My TryHackMe Profile :
Bachelor of Science in Computer Science ..
Masters of Business Administration ..
Software Developer for 10+ years ..
Business owner/director for 2 years ..
A graduate of University of Sydney's Cybersecurity Bootcamp with a final grade of A+ (%101.26) .. Security+ certified
Looking forward to rejoin the IT industry and start a new career in Cybersecurity.
Hello! I'm Hamza
REFERENCES
WORK EXPERIENCE
2020-2022
Owner/Director
M&H Investments Group Pty. Ltd.
Oversaw the daily operations of the company. Negotiated prices and established deals with suppliers. Interviewed and hired employees. Managed Payroll. Reviewed and paid accounts payable.
2006-2020
Safa Co. Ltd. / Al-Assaf Co. Ltd.
Software Developer
· Analysed everyday company procedures and suggested more efficient solutions.
· Designed, developed, implemented and tested in-house solution software.
· Contributed to other branches of SAFA in various cities with support and consultation.
· Key Accomplishments: Reduced costs of operation and increased work efficiency and accuracy across several departments.
2003-2004
Internship
Zuhair Fayez Partnership - Consultants
· Worked in the Geographical Information System (GIS) development project for Jeddah Municipality. Contributed to the project in the following areas : Database design, coding, maps digitizing, Auto-cad drawing and data entry.
· Key Accomplishments: My work was comparable to senior developers and was deployed to the final product.
EDUCATION
2022-2023
Certificate in Cybersecurity
2012-2014
Masters of Business Administration (MBA)
University of Sydney - Australia
Among the top in my batch .. Grade A+
University of Leicester - United Kingdom
Graduated with merit
2007-2010
Prince Sultan University - Saudi Arabia
Bachelor of Science in Computer Science
Graduated with second honors
Certifications
1 / Cybersecurity Specific
- Official (ISC)2 Certified in Cybersecurity (CC) Self-Paced
- Security+
- CISSP : currently perusing
- Intro to Splunk
2 / Try Hack Me Certifications & Badges
3 / Non Cybersecurity Certifications
- French Language Courses ( 4 levels) through the French Consulate in Jeddah.
- Options Trading Strategies
- PLC "TIA" Programming Level 1 (Siemens)
- PLC "TIA" Programming Level 2 (Siemens)
- Professional Options Trader (Online Trading Academy)
- Professional Trader - Stocks (Online Trading Academy)
- FOREX Trader (Online Trading Academy)
Tools/Technologies
1 / Operating Systems
Linux and Windows
2 / Programming Languages
Python, Bash, Powershell, Delphi, VB, Yaml and HTML
3 / Tool Box
John the ripper, enum4linux, burpsuite, wireshark, aircrack-ng, metasploit, Splunk
SKILLS
Database Design - Sound
Software Development - Sound
Research - Sound
English - Fluent
Arabic - Fluent
French - Basic
PROJECTS
Operating Systems Security
Network Security
Secured Linux servers by hardening the systems, evaluating their security, and applying corrective measures. Used Windows penetration testing tools to identify potential security issues and devised strategies to tackle them. Conducted security audits on Windows and Linux systems to detect and remove superfluous services, applied Group Policies to limit user access, and implemented a variety of security policies.
Developed a sound understanding of
Wireshark and gained hands-on experience by applying what I have learned to various scenarios, which included capturing and analyzing packets, recognizing malicious traffic and attacks and mitigating them.
Penetration Testing and Reporting
GRC
Developed an awareness of
GRC policies and processes to ensure compliance with applicable laws,
regulations and industry standards. Conducted risk assessments to identify potential cyber threats, vulnerabilities and associated risks that the organization may face. Designed security controls to recognize and reduce cyber risks to the security of the organization’s data and systems.
FORENSICS
Analyzed phone image (in a simulated heist plan case ) and retrieved communication and geolocation evidence and created a compressive forensic report.
Successfully gained root access to Linux and Windows machines using Kali Linux and my penetration testing toolbox. My success in this field has been demonstrated by my results in various CTF challenges, wherein I regularly among the top of my peers. I have achieved this by utilizing my
skill in identifying and exploiting vulnerabilities. Through these challenges, I have been able to hone my security proficiency and deepen my understanding of penetration testing.
I conducted a thorough assessment of two enterprise networks, taking into account the operating systems, applications, and network infrastructure. I checked for potential weaknesses, like unpatched
systems, vulnerable services, outdated software, or weak passwords, and provided a detailed reports of my findings. My report highlighted the most critical vulnerabilities and recommended mitigation
strategies to address them.
Cloud
Security
Implemented a cloud virtual network using Azure, configured a load balancer to route traffic between web servers. Added a
WAF to protect the web application from malicious attacks. I also created security groups to limit the access of applications and services to approved IP addresses. To ensure reliability, I configured the load balancer to monitor the health of the web servers and automatically reroute traffic to the healthy ones. Ensured that all credentials and secrets used to access the cloud environment were securely stored. This solution ensured a secure and reliable cloud environment for users.
SIEMs
Utilized Splunk to configure security analytics platform to detect and alert on potential security threats, setting up alerts for common security events such as failed logins, suspicious network activity
and malicious file downloads. Leveraged
Splunk's powerful search capabilities to quickly uncover and analyze root cause of security incidents and created comprehensive dashboard and reporting to
share findings with team.
TryHackMe
Currently ranking in the top 3% on the well known CTF and Cybersecurity learning platform. I have successfully completed many modules. This is a non-comprehensive list : Intro to Digital Forensics, Operating Systems Security, Into to Offensive Security, Web Application Security, Network Security, Intro to Defensive Security, Security Operations, Active Directory Basics, Red Team Fundamentals, Junior Security Analyst Intro, Walking an Application, Authentication Bypass, Attacking
Kerberos, Nessus and OWASP Top 10 among others.