I completed a virtual work experience in Cybersecurity Incident Response Analysis through STC (Saudi Telecom Company).
What I Learned
The program focused on real-world incident response workflows. I gained hands-on experience with:
- Splunk for network log analysis — ingesting logs, building queries, creating dashboards, and identifying indicators of compromise (IOCs)
- Oledump for email attachment analysis — analyzing potentially malicious Office documents and extracting embedded macros and payloads
The Experience
Working through simulated incident scenarios helped me understand the full IR lifecycle:
- Preparation — Setting up monitoring and alerting
- Detection & Analysis — Identifying anomalous activity in logs
- Containment — Isolating affected systems
- Eradication & Recovery — Removing threats and restoring services
- Lessons Learned — Documenting findings and improving defenses
This experience reinforced how critical it is to have proper logging, monitoring, and response procedures in place.
