My Life Lesson
"Nothing is perfect, but for every problem with limited resources and time, there is one best solution."
Career Profile
Ambition, Discipline, Competence and Will are working together to find a Chance...
I'm looking for that chance.
Experiences
Working in Cybersecurity Management and Governance Department in X. Due to new establishment of this department, I have to work on several tasks. I am given the role of Cybersecurity Policies Specialist, as well as Project Management Officer. In addition, I was assigned to lead the identification and evaluation critical systems in X. Due the challenges of working in a big and complex working environment, I was also assigned to lead a team of cybersecurity account management.
A happy web and mobile app developer. Full stack, alone or in a team. Gaming, educational and public transport with a complex routing calculator and a dynamic environment. I did all of that to challenge myself and for my self-education.
Theses
The goal of this thesis aimed to study and evaluate the current published solutions to support message authentication on CAN bus. I had to analyse and implement different techniques for transmitting MAC. I worked on ardunio to run my tests, which gave me more experience on hardware. I have learned how hard to meet and maintain a certain level of security on limited resources and restricted environment.
This was scholarly paper about how far were the actual researches in cloud forensic, challenges of applying digital forensic in cloud computing environments and their possible solutions. I have learned about the digital forensic, the nature of cloud computing and the effect of cloud computing environments in forensic investigations.
Training Courses & Certificates
I was certified in Certified Information System Auditor. I have learned how to apply a risk-based approach to planning, executing and reporting on audit engagements.
I was certified in Project Management Professional. Demostrated experience, knowledge, performance in achieving an organizational objective through defining and overseeing projects and resources.
From this course, we have learned the basic of software testing. This includes all steps of the software testing process, from the planning and specification to the conducting and monitoring of tests.
In six week, we have learned, how SAP allows enterprises to support its employee-owned mobile devices and maintain control over the cost and complexity of development and. We also have learned about tools SAP offers to deal with mobile data security concerns. After passing an exam, I have successfully completed the openSAP course of "Introduction to Mobile Solution Development for the Enterprise".
In six week, we have learned how to build applications that integrate the business logic, control logic, and the database layer with unprecedented performance using SAP HANA. After passing an exam, I have successfully completed the openSAP course of "Introduction to Software Development on SAP HANA".
From this course, I have improved my knowledges to understand and describe the devices and services used to support communications in data networks and the internet. After passing an exam, I got a certificate of the first module of the course "Cisco Certified Network Associate".
In nine days, we have learned, how to navigate confidently within SAP systems, to describe how various business transactions are performed using the SAP ERP system and to explain the integration points between applications within SAP ERP. After passing an exam, I got a certification of "SAP Certified Business Associate with SAP ERP 6.0".
Projects
Mobile Apps Development
-
Since 2013, I started and am still developing mobile apps as a hobby. I have developed several apps, from A to Z, alone or in a team. Gaming, Educational and even for public transport that requires calculating routes in a complex and dynamic environment. I did all of that to challenge myself and for my self-education.
Penetration Testing on Web Browser
-
A team project on “Secure Software Development” to perform penetration testing on web browsers. We have decided to use Browser Exploiting Framework (BeEF) and Metasploit Framework that is available on KaliOS.
Smartphone Security for Android Applications
-
This work was for "Center for Research in Security and Privacy" in Darmstadt. The main goal of this project was to implement an interactive web-based android vulnerability database. In this project, I have worked with 2 other students using Django framework to build the website and its complex database, implemented in Python. In addition, we implemented a crawler to crawl public vulnerability databases. In this project, I saw how quick I could learn and to be able to use new tools and languages.
Mobile Sensing System
-
This work was for "Telecooperation Group" in Darmstadt. The project was implemented in Java for android and in PHP and HTML for homepage and sever with the using of JavaScript, CSS and MySQL. I was a member with three others. I have learned how to communicate with other teammates in a real complex project. This project applied agile as a project management.
Smart Phone Security (Extended Permission Check)
-
This work was for "System Security Lab" in Darmstadt. The project was implemented in Java and I was a member with three others. I have learned how the android system interacting using permissions technique and how to extend controlling these permissions to block collusion attacks by improving role based and dynamic policies.
DCF77 Radio clock
-
This project was implemented in Verilog and I was a member with two others. I have learned more about FPGA and how to use Xilinx program and to deal with signals.
Floating-Point Unit
-
This project was implemented in Verilog and I was a member with one other. I have learned how to handle floating point problems and how to use Xilinx to program a FPGA.
Plumber game
-
This project was implemented in Java and I was a member with three others. I have learned how to build an oriented nice structured program and how should the interacting between GUI and logic and also how to solve a problem with algorithms such as depth-first-search.
Shisen-Sho game
-
This project was my first project. It was implemented in Java and I was a member with three others. I have learned how to communicate with other teammates and how should be the dealing with I/O and parsing.
Seminars
Multimedia Manipulation Detection (Civil Security)
-
The goal of this seminar is to address and to identify current technical tools that can be used to detect manipulations and forgery on multimedia files with the focus on photographs. In this seminar, I have improved my knowledge in the field of multimedia forensic.
Peer-to-Peer Decentralised Social Networks
-
This paper was focused on challenges and solutions of applying social networks on peer-to-peer. My task was to make a survey from existing researches and to identify and summarise open security issues and to find their solutions, if exist. In this seminar, I have leaned and studied some projects that applied SN on P2P infrastructures.
Forensics for ICS Cyber Security (security for Industry 4.0)
-
As a part of a colloquium about the security of Industry 4.0, my task to make a summary of one of the seminars and to present it and lead a discussion about it with other students. These seminars showed me the challenges of applying industry 4.0, specially the challenge of industrial control systems.
Deduplication‘s problems (Cloud Computing)
-
This paper was focused on deduplication‘s problems as a security vulnerability. I have learned how to read research papers and write one. This seminar helped me to get a better look of the interacting between a cloud system with its storages and clients.