REHAM A. ALMOHAIA

• Penetration Test

+ Identify vulnerabilities across web, mobile, and API platforms.

+ Internal and external critical systems were tested to identify vulnerabilities and assess security posture.

+ Used manual techniques and automated tools for vulnerability discovery and exploitation.

+ Collaborated with development and security teams to prioritize fixes and validate remediation.

+ Developed detailed test plans including scope definition, attack vectors, and timelines.

+ Worked on a Penetration Testing project covering sensitive systems and applications.

• Vulnerability Analysis by Tenable.sc.

+ Developed and implemented an annual scanning plan covering all organizational assets.

+ Scheduled regular scans and ensured scan coverage across all relevant systems.

+ Utilized YARA rules to detect and analyze malware patterns and suspicious files across systems.

+ Generated detailed vulnerability reports to support remediation efforts.

• IAM Sailpoint IdentityIQ.

+ Analyzed business and technical requirements for identity and access management

+ Integrated with key systems (AD, HR,etc.)

+ Developed RBAC, lifecycle workflows, access policies, and lifecycle event workflows (Joiner, Mover, Leaver).

+ Managed provisioning, access reviews, and compliance

+ build system notification (SMTP, SMS).

• Symantec DLP.

+ Deployed and configured Symantec DLP for data protection.

+ Created policies to detect and prevent sensitive data leaks.

+ Monitored incidents and fine-tuned detection rules.

+ Supported compliance and regulatory requirements (e.g., GDPR, HIPAA).

• IBM Guardium.

+ Deployed and configured IBM Guardium for database activity monitoring.

+ Implemented policies for real-time monitoring and threat detection.

+Managed alerts, audit logs, and compliance reporting, and Integrated with key databases.

· Work Flow System | System Admin - In-house Software

+ Built more than 20 processes and workflow

+ Using BPM Tool (Ultimus).

+ Using MVC technology.

+ Using Telerik for the system report.

+ Integrated with all internal systems.

+ Dealing with more than 100 tables (SQL server).

· Communications Management System (CMS) |System Admin

+ In-house software.

+ Integrated with other government agencies through Murasalt Service.

+ Built system interfaces by vue js.

Archive System | Project Manager & System Admin