Makkah Region
When I was a child, I played games on my brother's computer and that got me interested in the computer world. When I reached the teenage age, I finally got the computer from my brother and started learning about its components, how it works, how to fix and upgrade it. Eventually, that interest in computers led me to the information technology world and I chose the computer engineering as my major in university. Soon after that, I graduated as a fresh computer engineer with basic experience in the IT world. Luckily, I got an entry-level job in a telecommunication company (STC solutions) working as a second layer support where I supported my colleagues who works on the field as technicians in activating and fixing telephones and internet for people in business sectors. After three years with them, I got my second job in a semi-government (Royal Commission for Jubail and Yanbu) company that focused in investment business. I worked as first layer support for its employees providing them with the best IT equipment and solutions whether it was hardware or software that helped in achieving the best working environment for them. After three years of working under the IT support services department, I got the chance of changing my career path and requested to transfer to the Cybersecurity department and fortunately, it was accepted which was working as a Cyber Security Specialist for almost 1 year. Then, worked as an Endpoint Security Engineer at D360 bank for almost 1 year and 5 months. After that, I worked as Cybersecurity Defense Sr. Specialist at Jeddah Central Development Company for almost 2 years. Now, I am seeking my master degree in Information Technology specializing in Cybersecurity at University of Melbourne. Although I am still exploring the cybersecurity field and still not sure if it will be my passion or not but one thing for sure is that I am passionate about working in IT fields. I am looking forward to learn new things about it and share my knowledge and experience with the world which I hope that I leave positive impacts wherever I go. It is worth mentioning during this journey, I achieved ITILv4 Foundation certificate, eJPT certificate, Qulays certificates and I am looking forward to achieve more in the near future.
● Developing policies and procedures to ensure compliance with NCA regulations for vulnerability management and penetration testing ● Performing monthly vulnerability scans across all systems and producing executive-level reports ● Establishing a measurable SLA for the resolution of vulnerabilities and penetration test findings, ensuring timely mitigation ● Performing proactive assessments of system and application designs to uncover vulnerabilities and workflow defects ● Performing adaptive configuration reviews on all systems, adjusting the frequency based on operational requirements ● Communicating operational and security performance metrics, including KPIs, for vulnerability management and penetration testing ● Mapping the architectural landscape and attack surface of all JCD environments to facilitate effective penetration testing ● Establishing a RACI matrix to clarify accountability and ownership for vulnerability management and penetration testing
• Responsible of penetration testing, vulnerability assessment and SOC L1 tasks. • Completed four vulnerability assessments internally and externally for RCJY web apps using Tenable Nessus. • Applying and Following up with NCA release notes. • Searching for malicious activities using Splunk SIEM Solution and creating alerts of it. • Blocking malicious hashes, IPs, URLs and domains in Symantic EDR Solution. • Responsible of analyzing incoming phishing emails. • Supported in protecting the RCJY servers from Log4J vulnerability. • Responsible of following up with NCA Email Authentication Initiative (Haseen).
• Supported the Board of Directors meeting of Royal Commission for Jubail and Yanbu when they visited JCPDI • Supported the event of JCPDI and Hutchison Ports sign investment agreement for JCPDI Port
• Getting assigned with the representative role of the Jazan IT department • Using the BMC Helix ITSM in order to organize the work and meet the KPI of the Royal Commission • Assisting Royal Commission major meetings and events with IT services • Making distribution plans for the network equipment • Providing IT support remotely and physically to end users during the Covid-19 Pandemic • Leading small teams in achieving big IT projects • Training new employees on the IT services • Preparing and providing IT equipment and support for more than 200 employees • Upgrading the IT equipment to the latest technology
• Supported more than 12 clients per day in activating and maintaining their copper and fiber telephones, internet and circuits • Cooperating with other departments using BMC Remedy ticketing system • Supporting field technicians using multi technologies such as, ALCATEL LUCENT, CISCO, HUAWEI, SIEMENS, etc