Osama Alaa
Sr. Cyber Security Consultant
Cairo
Summary
Senior Penetration Tester and Red Team specialist with over 8 years in security and IT, holding multiple certifications (eWPTX V2, eWPTX, CRTP, eCCPT, eWAPT, eMAPT, CEH, MCSE, MCSA). Skilled in network and web application security, proficient in cybersecurity tools, scripting, Unix, and Windows. Passionate about CTFs and an experienced bug hunter for organizations like Yahoo, PayPal, and IBM. A communicative, collaborative professional focused on securing digital assets and identifying vulnerabilities through red team methodologies across diverse environments.
Overview
9
9
years of professional experience
6
6
years of post-secondary education
9
9
Certifications
Work History
Sr. Cyber Security Consultant
EG-CERT
6th Of October City, Giza
11.2021 - Current
- Continuously refined penetration testing methodologies in response to evolving threats and client feedback, ensuring ongoing relevance and effectiveness.
- Conducted source code reviews to identify potential weaknesses in custom applications before deployment into production environments.
- Mentored junior team members in best practices for ethical hacking and penetration testing techniques, fostering professional growth among colleagues.
- Conducted breach and attack simulation operations against systems.
Senior Penetration Tester
Malcrove
01.2020 - Current
- Conduct penetration testing and vulnerability assessments on web, mobile and infrastructure
- Conduct source code review for many applications written in different languages
- Conduct Red Team exercises
Penetration Tester
Security Meter
Agouza, Giza
11.2018 - Current
- Perform application, network, systems and infrastructure penetration tests
- Perform Web penetration testing in Telecom Egypt, Fawry, E-Finance, Tedata
- Perform Network penetration testing in Telecom Egypt, Fawry, E-Finance
- Perform Web Service 'SOAP/XML' penetration testing in Fawry
- Perform IOT penetration testing and firmware analysis
- Perform Telecom Penetration Testing
Bug Bounty Hunter
Synack
05.2017 - 03.2020
- Identify and report vulnerabilities in applications used by multinational organizations.
- Detect and exploit network vulnerabilities, assessing the security of protocols and configurations.
- Bypass Web Application Firewalls (WAF) and other security filters to test for hidden vulnerabilities.
Linux Engineer
Vullett
01.2016 - 01.2017
- Install & maintain development software as SVN, Apache Server, SQL database, etc
- Install & maintain software as HR Management, Firewall, File & Document sharing systems, etc
- Maintain & Upgrade company's PCs Servers and other hardware as required
- Install LDAP server 'Samba'
IT Specialist
Jawalna
10.2015 - 01.2016
- Worked as System Integrator Like ERP Sys
- 'Odoo', Call Center Sys
- 'Elastix'
System Engineer
Arabia Inform
08.2015 - 10.2015
- Work as System & IT Engineer 'Windows server 2008, 2012, Windows 7, 8, Ubuntu, MintLinux, Centos, Zentyal server'
Education
Bachelor of Engineering - Electronics and Communications
Cairo University
09.2007 - 07.2012
Post graduate Cyber Security Diploma - undefined
Information Technology Institute (ITI)
10.2016 - 09.2017
Skills
- Web app security (OWASP)
- HTTP/HTTPS, SSL/TLS protocols
- Web frameworks (WordPress, Django)
- Exploitation (SQLi, XSS, CSRF)
- API security (OAuth, JWT)
- Scanning (Nmap, Masscan)
- C2 infrastructure setup
- Evasion tactics
- Social engineering
Certification
eWPTX
Personal Information
Date of Birth: 12/03/89
Publications
Port Spoof - Active Defense Tool In Hakin9, 02/01/18
Honorsandawards
- Hall of fame in Paypal
- Hall of Fame in Verizon Media
- Top 100 At HackTheBox
- 4th place at Arab Regional CTF 2018
- 3rd place in Egypt National CTF competition
- Hero Recognition Award & Significant Recognition Trophy (SRT) - Synack, 2022
- 3rd place in Gitex CTF competition 2024
Timeline
Sr. Cyber Security Consultant
EG-CERT
11.2021 - Current
Senior Penetration Tester
Malcrove
01.2020 - Current
Penetration Tester
Security Meter
11.2018 - Current
Bug Bounty Hunter
Synack
05.2017 - 03.2020
Post graduate Cyber Security Diploma - undefined
Information Technology Institute (ITI)
10.2016 - 09.2017
Linux Engineer
Vullett
01.2016 - 01.2017
IT Specialist
Jawalna
10.2015 - 01.2016
System Engineer
Arabia Inform
08.2015 - 10.2015
Bachelor of Engineering - Electronics and Communications
Cairo University
09.2007 - 07.2012
Similar Profiles
SUBASHINI MANIAMSUBASHINI MANIAM
Regional Team Lead – Malaysia Singapore Region at TO CERT SDN BHDRegional Team Lead – Malaysia Singapore Region at TO CERT SDN BHD
Benjamin ChaselingBenjamin Chaseling
Electrical Engineer in Training at CERT II ELECTROTECHNOLOGYElectrical Engineer in Training at CERT II ELECTROTECHNOLOGY
Cassie TurnerCassie Turner
Southeast Health at GI Technician/Team Lead Pre-Cert SpecialistSoutheast Health at GI Technician/Team Lead Pre-Cert Specialist
Ahmed A. RadwanAhmed A. Radwan
Retention Manager at Abu Dhabi Islamic Bank – EgyptRetention Manager at Abu Dhabi Islamic Bank – Egypt
HOSSAM ARIDAHOSSAM ARIDA
Trainee at Suez Oil Processing Company (SOPC)Trainee at Suez Oil Processing Company (SOPC)