Penetration Tester
Cyberkops
Total des années d'expérience :13 years, 4 Mois
Functional Role : Ethical Hacker and Penetration Tester
Key Tasks:
• Create written reports, detailing assessment findings and recommendations. • Perform host, and network penetration testing. • Perform manual web application penetration testing using Burpsuite, Nikto, SQLMAP etc… • Manual Exploitation of PHP and Java based web applications. • Port scan servers using NMAP and close all unnecessary ports to reduce the attack surface. • Communicate technical vulnerabilities and remediation steps to developers and management.
Functional Role : Support and maintain all IT security related products and services in addition to IT systems monitoring and IT service management tools.
Key Tasks: • Prevent Data loss by creating and applying security policies on DLP System • Control internet access for users based upon user groups on Active Directory • Block communication with malicious ips and domains • Investigate suspicious emails received by employees of the bank and block suspicious senders • Administration, Maintenance and support of Kaspersky end point security • Control applications usage upon user groups by applying application whitelisting
• Create and Maintain dashboards for the monitoring team to monitor Service Levels, service desk tickets, network Flow and all production systems (including servers, network equipment, storage, databases, and other infrastructure systems) and report on the performance of each service on a weekly basis compared to SLA targets. • Manage the control room enhancement in Lebanon and overseas and provide it with the necessary tools to ensure a 24/7 monitoring of the infrastructure • Analyze security and service management reports to ensure proactivity, performance and availability as well as pinpointing incidents and problems. • Provide availability & performance reports on demand. • Serve as a technical resource for troubleshooting and solving escalated issues from Service Desk. • Quarterly validate backup job register. • Perform remote deployments Using SCCM, Kaspersky, CA DSM
Achievements : • Implement Application whitelisting on workstations and production devices. • Creating Dashboards to monitor 24/7 the Bank internal and external services. • Lead the Implementation of the CA Service management platform including Service Desk, IT Client Automation, CCA and Xtraction. • Lead the implementation, support and maintenance of infrastructure monitoring systems such as SCOM, Spectrum, Ehealth and NFA • Implement CA Service Catalog including 16 bank services • Lead the Upgrade of Forcepoint Web filter, Mail filter and Data Loss Prevention • Forcepoint DLP Agent Deployment on all bank windows devices • Scom manager installation in UK
Experience with the below Products : • Qualys Vulnerability Management • Kaspersky Endpoint Security 11 • Forcepoint Mail Filter, Web Filter and DLP • Tipping Point IPS • Barracuda WAF • Microsoft Operation Manager 2012 (SCOM) • CA E-Health, CA Spectrum and CA Network Flow Analysis • CA Service Desk and CA IT client Manager • CA process Automation and Service Catalog • Xtraction • System Center Configuration Manager (SCCM)
Active Directory Administration include creating and managing domains and groups,
Offering technical support to users, creating Group Policies and handling user accounts. Developping the infrastructure and systems to meet the companies needs.
Working within a TCP/IP network environment, including DHCP, DNS, AD and Ethernet. Working within a Voice Over IP phones (AVAYA, MYTEL ).
Involved in the rollout of software updates and patches.
Investigate complex IT support Issues. Communicating with third party technical specialists.
Configuring and managing backup and restore procedures.
Deploying new hardware, server backups & evaluating new software & security risks
My final Project was a java and a mobile application to register users and time scheduling