K.A — CV / 2025 // RIYADH · SA
Brief Experience Competencies Education Qualifications
SECURE / DESIGN / DELIVER

Khalid
Abuelhassan.

10+
Years in Cybersecurity
5
Companies / Roles
15+
Vendors Certified
2
Languages — AR / EN

Cybersecurity engineer with over a decade of progressive experience serving Enterprise and SMB customers — designing and proposing solutions that address security challenges, then delivering the presentations, demonstrations and proofs of concept that close them.

01 / Experience

Career timeline

MAR 2021 — PRESENT
CURRENT

Kaspersky Lab

Pre-sales Manager / Saudi Arabia & Bahrain
Team leadership — supervised and led a team of 3 employees, conducted performance reviews, managed recruitment and onboarding.
Solution architecture — planned, developed and tested technical solutions and architectures aligned to client needs.
POV / POC delivery — managed and delivered proofs of value across the full Kaspersky portfolio with custom test cases.
RFI / RFP response — owned technical responses to formal tenders for KSA and Bahrain customers.
Customer presentations — delivered product demos, executive briefings and consultative knowledge transfer.
Partner enablement — coached channel partners on KL solutions, technical acumen and sales skills.
Training delivery — adapted and delivered partner and customer training across the Kaspersky stack.
Brand representation — represented KL products and solutions at conferences and external events.
NOV 2018 — JAN 2021
2 yrs 3 mo

Aptec — Ingram Micro

Cybersecurity Pre-sales Engineer
VENDORS: Sophos · Forcepoint · FireEye · AlienVault
Pre-sales support — hands-on technical support across the full sales cycle for cybersecurity solutions.
Solution design — qualification, BOQ generation, proposal write-ups and high-quality RFP / RFQ / RFI responses.
POCs & demos — conducted and documented successful proofs of concept and live demonstrations.
Trusted advisor — built technical relationships as a consultant to partners and customers.
Competitive analysis — compared competing products to specify the most advantageous solutions.
Partner enablement — trained partner technical teams on vendor portfolios and sizing methodology.
AUG 2017 — OCT 2018
1 yr 3 mo

Admak-Tech

ICT Security Engineer / Technical Supervisor
Dual role — held both security engineering and technical supervisor responsibilities.
Pre- & post-sales — supported the sales team through the full cycle of cybersecurity solutions.
SOWs & HLDs — produced professional Statements of Work and High-Level Designs for recommended solutions.
Cross-vendor comparisons — created reference comparisons to aid customer decisions.
Operations supervision — planned and oversaw day-to-day technical support, RMA, installations and approvals.
Project oversight — supervised SOW execution, change requests, work orders and sign-offs.
JUN 2015 — FEB 2016
9 mo

Orbit Generation for Trading

Pre-sales Engineer
Opportunity scoping — prioritised technical effort to maximise team productivity and profit.
Needs assessment — assessed met and unmet customer needs to recommend optimal solutions.
Cross-functional coordination — aligned solution design with sales, support and service teams.
Business development — pursued additional opportunities within existing customer accounts.
JAN 2014 — NOV 2014
11 mo

Manzuma Integrated Technology

Technical Supervisor
Pre-sales assistance — provided technical guidance and product education.
Training delivery — arranged and delivered product training; produced support material for the sales team.
Custom solutions — helped design solutions tailored to customer requirements.
Reporting — prepared activity reports and maintained customer records.
02 / Capabilities

Core competencies

A / Technical Core

Hands-on engineering

/ A.01 — INFRASTRUCTURE & SYSTEMS
Platforms & servers
Docker VMware GCP Linux Windows Server
/ A.02 — NETWORK DESIGN
Secure architectures
Active Directory Network Segmentation VLAN / Trunking OSPF / EIGRP CCNA-level Routing
/ A.03 — OFFENSIVE SECURITY
Penetration testing
Packet Analysis Exploitation Credential Harvesting System Fingerprinting DNS Hijacking Wireless Pentesting
/ A.04 — INCIDENT RESPONSE
IR & threat hunting
Executable Anomalies Packing Analysis AutoStart Persistence DLL Hijacking WMI Events Scheduled Tasks Service Alteration
/ A.05 — THE SECURITY STACK
Defensive solutions
EDR / NDR Vulnerability Assessment Endpoint Protection Email Security Web Security Sandboxing Threat Intelligence Solution Sizing
/ A.06 — PROGRAMMING & AUTOMATION
Scripting & development
Bash PowerShell SQL Ruby C / C++ / C# HTML · CSS · JS MVC Web Dev
/ A.07 — POC EXECUTION
Live demonstrations
Kali Linux Metasploit Burp Suite Nmap Wireshark Nessus Hydra John the Ripper Aircrack-ng SQLmap BloodHound Mimikatz Cobalt Strike
B / Strategic Sales

Consultative delivery

/ B.01 — SOLUTION DESIGN
Architecture & research
Deep-dive Research Custom Architectures Client Environment Mapping Solution Sizing HLD / LLD
/ B.02 — PROPOSAL & DOCS
Technical writing
Cybersecurity Docs RFP / RFI / RFQ SOWs BOQ Generation Technical Proposals
/ B.03 — COMPETITIVE INTEL
Gap & vendor analysis
Gap Analysis Competitive Comparisons Feature Mapping Vendor Benchmarking
/ B.04 — FINANCIAL ACUMEN
ROI & TCO
ROI Modelling Total Cost of Ownership Business Case Deployment Costing
/ B.05 — VENDOR ECOSYSTEM
Cross-platform fluency
Kaspersky Palo Alto Networks Group-IB Mandiant FireEye Sophos Forcepoint Fortinet AlienVault
C / Emerging

Forward-looking domains

/ C.01 — FIREWALL ARCHITECTURE
NGFW as primary defence
NGFW Placement Policy Design Deep Traffic Inspection VPN Architecture High Availability
/ C.02 — EDGE AI SECURITY
Local inference & LLMs
Ollama llama.cpp Distributed Inference Local Model Deployment Data Sovereignty AI Risk Surface
/ C.03 — ZERO TRUST
Never trust, always verify
ZTA Frameworks Identity-first Access Micro-segmentation IT & OT Domains Continuous Verification
/ C.04 — COMPLIANCE MAPPING
Regulatory alignment
NIST ISO 27001 SAMA NCA ECC PDPL Control Mapping
D / Specialist Domains

Deep expertise

/ D.01 — IR & DIGITAL FORENSICS
Advanced investigations
Incident Handling APT Investigation Memory Forensics Volatile Data Capture Code Injection Analysis Rootkit Detection IOC Hunting Anti-forensics Defeat Timeline Reconstruction
/ D.02 — ETHICAL HACKING
OSCP & ECSA methodology
PWK v2 Path Structured Methodology Vulnerability Assessment Actionable Reporting Network Exploitation
/ D.03 — ICS / OT SECURITY
Industrial & critical infra
ICS / SCADA PLC & HMI Security Modbus / DNP3 IT–OT Segmentation Purdue Model OT Asset Discovery Device-level Risk ICS Traffic Analysis Elastic Stack IDS Sector Dependencies
/ D.04 — SECURITY ARCHITECTURE
Platforms & SIEM
Sophos XG Forcepoint NGFW AlienVault USM Anywhere Kaspersky KATA / KEDR FireEye Helix SIEM Deployment CySA+ Monitoring Security+ Controls Fortinet NSE 1–3 Presales POCs
03 / Profile

Education & bio

— Degree
B.Sc. (Honors) Telecommunication Engineering University of Science & Technology — Khartoum, Sudan · August 2013
— Career goals
To enhance impact and footprint in the regional market, and deepen experience in ICT availability, confidentiality and integrity — elevating service quality for customers and colleagues.
— Biodata
  • LanguagesAR · EN
  • NativeArabic
  • ProfessionalEnglish (Advanced)
  • CouncilSaudi Engineers
  • MembershipIAF (Facilitators)
  • StatusValid Iqama
  • MaritalSingle
  • BasedRiyadh, KSA
04 / Training

Certifications & training

Trained by the following entities on their technologies, techniques and methodologies — spanning vendor-agnostic foundations and deep, vendor-specific specialisation across the cybersecurity stack.

SANS Institute
VENDOR-AGNOSTIC
  • GIAC — GCFA: Advanced Incident Response, Threat Hunting & Digital Forensics
Offensive Security
OFFENSIVE
  • Offensive Security Certified Professional (PWK v2)
(ISC)²
PROFESSIONAL
  • Certified in Cybersecurity (CC) — planned August 2026
  • CISSP — planned end of 2026
EC-Council
CERTIFIED
  • EC-Council Certified Security Analyst
  • Certification No. ECC14828568880
CISA — ICSJWG
12 MODULES
  • Industrial Control System (ICS) Basics & Communication
  • Cybersecurity Differences within IT and ICS Domains
  • Cyber Risks to Industrial Control Systems
  • Critical Infrastructure Sector Dependencies
  • Exploits in an ICS Infrastructure
  • ICS Assessment / Evaluation & Critical Risk Determination
  • Analyse Captured ICS Traffic for Vulnerabilities
  • Wireless Vulnerabilities in ICS Environments
  • Manipulate IDS Logs Using Elastic Stack
  • Evaluate ICS Security Weaknesses at Device Level
CompTIA
FOUNDATIONS
  • Security+ · Training
  • Network+ · Training
  • Cybersecurity Analyst (CySA+) · Training
Kaspersky Lab
AUTHORISED TRAINER
  • KATA / KEDR Authorized Trainer
  • KATA / KEDR Platform — Technical & Presale
  • KEDR Optimum (EDRO) — Technical & Presale
  • Kaspersky Threat Intelligence (TI) — Presale
  • Managed Detection & Response (MDR) — Presale
  • Kaspersky Security Center (KSC KES) — Technical
  • Vulnerability & Patch Management — Technical
  • Kaspersky Web Traffic Security (KWTS) — Technical
  • Kaspersky Secure Mail Gateway (KSMG) — Technical
  • KES Encryption — Technical
FireEye
FULL STACK
  • FireEye Systems Engineer (FSE)
  • FireEye Threat Intelligence Overview
  • FireEye Network · Endpoint · Email Security
  • FireEye Helix
  • Verodin Security Instrumentation Platform (SIP) — Technical
  • SIP Fundamentals · Bootcamp
Sophos
AUTHORISED TRAINER
  • Sophos Authorized Trainer
  • Certified Architect — Central Endpoint & Server (AT15)
  • Certified Architect — XG Firewall (AU80)
  • Certified Engineer — XG Firewall & Central
  • Synchronized Security — Tech & Sales Specialist
  • Intercept X (ET05)
  • MSP Connect Flex
  • Cyberoam Certified Network & Security Professional
Forcepoint
20+ MODULES
  • Certified NGFW Administrator
  • Partner Sales Rep — Levels 1 & 2 (Data, Edge, User)
  • Pre-Sales Engineer L1 — CASB · DLP · Email · Insider Threat · NGFW · Web
  • Pre-Sales Engineer L2 — Data · Edge · User Protection
  • Pre-Sales Engineer Workshops — full portfolio
  • Services Professional — full portfolio
AlienVault
SIEM / MONITORING
  • USM Anywhere — Deploy, Configure, Manage (ANYDC)
  • USM Anywhere — Security Analysis (ANYSA)
  • USM Appliance for Security Engineers (AUSE)
Cisco
NETWORK
  • CCNA Routing & Switching
Fortinet
NSE PROGRAM
  • Network Security Expert 1 (NSE1)
  • Network Security Expert 2 (NSE2)
  • Network Security Expert 3 (NSE3)
Quest
PLATFORM
  • Database Performance Monitoring
  • Platform Management Sales
Khalid Abuelhassan portrait
// SUBJECT VERIFIED
05 / Signature

Eng. Khalid
Abuelhassan.

Cybersecurity Engineer · Riyadh, KSA
— LinkedIn linkedin.com/in/khalid-abuelhassan
— GitHub github.com/rowaidy
— Based Riyadh · Saudi Arabia
— Council Saudi Council of Engineers
Download Full CV View GitHub