R1
Rawan Hussain
Alfarraj
Cybersecurity Specialist
Contact
r1alfarraj@outlook.com +965 9404 0654 Kuwait City, Kuwait linkedin.com/in/rawan-alfarraj
Core Competencies
Vulnerability Assessment & Penetration Testing
SIEM Analysis & Threat Detection
Phishing Simulation & Awareness Programs
Insider Threat Investigation
CIS Benchmark Audits & Hardening
AI-Powered Dashboards & Analytics
Security Testing (Networks, IoT, DB)
Security Incident Response
Compliance Reporting & Governance
Certifications
Certified Ethical Hacker (CEH) EC-Council
GSOC Certified SANS Institute
ISO 27001 Lead Implementor Glocert International
CompTIA Security+ CompTIA
Azure Fundamentals Microsoft
Splunk Fundamentals Splunk
Rawan Alfarraj
Cybersecurity Specialist — Security Testing & Vulnerability Management
National Bank of Kuwait (NBK) • Kuwait City, Kuwait

Cybersecurity professional with over 2 years of progressive experience at the National Bank of Kuwait, advancing from SOC operations to a specialized role in Security Testing and Vulnerability Management. Proven expertise in SIEM-based threat analysis, phishing awareness campaigns, insider threat investigations, and CIS Benchmark audits. Skilled in leveraging AI to build intelligent dashboards for real-time security metrics, compliance tracking, and executive reporting. Recognized winner of Zain's '50 Women in Cybersecurity' Challenge.

Professional Experience
Cybersecurity Specialist — Security Testing & VM Mar 2023 — Present
National Bank of Kuwait (NBK), Kuwait City
  • Architected and delivered phishing simulations and security awareness programs for 3,000+ employees and customers, measurably reducing click-through rates quarter over quarter
  • Built AI-powered compliance dashboards with real-time KPI visualization, enabling leadership to track security posture across all business units at a glance
  • Conducted insider threat investigations using SIEM platforms, focusing on exit-risk behavioral analysis and anomaly detection patterns
  • Led end-to-end vulnerability assessments across network infrastructure, IoT devices, and enterprise database systems
  • Executed CIS Benchmark audits on Windows, Linux, and Solaris environments; produced actionable remediation roadmaps for cross-functional IT teams
  • Managed internal and external security audit cycles, coordinating corrective controls and ensuring regulatory compliance across departments
  • Developed automated tracking systems for compliance monitoring and quantifying security training effectiveness
Winner — Zain's '50 Women in Cybersecurity' Challenge
Education
Bachelor of Computer Engineering 2018 — 2022
Kuwait College of Science and Technology (KCST)
GPA: 3.60 / 4.00
Publication

B. Alothman, A. Alhajraf, R. Alajmi, R. Al Farraj, N. Alshareef, M. Khan. "Developing a Cyber Incident Exercises Model to Educate Security Teams." Electronics, 2022; 11(10):1575.
doi.org/10.3390/electronics11101575

Conferences & Activities
Conference — Black Hat Middle East & Africa, Riyadh (Nov 2023)
Competition — Capture The Flag (CTF) Participant, Kuwait
Capstone — Cyber Incident Exercises Model to Educate Security Teams