Summary
Overview
Work History
Education
Skills
Accomplishments
Certification
Timeline
Generic

Muhammed Shaban

Sr. Cyber Security Consultant IT/OT/ICS
Cairo,Cairo

Summary

Skilled engineer with practical experience in embedded and ICS security with more than 3 years experience in penetration testing and vulnerability assessment for various products and environments.

Worked with multiple ICS vendors and clients across the Gulf to audit and consult their environments and perform complete risk assessment and aid them to identify security gaps.

Overview

3
3
years of professional experience
6
6
years of post-secondary education
7
7
Certifications

Work History

Sr. Cyber Security Consultant IT/OT/ICS

SecuriCIP
Dubai, Dubai
01.2022 - Current
  • Conduct infrastructure penetration testing activities against OT/IT environment. Identify relevant gaps and provide recommended solutions and countermeasures.
  • Conduct wireless assessment against standard and proprietary wireless solutions. Identify relevant gaps and provide recommended solutions and countermeasures.
  • Conduct Web Application/API testing. Identify relevant gaps and provide recommended solutions and countermeasures.
  • Conduct testing against proposed or existing OT solutions. Identify relevant gaps and provide recommended solutions and countermeasures.
  • Conduct security architecture reviews against best security practices and standards like IEC, NIST, NESA, Etc..
  • Conduct configuration assessment against known benchmarks like CIS or STIGS.
  • Create hardening checklists based on industry best practices against products and solutions and conduct configuration assessments against such list. That could include Firewalls, NDRs etc.
  • Conduct Red Teaming exercises against both IT and OT environments.
  • Conduct source code review. Identify relevant gaps and provide recommended solutions and countermeasures.

Sr. Penetration Tester

Security Meter
giza, Cairo
06.2021 - 12.2021
  • Conduct Embedded Security Assessments (IoT Penetration Testing, Hardware Hacking and Firmware Analysis)
  • Conduct SIP/VoIP Penetration Testing
  • Conduct Wireless Network Penetration Testing
  • Conduct Mobile Application Penetration Testing and Static Code Analysis (Android, iOS)
  • Conduct Web Application / API Penetration Testing
  • Conduct Network and Host Penetration Testing
  • Conduct Security Configuration Review For Various Products
  • Develop and Hold Specialized Security Trainings

Information Security Engineer

Security Meter
giza, Cairo
11.2018 - 05.2021
  • Design and reviewing security solution, architecture as per the customer needs and security best practices
  • Performing Security Audits and working closely with the customer for remediating identified gaps
  • Performing Security Assessments (Penetration Testing and Vulnerability Assessments)
  • Test and Audit security solutions at customer environments
  • Develop and Hold Specialized Security Trainings
  • Implementing turnkey security solutions

Education

Bachelor of Engineering - Communication And Electronics

Ain Shams University
Egypt
09.2012 - 08.2018

Skills

    Cybersecurity Best Practice Implementation

undefined

Accomplishments

    Reproducing the following CVEs:

  • CVE-2019-14712
  • CVE-2019-14715
  • CVE-2019-14716
  • CVE-2019-14717
  • On one of Verifone's PoS terminals and managed to chain them to gain super user access and compromise the terminal.

Certification

ICS Cybersecurity Analysis & Evaluation Virtual Training (401V) by CISA

Timeline

Sr. Cyber Security Consultant IT/OT/ICS

SecuriCIP
01.2022 - Current

ICS Cybersecurity Analysis & Evaluation Virtual Training (401V) by CISA

01-2022

Industrial Control Systems Cyber Security Training (301v) by CISA

11-2021

Attify Certified Mobile Application Penetration Tester

09-2021

Sr. Penetration Tester

Security Meter
06.2021 - 12.2021

Attify Certified IoT Penetration Tester

04-2021

E-Learning Security Web Application Penetration Tester

09-2020

Security Center Certificate of Proficiency

08-2019

Nessus Certificate of Proficiency

07-2019

Information Security Engineer

Security Meter
11.2018 - 05.2021

Bachelor of Engineering - Communication And Electronics

Ain Shams University
09.2012 - 08.2018
Muhammed ShabanSr. Cyber Security Consultant IT/OT/ICS