About
I have worked in Cyber Security for a couple of years, engaging first with the offensive side as a penetration tester and gained a lot of knowledge from manual/automated scanning and exploitation to AD assessments in large enterprises > then shifted to the Defensive Side to work in SOC environments with multiple clients mainly Financial Firms, Banks and Microfinance companies and in this stage I gained a max knowledge of how being detected as an attacker can be done in an appropriate way > and finally I hope the journey will not stop at this level as I'm working now as a senior cyber security engineer with the roles of the two fields combined both (offensive and defensive).
I have worked in Cyber Security for a couple of years, engaging first with the offensive side as a penetration tester and gained a lot of knowledge from manual/automated scanning and exploitation to AD assessments in large enterprises > then shifted to the Defensive Side to work in SOC environments with multiple clients mainly Financial Firms, Banks and Microfinance companies and in this stage I gained a max knowledge of how being detected as an attacker can be done in an appropriate way > and finally I hope the journey will not stop at this level as I'm working now as a senior cyber security engineer with the roles of the two fields combined both (offensive and defensive).
Experience
- Perform penetration tests for new functionality on both
Network/web/cloud Environments
- Threat Hunting through SIEM, Security Appliances, Device Logs with
integration of open source tools
- Perform code reviews and advise developers on remediation
techniques
- Ensuring SDLC is applied on the development process
- Build security testing in the development pipeline (CI/CD), and
DevOps functions
- Manage all the security controls both on-premise and cloud based
- Ensure that the SIEM solution is tuned to the updated new APTs
and Miter-Attack Guidelines
- Perform training to developers on newly found vulnerabilities
- Engage with the risk assessment process
- ensure the vulnerability assessment process matches with the
business scope
- Participates in security projects and provides expert guidance on
security matters for other IT projects
- Apply OS hardening on all assets
- Monitoring the alerts via QRadar SIEM and generated by multiple
security devices like intrusion detection systems, web application
- Digital Forensics using: FTKImager, Cain and Abel, Write-Protect,
Autopsy, Sleuth-Kit, Wireshark, TCP-DUMP,,, etc.
- Adversary Simulation and Threat Hunting
- APT Implementation via Threat Hunting Analysis
- Incident Handling of Severe Incidents
- Analyzing the alerts, eliminating false positives and raising alerts to
designated personnel in order to respond to the identified incident
- Performing periodic vulnerability scanning/assessments and
reporting findings to the customer
- Dealing With Logs from numerous network/System Appliances and
EndPoints : Palo-Alto and Forti-Gate Firewall , Blue Coat Proxy ,
McAfee Anti-Malware, Forti-Mail and Firepower
- Producing periodic reports on the SOC operations, attacks
detected, incidents opened etc...
- Network and Web Penetration Testing
- vulnerability scanning and testing tools (Nmap, Nessus,
Burp Suite Professional, Metasploit, Whatweb, SQLMap,
Shodan, BEEF
- Experience with Scripting Languages : Pyhton and PowerShell
- API and Web Services Penetration Testing : SOAP , XML
and JSON
- Vulnerability Assessment using : Nessus, OpenVas and TripWire
IP360
- conduct full scope penetration testing of enterprise
systems, including but not limited to: Active Directory
(AD) enumeration, exploitation, and escalation of
privileges, web application testing for custom flaws,
wireless testing, password cracking and phishing
- Penetration Testing Reports for Customers
- Network Penetration Testing
- Web Application Penetration Testing