Security Information

Ahmad Yahia Mohammad AL-Nady

Mob : +201*********

: +201*********

Email : ********@*****.***, ********@*****.***

Military Status : Exempted

Marital Status : Married

Address : ** ****** **, *****, Egypt

Education : Bachelor in Communication Engineering Al-Azhar University May.2002 Objective Seeking a challenging career opportunity in the field of information security in a multinational corporation to gain experience and prove my genuine skills in any related field

Specialties

Penetration Testing & Vulnerability Assessments for Network, Infrastructure and Web servers.

Cyber Security Incident Responders

Information Assurance Engineers

Information Technology Risk and Security Managers

MCSE with specialties in Windows Servers and Active Directory Security Risk Management and Compliance

Operational Management

Business Continuity and Disaster Recovery

Network Intelligence Analysts

Employment History

Jan 2015 – Present

Raya IT - Team Leader Professional Services

Job Duties & Responsibilities: - Team Leader Professional Services

An IT security professional with 10+ years of expertise in penetration testing and vulnerability assessments on various applications in different domains, utilizing tools commercial and open source tools.

Experience in different web application security testing tools like Acunetix, Metasploit, Burp Suite, Sqlmap, OWASP ZAP Proxy, Nessus, and Nmap.

Excellent knowledge in OWASP Top 10 2017, Proficient in understanding application level vulnerabilities like XSS, SQL Injection, CSRF, authentication bypass, authentication flaws etc.

Experience using a wide variety of security tools to include Kali - Linux, Wireshark, Snort, Cain and Abel, Nitko, Dirbuster,Nessus, Open Vas, W3AF, BeEF, Etthercap.

Knowledge in Windows/Linux operating system configuration.

Perform, review and analyze security vulnerability data to identify applicability and false positives

Flow from black box to gray box to white box tests dependent on client needs.

Security Design Architecture Review

Hands on Experience working with LAN and WAN topologies, TCP/IP protocol, routers, switches, and firewalls in Internet, Intranet and Extranet environments.

Incident Response

Red Teaming

Implementation of Tenable products including Security Center and Nessus professional for customers Incident Response 3 P a g e

BTC Baud Telecom Company: Medina branch 7/2012 To 7/2013 Job Duties & Responsibilities: Senior post sales network engineer

• Provide support for covered clients

• Provide on-call support for covered clients

• Provide technical post-sales delivery

• Troubleshooting of network problems for srouting, switching and security implementations EG-CERT (National Computer Emergency Response Team of Egypt) under the Authority of NTRA Job Duties & Responsibilities: Senior Security Incident Handler from 1/2009 to 4/2011

Building up Infrastructure and the team & handling Security Incidents.

Proactive measures to counter information security compromises, including collation, Analysis and dissemination of vulnerability and threat information.

Reactive measures post-compromise, including practical response to system/network attack.

Security Assessments for Governmental & Educational Agencies.

Perform internet protocols analysis, security technologies new development, common attacks against systems/networks analysis

, and operational details of multiple operating systems.

Assess incident severity according to certain analytical skills, technical nature and impact, leading to allocation of resources To handle the incident appropriately.

Inter-personal skills to work with both local and regional governments, businesses and vendors to generate and develop Reporting and liaison communication links.

Temperament to work as part of a multi-skilled, international team, learning and developing Techniques to meet new vulnerabilities and threats. Ministry of Communications and Information Technology Job Duties & Responsibilities: System Administrator & Security Engineer from 7/2006 to 4/2009

Location: EGYPT Smart Village

Infrastructure Administrator, External Project implementation

Implementation of network security solution.

Managing Firewalls and VPN connections.

Managing Vulnerability Protection and doing Alerts Analysis.

Managing Network Scanners

Develop Security Policies, Procedures and Access Rules.

Perform Network Assessments and Penetration Tests.

Configure and troubleshoot network security devices:

Tuning Intrusion detection and prevention systems Telecom Egypt

Job Duties & Responsibilities: System Administrator from 10/2003 to 7/2006

(O&M Sector, EWSD, NGN Department, VoIP Project)

Maintain NGN (Siemens VOIP Product) Network Elements such as:

HIE 9200 (Siemens Soft Switch)

HIG 1x00 (Siemens Media Gateway)

PCU (Siemens Packet Control Unit) & Signaling protocols such as SS7 & MGCP (Media Gateway Control Protocol)

Installation & Maintaining Siemens Net-Manager – Management Console for Siemens NGN Products

Administration & Maintenance of Juniper routers (IP Core network for NGN) as well as Juno-Scope

(Web-based Management & Monitoring Utility for Juniper Routers). 4 P a g e

Training and Certificates Obtained

Siemens Net-Manager Delta V4N – V5.1

In Progress

SURPASS HIE 9200 IP Package OAM

EWSD Innovation Hardware

EWSD SSNC Operation & Maintenance

EWSD Remote Switching Unit

EWSD Crash Workshop,Safeguarding & Emergency Procedures

CCNA

UNIX Sun Solaris,Unix IBM AIX Fundamentals & administration

Linux Fundamentals,administration & Network Design and Security (RH-302)

Communication Skills, Presentation Skills, Customer Services Skills, Technical Business Writing

HP SAN Storage.

AWAE :Advanced Web Attacks and Exploitation

MCSE Security (Microsoft Certified Systems Engineer) MCP ID : 3684416 “Certificate”

CEH v8 : Certified Ethical Hacker : License ECC93432739709 GSEC (GIAC Security Essentials Certification) Analyst# 20554

“Certificate”

“Certificate”

GCIH (GIAC Certified Incident Handler) Analyst# 13274 “Certificate”

OSCP : Offensive Security Certified Professional OS-101-019740 “Certificate”

ISO-IEC-27001-Provisional-Implementer ISPI1036597-2019-09 “Certificate” Approving System designs, implementations Network Security and evaluations, and consultation for governmental,Banking sector and companies projects: MCIT headquarter in smart village and its remote sites (MCIT). National Telecommunications Regulatory Authority (NTRA). Egyptian Republic Union Television (ERTU).

Egyptian Cultural and Natural Heritage (CULNAT).

Central Agency for Organization and Administration (CAOA) Information Tech. Industry Development Agency (ITIDA) National Telecommunication Institute (NTI)

Presidency of the Arab Republic of Egypt.

Nile University (NU)

Information Technology Institute (ITI)

Khalda Petroleum Company

TE-DATE

Egypt's Government Services Central Bank of Egypt. Egyptian Gulf Bank (EGBank)

The United Bank (TUB)

EGPC

PAS

Petrojet

City-Stars

HDB

Gasco

UN ECA

LinkedIn: ahmed alnady:

https://eg.linkedin.com/in/ahmed-alnady-8b712a34

Update 25 DEC Sep 2020

Contact this candidate