- Developed and Implemented process improvements that reduced the incident triage time by 65%
- Developed and implemented process improvements that reduced time of the remediation of critical vulnerabilities from 35 days to under 14 days
- Successfully closed over 1000 incident response cases that included providing network forensic, system analysis, & dynamic malware analysis
- Created and implemented emergency vulnerability playbook that provided the capability to remediate vulnerabilities within 48 hours in a global environment that presented a direct risk to information assets and business operations
- Collected telemetry from various network elements in order to identify relationships among the data and provided the capability of rapid incident response analysis
CIVILAN CAREER SUMMARY:
Sr. Penetration Tester
- Performs in - depth penetration testing on applications, wireless, and networked systems to identify and document exploitable vulnerabilities.
- Testing involves the usage of automated and manual techniques.
- Utilized tools such as, Kali Linux, Metasploit Pro, Cobalt Strike, Nessus and Burp Suite to detect and exploit vulnerabilities.
- Evaluates hacking tools and techniques and applies the latest methods towards testing efforts.
- Schedules and attends meetings to determine and document testing scope.
- Validate remediation effectiveness.
- Created reports and briefed stakeholders on vulnerability findings, security misconfigurations, and overall security posture.
Cyber-Security Incident Response Specialist
- Provided incident response services to a global organization with over 44,000 colleagues.
- Closed over 1000 security investigation that included activities, such as account takeovers, financial fraud, and insider threat.
- Developed playbooks on email and cloud forensics that improved the speed and accuracy of this capability.
- Collaborated with the legal team and clients on global and local regulations, such as the GDPR.
- Utilized threat intelligence to perform enterprise threat hunting for indicators of compromise (IOC).
IT Project Manager
- Hand selected by the command for this critical role.
- Provide project management and engineering oversight in the execution of over $20 million dollar in technical modernization of Jordanian strategic communication.
Sr. Security Investigator
- Worked in 24 X 7 security operation center (SOC) that provided incident response and detection services for Confidential 500 companies, government and healthcare sectors.
- Lead a team that integrated deep expertise with cutting-edge technology, security intelligence, and advanced analytics to detect and investigate threats with great speed, accuracy, and focus.
- Developed tactic, techniques, and producers (TTP) for hunting advance persistent threats (APT).
Security & Compliance Engineer
- Provide security architecture services that include project management, file integrity management solution, vulnerability program management, log management & correlation and PCI compliance management.
- Successfully completed over 20 PCI compliance audits the enable the organization to remain PCI complaint and accomplish the mission objectives.
Vulnerability Program Manager/IT Security Analyst
- Charged with being an information security advisor and advocate for assessing the defense posture for the Confidential network reporting directly to the Confidential .
- This included frequent vulnerability assessments of our entire corporate network, engagement and awareness efforts between internal business teams, external regulators and auditors.
- Chaired the security architecture group that identified security gaps, managed budgets, and designed security solutions.
Cyber Network Defense Analyst
- Provided intrusion detection and incident response services that involved detecting, defending, and responding to unauthorized activity within DIA information system and computer networks. Implemented process improvements for the identification, containment, eradication, and recovery of malware.
- Published technical reports that included analysis on systems, network, and malware behavior.