Post Job Free
Sign in

Cyber Security Engineer

Location:
Louisville, KY
Posted:
May 23, 2025

Contact this candidate

Resume:

Noureldin Youssef

**** ***** *** ******, ********** Kentucky ********@**********.*** *********.****.*****@*****.*** 502-***-**** linkedin.com/in/nour-el-din-said-1336b597 Summary

CyberSecurity Researcher at the University of Louisville with experience in Cybersecurity and Applied AI. I have 6 years of professional experience as an Application Security Engineer, specializing in penetration testing, secure code review, and threat modeling in different application environments. Currently engaged in advanced research applying AI and machine learning techniques to cybersecurity challenges, with a focus on vulnerability detection, malware analysis, and LLM-based security solutions. Holder of industry-recognized certifications including OSCP, OSWE, CRTO, and eWAPTX.

Experience

Cybersecurity Researcher, University of Louisville – Louisville, Ky Aug 2023 – Current

• Developed AI Security approaches used in vulnerability detection through Large Language Models (LLMs).

• Designed and implemented self-attention models for malware analysis, providing an AI-driven sequence-based approach for real-time Malware detection.

• Conducting research on cybersecurity, focusing on testing PLC controllers’ security in the ICS field and exploring the security of IoT devices against emerging threats.

• Currently supported by a grant from the Criminal Justice sector to advance research in hardware security testing.

• Assisted in installing and securing network and server infrastructure at Hive AI Innovation Studio.

• Mentored undergraduate research interns, fostering growth in CyberSecurity and AI research domains. Senior Application Security Engineer, Cyshield – Cairo, Egypt July 2021 – Aug 2023

• Led and executed over 50 end-to-end penetration testing projects, focused on banking applications, payment platforms, and large-scale infrastructure systems across web, mobile, API, and network layers.

• Identified and reported high-impact security vulnerabilities including Remote Code Execution (RCE), Server-Side Request Forgery (SSRF), and critical business logic flaws affecting financial transactions and authentication workflows.

• Led a team responsible for conducting static and dynamic code reviews across 20 government-sector projects, reviewing applications built in Java, .NET, and Python. Utilized tools such as SonarQube, Burp Suite, and custom scripts to uncover logic flaws, injection points, and configuration weaknesses.

• Acted as a security advisor for governmental digital transformation, guiding development teams in implementing secure SDLC practices, OWASP Top 10 mitigations, and threat modeling using the STRIDE framework.

• Member of the internal Report Review Committee, standardizing technical reporting and ensuring the delivery of well-documented findings to enterprise and government stakeholders.

• Mentored junior security engineer to develop team capability and maintain high testing standards. Cyber Security Engineer, Fixed Solutions – Cairo, Egypt July 2017 – Aug 2021

• Perform Penetration testing and vulnerability assessment for web application.

• Deployment of the Vspect platform which is responsible for performing risk and vulnerability assessments on governmental organizations at EG-CERT.

• Working with Security controls implementation as CIS controls in a Working environment.

• Working on implementation of some of the security solution as SIEM and IAM solutions. Education

University of Louisville, PhD in in Computer Science and Engineering Aug 2023 – Exp. May 2026 University of Louisville, MS in Computer Science Aug 2023 – May 2025

• GPA: 3.9/4.0

University of Alexandria, BS in Electrical Engineering Sept 2011 – May 2016

• Cumulative grade: Very Good

Publications

• N. Youssef, N. Elbaraway, and A. Elmaghraby. Transformer-Based API Call Sequence Modeling for Dynamic Malware Detection. In Proceedings of IEEE SoutheastCon 2025, Concord, NC, USA, pp. 494–500. DOI: 10.1109/SoutheastCon56624.2025.10971600

• N. Youssef, N. Elbarawy, and A. Elmaghraby. BERT for Dynamic Malware Detection: A Sequence-Based Classification Approach. Accepted for publication at the IEEE Symposium on Computers and Communications

(ISCC 2025). [To appear]

Certifications and Honors

• Graduate Certificate in Cybersecurity: University of Louisville, Dec. 2025

• Certified Red Team Operator (CRTO): Apr. 2023

Credential ID: 64293facae5a582114e9cd03

• Offensive Security Web Expert (OSWE): Dec. 2021

Credential ID: OS-AWAE-16689

• Offensive Security Certified Professional (OSCP): Feb. 2019 Credential ID: OS-101-17268

• eLearnSecurity Web Application Penetration Tester eXtreme (eWPTX): Feb. 2021 Credential ID: 7022340

• AWS Certified Cloud Practitioner (CLF-C01): Feb. 2023 Credential ID: LE0BDSW24B1EQZWP

• Certified Information Systems Security Professional (CISSP): In Progress Technical Skills

Programming Languages: Java, Python, C# Proficient in programming languages

• Security Tools: Burp Suite, Metasploit, Nmap, Wireshark, Nessus, CobaltStrike, Frida Framework

• AI and Machine Learning:Expertise in transformer-based models and neural networks for real-time malware detection, threat analysis, and vulnerability management.

• Risk Management: Conduct security audits, compliance assessments, and develop incident response plans.

• Cloud Security: Azure and AWS, focusing on secure research computing and cloud compliance.

• Virtualization and Infrastructure: Proxmox for managing virtualized environments and enabling secure testing.



Contact this candidate