves performing in-depth analysis, validating threats, and ensuring timely escalation when required.
In addition to operational responsibilities, I support regulatory compliance efforts by assisting in the closure of time-sensitive SAMA observations through thorough evidence collection and detailed documentation. I also contribute to strengthening the organization’s cyber defense capabilities by developing SOC playbooks, refining processes, and aligning internal practices with industry standards and best practices.
Information Security Intern
D360 Bank | 11/2024 – 04/2025
During my internship, I gained hands-on experience in vulnerability assessment and cyber fraud operations. I identified and reported security vulnerabilities using tools such as Qualys, and conducted targeted network scanning using Nmap to support Vulnerability Assessment and Penetration Testing (VAPT) activities.
I also played a key role in the Cyber Fraud function, where I investigated daily fraud-related incidents, analyzed suspicious activities, and escalated cases when necessary. Additionally, I supported SAMA-related cyber fraud reporting, contributing to the organization’s regulatory and security objectives.
Cloud Security Intern
SDAIA | 06/2024 – 11/2024
At SDAIA, I worked within the cloud security domain, focusing on monitoring and enhancing the security posture of cloud environments. I developed, managed, and monitored detection rules within Microsoft Sentinel, a leading SIEM platform, to improve threat visibility and response capabilities.
I collaborated with cross-functional teams to identify, analyze, and remediate vulnerabilities using Microsoft Defender for Cloud. This experience strengthened my understanding of cloud security principles, detection engineering, and proactive risk management in enterprise environments.