Abdullah Sarhan

A lot of skills that I have gained during my internship at the cyber security department of the SABIC Company include:

• OT Cybersecurity and architecture
• Vulnerability assessment
• Risk assessment
• Penetration testing
• Information security management system
• Regulatory requirements and compliance

studying the OSCP certification materials that includes:

• information gathering
• Common Web Application Attacks
• Password Attacks
• Windows Privilege Escalation
• Linux Privilege Escalation
• Port Redirection and SSH Tunneling
• Active Directory Introduction and Enumeration
• Attacking Active Directory Authentication

Responsibilities:

• Performing web application penetration testing activities to ensure that the web applications are secure and following the security best practices .
• Performing vulnerability assessments to ensure that the environment is safe and not vulnerable to any attacks.
• Managing the bug bounty platform and handling the vulnerabilities discovered to fix it and validating that the vulnerabilities have been resolved.
• DLP admin: monitoring the data transferred in all channels in order to prevent any data leakage or data exfiltration outside the organization environment.
• configuring Firewalls and security controls hardening
• Creating security policies and manage the access in the enterprise
• security policies review to fix any failures or gaps exist in the security rules
• Dealing with: VPN,SSL Inspection,SSL certificate, source NAT, Destination NAT.
• DLP admin: monitoring the data transferred in all channels in order to prevent any data leakage or data exfiltration outside the organization environment.
• Implementing and dealing with the Zero Trust Network Access (ZTNA) to continuously monitor all the activities during remote access to the organization environment.