Ebrahim Aref
Cairo
Summary
Cyber Security Consultant with 4+ years of experience specializing in penetration testing, vulnerability assessment, and ethical hacking. Proven track record of identifying and mitigating security risks for leading global organizations, including Mastercard, Netflix, BlackBerry, Unilever, Kenya Airways, MTN, and KDDI, with recognition in multiple Security Hall of Fame lists.
Expert in web, mobile (iOS & Android), and network security, leveraging Burp Suite, Nessus, Metasploit, and Nmap, along with Python, PHP, JavaScript, and Bash for automation and exploit development. Actively engaged as a part-time Bug Bounty Hunter, discovering and responsibly disclosing vulnerabilities to top-tier companies through bug bounty programs.
Passionate about security research, red teaming, and proactive threat hunting, delivering actionable insights to enhance security postures. Knowledgeable it security professional with several years of experience designing and implementing security solutions in high-availability environments. Skilled in threat detection and incident response, as well as adept at delivering strong risk management practices to safeguard sensitive information and systems integrity.
Overview
5
5
years of professional experience
Work History
Cyber Security Consultant
Sunrun
05.2024 - Current
- Conducting comprehensive security assessments to identify potential vulnerabilities
- Developing and implementing security strategies to mitigate risks
Bug hunter (Part Time)
Bugcrowd
03.2020 - Current
- Perform penetration testing to organization's assets
- Including web Apps and mobile apps
- Acknowledgement: Kenya Airways, Master Card, MTN Group, BlackBerry, Synchrony financial, etc
Offensive Security Engineer
Buguard
11.2023 - 12.2024
- Conduct comprehensive security assessments for web applications, APIs, thick clients, and mobile applications
- Utilize both black box and grey box penetration testing methodologies through manual testing and automated tools
- Collaborate with clients to define testing requirements, including the scope and type of systems to be assessed
Penetration Tester
IP Protocol INC
05.2022 - 11.2023
- Conducting penetration tests on web applications and APIs
- Assessing mobile application security vulnerabilities
- Working with development teams to remediate security flaws
Penetration Tester - Part Time
DeepStrike
05.2021 - 11.2022
- Advanced Penetration Testing: I lead and execute advanced penetration tests, utilizing cutting-edge tools and methodologies to identify weaknesses in our clients' systems, networks, and applications
- My goal is to simulate real-world cyberattacks to uncover vulnerabilities before malicious actors can exploit them
Penetration Tester intern
Paymob
06.2021 - 05.2021
- Perform application assessments, internal and external penetration testing
- Conduct vulnerability research into futures technologies Paymob may deploy
- Fixing issues and leaving things better than they found them and not just finding broken things
- Validation of critical/high vulnerabilities surfaced via vulnerability automation tooling
- Study the basics of other fields such as SOC and SIEM solutions
Education
Bachelor of Agricultural Engineering -
Cairo University
08.2021
Skills
- Penetration testing
- Social engineering
- Application security
- Security analytics
- Vulnerability assessment
- Encryption technologies
- Secure coding
Courses
eLearnSecurity: Web Application Penetration Testing - eWPT
eLearnSecurity: Penetration Testing Professional – eCPPTv2
eLearnSecurity: Web Application Penetration Testing eXtreme – eWAPTXv2
Attify: Advanced Android and iOS Hands-on Exploitation
SEC552: Bug Bounties and Responsible Disclosure, SANS
Solution Expertise
Burp Suite, ZAP proxy, Nessus, Acunetix, SonarQube, Core Impackt, Metasploit
Timeline
Cyber Security Consultant
Sunrun
05.2024 - Current
Offensive Security Engineer
Buguard
11.2023 - 12.2024
Penetration Tester
IP Protocol INC
05.2022 - 11.2023
Penetration Tester intern
Paymob
06.2021 - 05.2021
Penetration Tester - Part Time
DeepStrike
05.2021 - 11.2022
Bug hunter (Part Time)
Bugcrowd
03.2020 - Current
Bachelor of Agricultural Engineering -
Cairo University
Similar Profiles
Karlene AguilarKarlene Aguilar
Solar Consultant at SunrunSolar Consultant at Sunrun
Nathan MartinezNathan Martinez
Solar Energy Consultant at SunrunSolar Energy Consultant at Sunrun
Lindsay PenningtonLindsay Pennington
Event Planner at SunrunEvent Planner at Sunrun
Sally ChoiSally Choi
Talent Acquisition Sales Recruiter at SunrunTalent Acquisition Sales Recruiter at Sunrun
Ahmed A. RadwanAhmed A. Radwan
Retention Manager at Abu Dhabi Islamic Bank – EgyptRetention Manager at Abu Dhabi Islamic Bank – Egypt