I have worked in Cyber Security for a couple of years, engaging first with the offensive side as a penetration tester and gained a lot of knowledge from manual/automated scanning and exploitation to AD assessments in large enterprises > then shifted to the Defensive Side to work in SOC environments with multiple clients mainly Financial Firms, Banks and Microfinance companies and in this stage I gained a max knowledge of how being detected as an attacker can be done in an appropriate way > and finally I hope the journey will not stop at this level as I'm working now as a senior cyber security engineer with the roles of the two fields combined both (offensive and defensive).
Bildung
N
Networking, Communications and Electronics
Benha University , Bachelor's Degree
2017
Arbeit & Erfahrung
A
Senior Cyber Security Engineer
Arrow Electronics
Dec'2021 - May'2025
- Perform penetration tests for new functionality on bothNetwork/web/cloud Environments- Threat Hunting through SIEM, Security Appliances, Device Logs withintegration of open source tools- Perform code reviews and advise developers on remediationtechniques- Ensuring SDLC is applied on the development process- Build security testing in the development pipeline (CI/CD), andDevOps functions- Manage all the security controls both on-premise and cloud based- Ensure that the SIEM solution is tuned to the updated new APTsand Miter-Attack Guidelines- Perform training to developers on newly found vulnerabilities- Engage with the risk assessment process- ensure the vulnerability assessment process matches with thebusiness scope- Participates in security projects and provides expert guidance onsecurity matters for other IT projects- Apply OS hardening on all assets
C
Mid-Senior Cyber Security Analyst
Cysiv
Jun'2020 - Jun'2021
- Monitoring the alerts via QRadar SIEM and generated by multiplesecurity devices like intrusion detection systems, web application- Digital Forensics using: FTKImager, Cain and Abel, Write-Protect,Autopsy, Sleuth-Kit, Wireshark, TCP-DUMP,,, etc.- Adversary Simulation and Threat Hunting- APT Implementation via Threat Hunting Analysis- Incident Handling of Severe Incidents- Analyzing the alerts, eliminating false positives and raising alerts todesignated personnel in order to respond to the identified incident- Performing periodic vulnerability scanning/assessments andreporting findings to the customer- Dealing With Logs from numerous network/System Appliances andEndPoints : Palo-Alto and Forti-Gate Firewall , Blue Coat Proxy ,McAfee Anti-Malware, Forti-Mail and Firepower- Producing periodic reports on the SOC operations, attacksdetected, incidents opened etc...
C
Cyber Security Engineer
Cyshield
Jun'2019 - Jun'2020
- Network and Web Penetration Testing- vulnerability scanning and testing tools (Nmap, Nessus,Burp Suite Professional, Metasploit, Whatweb, SQLMap,Shodan, BEEF- Experience with Scripting Languages : Pyhton and PowerShell- API and Web Services Penetration Testing : SOAP , XMLand JSON- Vulnerability Assessment using : Nessus, OpenVas and TripWireIP360- conduct full scope penetration testing of enterprisesystems, including but not limited to: Active Directory(AD) enumeration, exploitation, and escalation ofprivileges, web application testing for custom flaws,wireless testing, password cracking and phishing- Penetration Testing Reports for Customers
T
Penetration Tester
The Egyptian State
Jun'2018 - Jun'2019
- Network Penetration Testing- Web Application Penetration Testing