Information Security Specialist
Diyar United Company
Total des années d'expérience :4 years, 0 Mois
Information Security Specialist (January 1, 2014 -Current)
Diyar United Company (Kuwait)
• Execute Network vulnerability assessments, attack and penetration testing and web application
security reviews, network device configuration reviews, OS/DB security reviews.
• Perform network incident investigation.
• Perform computer forensics investigation.
• Perform internal and external vulnerability assessments.
• Perform wireless penetration testing.
• Perform web application and network penetration testing (Black box, Grey box and White box)
• Use of various methodologies used in attack and penetration testing
• Develop and test exploits and scripts (Python / Bash Scripting)
• Perform implementation for Symantec end point security solution, critical system protection and messaging gateway
• Perform project plan and resource assignment for the information security projects
• Prepare detailed review reports with recommendation and advice to the clients on securing the infrastructure as well as web application.
• Present and clearly communicate findings and recommendations to client's senior management,
business stakeholders, security team members, and IT resources.
• Manage task allocation, ensuring quality of the deliverables in line with industry standards and best practices
• Lead and Support the team in updating their skill and knowledge
Information Security Engineer (July 1, 2012 - December 28, 2013)
Raya IT (Egypt)
• Exploit security flaws and vulnerabilities with attack simulations on multiple projects working against specific client focused scopes of work.
• Flow from black box to gray box to white box tests dependent on client needs.
• Test a variety of client form factors and technologies based on scopes of work.
• Solve complex technical problems and articulate to non-IT personnel.
• Perform vulnerability assessments and penetration testing, utilizing tools commercial and open
source tools.
• Perform, review and analyze security vulnerability data to identify applicability and false
positives.
• Research and develop testing tools, techniques, and process improvements.
• Write technical reports that include suggested resolution for identified problem areas and perform operational risk assessment.
• Support company through the testing and evaluation of new technologies and security controls.
• Perform other information security related duties as assigned upon work location or assignment.
Information Security Engineer (January 1, 2012- June 30, 2013)
Raya Datacenter (Egypt)
• Penetration Testing for Raya Holding and RAYA Datacenter.
• Web application security assessment and penetration testing.
• Security administration for Infrastructure and network services.
• Investigation and incident handling under supervision of the information security manager.
• Assistant Auditor in RAYA ISO 27001 Certificate under the supervision of the information security
manager.
• Change management coordinator.
• Perform other information security related duties as assigned.
• Hardening Raya Datacenter and keeping it Secure and available 24/7.
Information Security and Internet safety focal point of Egypt (September 1, 2010- December 30, 2011)
Microsoft (Egypt)
Internship at Microsoft Egypt in CSR department.
Master Of Security Science - EC Council University (2014/Current) Major: Executive Information Assurance The Master of Security Science (MSS) prepares information technology professionals to assume information security and assurance leadership roles in corporations, agencies and organizations. A curriculum rich in computer security management, IT security threat assessment, incident response, organizational management and behavior, and leadership challenges students to become creators of knowledge, inventors of processes and leaders of others.
Awarded master degree in information security science from Grant Town University - USA with GPA 3.25. Distinction in management of people at work and award of excellence in information security. Verification Link: http://granttownuniversity.com/verification ID: RV42261 PW:50102137
Bachelor of Engineering - Tanta University (2006/2011) Major: Computer and Control
