l
laithmahdziadeh

Laith Ziadeh

@laithmahdziadeh
Giordania
Arabo, Inglese, Turco
Alcune informazioni sono riportate in lingua inglese.
Chi sono
Cybersecurity Engineer with 3+ years of experience specializing in web application and API penetration testing. I've conducted 150+ security assessments for clients including the Ministry of Commerce (Saudi Arabia), King Hussein Cancer Center, and the National Cyber Security Center of Jordan. Certified eWPT and CRTP, I help businesses find real, exploitable vulnerabilities and fix them before attackers do.... Continua a leggere

Competenze

l
laithmahdziadeh
Laith Ziadeh
offline • 
Tempo di risposta medio: 1 ora

Consulta i miei servizi

Programmazione e tecnologia
I will provide cybersecurity, networking, and IT security training
Lezioni di coding online
I will teach you networking so well you will never google it again

Portfolio

Esperienza lavorativa

Jordan_Digitals

Cybersecurity Engineer

Jordan Digitals • Full time

Dec 2023 - Present2 yrs 7 mos

1. Conducted comprehensive vulnerability assessments and penetration tests on 150+ web applications, API endpoints, and infrastructure systems, using a mix of manual testing and automated scanners to identify exploitable weaknesses and prioritize remediation. 2. Discovered and validated high impact vulnerabilities (SQLi, XSS, auth/authorization flaws, insecure configurations), documented exploitability with PoC evidence, and worked with engineering teams to verify fixes via re-testing. 3. Executed targeted phishing campaigns and social engineering assessments to evaluate employee security awareness, produced tailored training and remediation guidance, and reduced security related incidents by ~30%. 4. Integrated application and network telemetry into the SIEM and collaborated with the SOC to tune detection rules, reduce false positives, and accelerate triage and incident response workflows. 5. Performed network traffic and endpoint analysis (including EDR), investigated and mitigated real incidents such as brute force attempts and suspected intrusion activity, and coordinated containment and recovery actions. 6. Prepared clear, technical reports and remediation plans (risk ratings, CVSS references, replication steps, and recommended code/config changes) and tracked remediation through to verification in ticketing systems. 7. Leveraged industry tools and techniques such as: Burp Suite, Nmap, SQLmap, Nessus, Wireshark, Metasploit, custom Python scripts, and manual code review to perform depth testing and produce actionable findings. 8. Collaborated with cross functional teams to implement secure configuration standards, patch management processes, and CI/CD security gates, improving long-term resilience and reducing recurring vulnerabilities.

Cybersecurity Specialist

Invekor Bilgi Teknolojileri • Full time

Jul 2022 - Sep 20231 yr 2 mos

I monitored the Security Information and Event Management System (SIEM) and follow up all related security incidents and events. I followed the day-to-day operations related to own job to ensure continuity of work Respond to security incidents and report on incident handling and resolution. I participated in forensic analysis and data recovery, and penetration testing. I performed daily security analysis and scanning and assessment for information security risks, threats and vulnerabilities. I proactively researched to identify and understand new threats, vulnerabilities, and exploits. I provided the security recommendations on actions which assist in improving security posture within client's Environment.