Nachaat Mohamed resume
Published on: Mar 3, 2016
Transcripts - Nachaat Mohamed resume
Contact No: +965-97944004
To be associated with a progressive organization that gives me the scope to apply
knowledge and Skills development through my education and effective assimilation of
knowledge. To be a part the team that dynamically works towards the growth of the
organization and self. Ready to work all over the world.
Central Statistical of bureau (Kuwait) (Jan 2010 to till Now)
Currently working as Senior Penetration Tester Information Security
Central Statistical of bureau (Kuwait)(Jan 2008 to to Jan 2010)
Working System Analyst And Oracle developer at CSB Kuwait
Silver Star Co (Egypt/KafrElshikh: Aug, 2006-Jan 2008).
Worked Network specialist & Security Analyst
International Negotiator (KSA / Alehsa) Jan 2004 - Jul 2006
Worked Oracle developer and Network specialist
Top computer center (Lebanon / Beirut Jan 2000 - May 2003)
Worked Technical Support
Course : Bachelor Degree IT (Information Security)
University : California University Los Anglos
Course : Bachelor degree IT(Software Engineering )
University : West Clayton University
Course : Diploma Computer IT
University : ( Sadat Academy) Egypt
Certified Ethical Hacker (C|EH )
Computer hacking forensic investigator (C|HFI)
EC Council Certified Security Analyst (E|CSA)
Certified Network Engineer (CNE).
Certified Information Security practitioner (CISP)
Certified Network Security Professional (CNSP)
Certified Web Application Security Professional (CWASP)
Certified Information Systems Security Expert (CISSE)
Certified technical support professional (CTSP )
Certified wimax professional (CWIM)
Security Awareness (RSA) World Bank.
Oracle (Database &Developer)
Oracle Business Intelligence Enterprise Edition ( OBIEE)
Technical Skills :
Automated scans & manual security testing for web applications based on
different domains like Banking, Insurance, Government Web/Digital Marketing,
Online shopping, etc.
Strong Web application security experience with through understanding of web
experience of computer forensics, network exploitation, ethical hacking,
penetration testing and tool development a plus
Network penetration testing using automated tools like Nmap & Nessus. Manual
Experience in application level attacks, bypassing firewalls, evading intrusion
detection and Strong Problem solving.
Strong technical skill Networking (LAN – WAN - Routers, Switches )
Extensive experience in security standards/best practices (ISO 27001,SANS)
Extensive experience in Oracle database (9i , 10g ,11g) and developer ( SQL ,
PL/SQL ) & Form , Report
Experience with at least one network and web application vulnerability scanners
as well as source code analysis tools
Experience of database, application, and Knowledge of Web server design and
Knowledge of the software development lifecycle in a large enterprise
Development background in Python
Knowledge OBIEE 11g ( Data warehouse and BI)
Experience programing SQL / PL/SQl (Oracle)
Performing Penetration Testing & Vulnerability Assessment as per client
requirements for different 3-tier web applications as well as 2-tier client server
applications also. Creation & execution of test cases.
Manual report generation for web application & network scans using MS Office
tools. Automated reporting using MS SharePoint, InfoPath with detailed
description of vulnerabilities, supporting screenshots & detailed recommendations
to remediate the issue.
Performing rescans, co-coordinating with project development and QA team to
remediate the vulnerabilities reported in security scans. Client interaction &
management discussions to explain the issue reported.
Functional Skills :
Knowledge Management: Knowledge sharing sessions within the organization &
team in form of training, whitepapers, reusable documents, presentations,
preparation of baseline documents (Checklist, Methodology, Templates) &
reviews them on monthly basis.
Process Updates: Updating the organization’s internal database used for defining
Risk Ratings, Severity, Response required by following latest trends in
Information Security domain; Internal trainings and preparation of process update
(Kali Linux – Backtrack – Buqtraq )Acunetix Vulnerability Scanner, AppScan
Vulnerability Scanner, Burp Suite Professional, Paros, Web Scarab, etc.
Nessus, Nmap, Winhex, Wireshark,Oracle10g,11g,oracle developer 6i and OBiee
Windows 98/2000/XP, Windows Server 2000/03; 2008 , SQL Server,
Making desktop application by oracle developer and Reports by Oracle Reports 6I
and 10g .
Installation, configuration and upgrading of Oracle server software and related
Establish and maintain sound backup and recovery policies and procedures
Take care of the Database design and implementation
Implement and maintain database security (create and maintain users and roles,
Setup and maintain documentation and standards
Work as part of a team and provide 7x24 support when required
Project planning, management & execution at different onsite locations as well as
offsite. Handling clients call, discussions regarding scope and activities to be
performed, estimation of project execution time, etc.
Preparing estimations and schedules, identifying scenarios, accomplishing test
case preparation and test case execution in a controlled environment.
Understanding the functional specification using the functional document, SRS,
etc provided by the client and doing the test planning, Co-ordination with IT
Heads & Project Managers for executing projects.
Vulnerability Assessment (VA) or Penetration Testing (PT) for web application
and client server applications based on additional security audit pack
(incorporating OWASP standards).
Performing automated scans, manually verifying the scan results for false
positives, reporting vulnerabilities using proper details, screen shots and
recommendation to rectify them. Performing the rescans, if required.
Defining risk ratings for the vulnerabilities found in the application, impact
analysis, risk assessment specifying the security aspects and recommendation
work for each individual vulnerability.
Discussing the reported vulnerabilities and making them understand with
development & QA team as well as senior management by conducting review
meetings & presentations.
Email : firstname.lastname@example.org
Adressa : Kuwait - Salwa
Nationality : Kuwait
Cell No : +965-97944004
Marital Status : Married.
Date of Birth :1977
I hereby declare that all the above stated information is true to the best of my knowledge.