Mohammed Sayed

Cybersecurity leader with 8+ years of experience in SOC operations, DFIR, and governance, currently leading SOC at EMAAR. Skilled in Cloud Security, Endpoint, IoT/OT, and DevSecOps, with a proven record of reducing MTTR by 40%, cutting false positives by 30%, and ensuring ISO/IEC 27001 and UAE regulatory compliance. Adept at team leadership, tool integration, and aligning security with business goals

• Lead a 7-member SOC team (onshore & offshore) managing 40+ security technologies (Splunk, CrowdStrike, Netskope, Nozomi, Mimecast, Forcepoint, etc.) to secure 8,000+ global users and high-value customers in Hospitality, Entertainment, and Real Estate industries. 

• Enhanced incident response by designing new playbooks and fine-tuning detections, reducing MTTR by 40% and cutting false positives by 30%. 

•Directed critical incident handling (BEC, ransomware, insider threats) under a strict MSSP SLA, achieving 100% P1/P2 SLA adherence across 3+ years. 

• Spearheaded log integration & visibility projects (Salesforce, Oracle Fusion, Netskope ZTNA, Commvault), bridging gaps in compliance and improving business application security. 

• Partnered with GRC and audit teams (ISO/IEC 27001:2022, FAA, PCI DSS), delivering zero major findings in audits, and translating SOC outputs into business-aligned dashboards. 

• Mentored and upskilled analysts via a structured certification roadmap, strengthening SOC maturity and independence. 

•Drove tool rationalization & process improvement, decommissioning redundant solutions and establishing SOPs, reducing operational costs by ~15% while aligning SOC scope with MSSP contracts

Bachelor of Technology (B.Tech) in Computer Science & Engineering