Objective
To achieve, apply, and assist in the field of information technology specifically in cyber security operation and to enhance and protect your respected organization's business goals, services, and reputation.
Employment
· Head of security operation management division at the Ministry of Foreign Affairs (MoFA)
o October 2021 – present
· Information Security and Emergency Response Department for the Communication and Information Technology Regulatory Authority (CITRA)
o May 2017 – Aug 2021
· Consultant Department for the General Secretariat of the Supreme Council for Planning and Development (GS-SCPD)
o Dec 2015 – May 2017
Education
· San Diego State University: San Diego, CA, USA May 2015
o Bachelor of science in applied arts and sciences: Computer engineering
o GPA: 2.78
· Palestine high school: Rumaithiya, Kuwait Aug 2008
o Scientific branch of high school education system
o GPA: 3.16
Tasks and Responsibilities
· At MoFA:
o Project manager for multiple projects related to cyber security that shall help to improve the organization's security controls.
o Responsible for designing, implementing, and deploying multiple projects related to endpoint security, email security, multifactor authentication, and endpoint management.
o Head of security incident response team at MoFA.
o Review and advise on current and future security controls.
o Review and advise on vulnerability assessments and penetration testing activities.
o Review suspicious logs and behaviors that indicate any type of compromise (SIEM, WEL, FW, 2FA).
o Detect phishing and guard users against social engineering attempts (mainly phishing emails).
o Implemented Domain-based Message Authentication Reporting and Conformance (DMARC) to protect MoFA from impersonation and phishing attempts.
o Submitted RFPs to deliver security related products and evaluated bidder proposals.
· At CITRA:
o Handling Block Requests from individuals and official entities
o Established a direct channel of communication with internal departments, ISPs and Mobile Operators to follow up with block requests
o Member of team to produce a regulation and procedure to define illegal electronic content and how to block it.
o Member of a team to produce a regulation to define data classification.
o Established a direct channel of communication with Social Media companies (Instagram, Twitter, Snapchat, Netflix, etc) to follow up with blocking/geoblocking of illegal content.
o Site survey and information gathering of selected entities which represent critical national infrastructure.
o Deployment of Azure infrastructure (IaaS) to host information sharing platform.
o Configuring and tuning Web Application Firewall (WAF) to protect the information sharing platform.
o Member of a team responsible for designing a separate IT infrastructure for a new department.
o Other sensitive projects which shall not be mentioned in CV (I could elaborate more in person if required).
· At GS-SCPD:
o Communication and coordination with different government entities' project department
o Communication and coordination with consultants
o Review and provide feedback of entities' Terms of Reference (ToR)
University Projects
· Embedded system programming: worked on STM boards to program microcontrollers using Kiel development environment:
o Blinking LEDs based on user input
o Piano and audio frequency
o USART communication between board and computer using USB
· Graduation project (team of 6): Micro-mouse competition – I was responsible for the intelligence of the mouse to solve a maze by using C programming language.
· Designed and implemented a five-stage pipeline MIPS processor using Xilinx and Verilog.
· Designed and implemented a clock system with counters and alarms on an FPGA using Verilog.
Certificates, Training, Workshops and Conferences:
Part-time Job | Class | Date |
Teaching at Public Authority of Applied Education Training (PAAET) | Database SQL | Jan – Mar 2021 |
Training Courses I Provide | Platform | Release Date |
Released my personal training course titled: Fundamentals of cyber security | on dawrat.com | March 2022 |
Certificates | Institute | Date |
Communication skills and formal reporting | TDI | Nov-2018 |
Preparing and writing reports | New Horizons | Jan-2019 |
Planning and Administering SharePoint 2016 | TDI | Mar-2019 |
Network+ | CompTIA | May-2019 |
Cloud Essentials | CompTIA | Jun-2019 |
Security+ | CompTIA | Jul-2019 |
CyberSec First Responder (CFR) | CERT NEXUS | Jul-2019 |
Ethical Hacker (CEH) | EC-Council | Aug-2019 |
Certified Security Analyst (ECSA) | EC-Council | Aug-2019 |
COBIT5 Foundation | People Cert | Sep-2019 |
Linux+ | CompTIA | Oct-2019 |
Cyber Security Leader | CBK | Nov-2020 |
Training and Workshops | Institute | Date |
Computer workshop provided by the Kuwait science club | KSC | Jun-2002 |
HTML workshop at Kuwait University | KUNIV | Nov-2007 |
Active member at Codecademy and Khan Academy | Online | Jun-2013 - present |
Member of the coordination team and Master of Ceremony (MC) for the workshop "Preparing the framework, operational structure, and cybersecurity program of work in the State of Kuwait" | CITRA | Jan-2018 |
DNS/DNSSEC Workshop | CITRA | Oct-2018 |
SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling | SANS | Jan-2019 |
Cybersecurity Leaders Programme | CBK | Apr – Oct 2019 |
Windows Administration | | |
SQL | PwC | Apr-2019 |
Python | PwC | May-2019 |
Certified Wireless Network Administrator (CWNA) | PwC Sybex | Jun-2019 |
Cyber Secure Coder (CSC) | PwC EC-Council | Jul-2019 |
Computer Hacking Forensic Investigator (CHFI) | PwC EC-Council | Aug-2019 |
Certified Incident Handler (CIH) | PwC EC-Council | Aug-2019 |
Certified Threat Intelligence Analyst (CTIA) | PwC EC-Council | Aug-2019 |
Principles of Project Management | IBS | Sep-2019 |
ISO 27001 Foundation and Practitioner | PwC | Sep-2019 |
ISO 22301 Foundation | PwC | Sep-2019 |
Information Security Audit | PwC | Sep-2019 |
Emotional Intelligence | IBS | Sep-2019 |
Bitdefender Security Academy: Incident Response and Threat Hunting Workshop | BitDefender | Oct-2019 |
Virtual Workshop on internet infrastructure security and information sharing | Online | Mar-2021 |
Computer workshop provided by the Kuwait science club | KSC | Jun-2002 |
Conference | Location | Date |
Participating with the authority delegation to represent Kuwait in the 40th meeting of the permanent Arab Committee for Communications and Information and the 41st meeting of the Executive Office of the Council of Arab Ministers for Communications and Information | Cairo | Jul-2017 |
RSA Conference 2018 | San Francisco | Apr-2018 |
Master of Ceremony for CERC 2019 | Kuwait | Nov-2019 |
KIACS Cyber Security | Kuwait | Dec-2019 |
Master of Ceremony for CERC 2020 | Online | Nov-2020 |
Professional Affiliation
· Member of the Institute of Electrical and Electronics Engineers-IEEE
· Kuwait Association for Information Security (KAIS)
· Kuwait Society of Engineers (KSE)
· Kuwait Information Technology Society (KITS)
Skills:
· Familiar with international frameworks like NIST and ISACA.
· Public speaking and presentations.
· Communication and Emotional intelligence.
· Able to understand and speak targeted audience language (higher management and technical staff).
· Professional and ethical worker.
· Leader, confident, and charismatic.
· Social engineering and situational awareness.
· Collaborative and team player.