Mohammed EEEA

Application security - DevSecOps
• building and maintaining CI/CD pipelines using Jenkins.
• Black Box Testing (DAST) Using OWASP ZAP, Burp Suite.
• White Box Testing (SAST) using SonarQube.
• Code integration and version control (Git, Github).
• DevSecOps Integration (SDLC) using Azure DevOps Services.
• Application Vulnerability assessments using Nessus, OpenVas .
• Ensured application security compliance with GDPR, PCI-DSS, and ISO/IEC 27001.
• continuous security event detection and monitoring using ELK Stack.
• Managing (RBAC) and (IAM) using Azure AD, Okta, and Auth0.
• RASP (Runtime Application Self-Protection) using AppSensor (OWASP).
• SOC L2 - OT/ICS Cyber security:
• Discovering, Assessing and Mitigating Cybersecurity incidents.
• Monitoring Network Activities, analyzing, prioritizing, and Correlating security events using SIEM (Splunk/Log Rhythm/Qradar), EDR, NDR and XDR Solutions.
• Orchestration an d Automating the response using LogRhythm SOAR .
• Investigates incidents contextualize and remediate security incidents based on playbooks and individual analysis leveraging data from diferent source and tools Such as SIEM technology, packet captures, reports, data visualization, and pattern analysis.
• Maintaining compliance benchmarks through metrics / KPIs incident status.
• Performs risk analysis, vulnerability assessment, pen-testing, source code review, and provides recommendations for remediation.
• Perform security breaches Report, root cause analysis report, technical remediation analysis report.
• Ensure compliance with relevant cybersecurity regulations and standards (NIST, ISO 27001, PCI-DSS GDPR, HIPAA, ISA/IEC 62443).
• Great Experience using the MITRE ATT&CK framework to build use cases and improve security incident detection and response.
• Performing cyber defense incident triage for resolving advanced vector attacks such as botnets and advanced persistent threats (APTs).
• Performing Security Assessment using diferent tools Like (NMAP, Nessus, Metasploit)
• Designing and implementing safety measures and controls
• Defense-in-Depth Solution Design for securing ICS - OT Systems.
• HLD using Purdue model and compliant with ISA/IEC 62443 Standard.
• Defining and identifying all conduits and security Zones within the Purdue model design.
• Security assessment for each level of attacks.
• Assigning the Appropriate Countermeasures for each level of Attacks that correspond to each Security Level (SL).
• Implementation and Configuration for VMWARE (Airwatch)
• Implementation and Configuration for Ivanti-FortiNAC for patch management
• Implementation, Deployment and Configuration (Microsoft Defender For Cloud Apps)-CASB Features)

DevOps, Network Automation and Cloud Operations:
• Delivering Infrastructure as Code (IaC) using (Ansible, Terraform) and Software Developing using (Python- PyCharm IDE), Dealing with GitHub as a Repository for Scripts.
• Building and Running Applications and Microservices using Docker and Kubernetes.
• maintaining, and deploying applications using OpenShift.
• Project management and coordination tools (Trello, Jira (Scrum), Microsoft Project 2010)
• Log Aggregation, Real-time Analytics and Data Integration using Apache Kafka.
• SQL, Microsoft SQL 2016, SQL Development using SSMS v18.5.
• API Testing using Postman Tool v9.x
• Work alongside architecture and engineering teams to design and implement innovative solutions.
• built on AWS, Dealing with Diferent AWS Services (EC2, S3, ECS, ROUTE53, Lambda, DynamoDB, ELB, IAM, KMS, ACM, WAF).
• Implementation and Configuration for SDN using Cisco Nexus 9000 series ACI-mode switches, 15.2 branch, Cisco APIC, 5.2 branch Cisco SD-WAN Solution (Cisco vEdge, vManage, vSmart, vBond), SDA Cisco DNA- (Center/ Assurance), Configuration Management using Cisco NSO.
• Implementation and Configuration for Digital Rights management (Azure RMS)

• Discovering, Assessing and Mitigating Cybersecurity incidents.
• Monitoring Network Activities, analyzing, prioritizing, and Correlating security events
using SIEM (Splunk/Log Rhythm/Qradar), EDR, NDR and XDR Solutions.
• Orchestration an d Automating the response using LogRhythm SOAR .
• Investigates incidents contextualize and remediate security incidents based on
playbooks and individual analysis leveraging data from different source and tools Such
as SIEM technology, packet captures, reports, data visualization, and pattern analysis.
• Maintaining compliance benchmarks through metrics / KPIs incident status.
• Disaster recovery and Data backup using VEEAM .
• Performs risk analysis, vulnerability assessment, pen-testing, source code review, and
provides recommendations for remediation.
• Perform security breaches Report, root cause analysis report, technical remediation
analysis report.
• Ensure compliance with relevant cybersecurity regulations and standards (NIST, ISO
27001, PCI-DSS GDPR, HIPAA, ISA/IEC 62443).
• Great Experience using the MITRE ATT&CK framework to build use cases and improve
security incident detection and response.
• Performing cyber defense incident triage for resolving advanced vector attacks such as
botnets and advanced persistent threats (APTs).
• Performing Security Assessment using different tools Like (NMAP, Nessus, Metasploit)
• Designing and implementing safety measures and controls
• Defense-in-Depth Solution Design for securing ICS - OT Systems.
• HLD using Purdue model and compliant with ISA/IEC 62443 Standard.
• Defining and identifying all conduits and security Zones within the Purdue model design.
• Security assessment for each level of attacks.
• Assigning the Appropriate Countermeasures for each level of Attacks that correspond to
each
Security Level (SL).
• Implementation and Configuration for VMWARE (Airwatch)
• Implementation and Configuration for Ivanti-FortiNAC for patch management
• Implementation, Deployment and Configuration (Microsoft Defender for Cloud
Apps)-CASB Features)

Application Building and maintaining CI/CD pipelines using Jenkins. Black Box Testing (DAST) OWASP ZAP, Burp Suite. White Box Testing (SAST) using SonarQube. Code integration and version control (Git, Github). DevSecOps Integration (SDLC) using Azure DevOps Services. Application Vulnerability assessments using Nessus, OpenVas .
• Ensured application security compliance with GDPR, PCI-DSS, and ISO/IEC 27001. continuous security event detection and monitoring using ELK Stack. Managing (RBAC) and (IAM) Azure AD, Okta, Auth0. RASP Self-Protection)

• Replying to the Customer Inquiries (RFI, RFP, BOM, RFQ)
• Preparing and doing the POC (Proof of Concept) for the new IT and Cyber security
projects.
• Arranging and attending Different Meetings with the Key Players inside the Organization
• Data Network Project Coordination, Planning, and design.
• Conducting Presentation for the New Data Networks and Cyber Security Projects.

Data Networks and Security:
• Implementation, Planning, Configuration, and design for The New Data Networks and information systems.
• Data Networks Design using Microsoft Visio.
• Data Network emulation Test using VMWARE and GNS3 Labs.
• Presentation and Negotiation for the new Data network design.
• Administration for installing new infrastructure (Fiber optics transmission lines, Copper cables and Wireless).
• OTDR Fiber optics Test, copper cables (UTP, STP) FLUKE Test.
• Data Networks Monitoring using MRTG and SOLARWINDS, OPENMS on LINUX OS.
• Networks Security Configuration (Securing access to the routers, port security, configuration of AAA with the help of radius Server, ACL, PVLAN, ARP ACL, wireless security), Remote site VPN, site-to-site VPN, switches VTP, VLANS, VACLs, PACLs, Configuration and administration for SNMP, Routing Protocols (EIGRP, OSPF).
• Configuring Routers and Switches (Foundry, cisco, Alcatel-lucent), Wireless networks design, configuration and securing (Cisco wireless access points 1130A/G, WLC 4400, ACS 1113, WCS), Aruba, Trapeze Networks.
• International Dial Plans, Calling Search Space/Partitions, Media Resource management, CAC and QOS, Mobility, LDAP Integration, and Cisco Licensing and troubleshooting IP Phones related faults.
• Configuring and Installing VoIP networks (Cisco 2800 series router, CME/ SRST, CUCM 7, Cisco IP phones 7900, cisco IP communicator.

• Data Networks Implementation and Design using Microsoft Visio.
• Configuring and Testing Active/Passive Components.
• Data Networks Monitoring using MRTG, SOLARWINDS and OPENMS on LINUX OS.