Nachaat Mohamed is a senior penetration tester and information security consultant with over 15 years of experience. He has extensive experience in network security, web application testing, Oracle development, and information security standards. He is seeking a new position where he can apply his technical skills in areas like penetration testing, vulnerability assessment, and Oracle development. He has multiple professional certifications and has worked for companies in Kuwait, Egypt, Lebanon, and Saudi Arabia.

1. Nachaat Mohamed
E-mail: eng_cne@yahoo.com
Contact No: +965-97944004
Objective
To be associated with a progressive organization that gives me the scope to apply
knowledge and Skills development through my education and effective assimilation of
knowledge. To be a part the team that dynamically works towards the growth of the
organization and self. Ready to work all over the world.
Total Experience
(15 Years)
Central Statistical of bureau (Kuwait) (Jan 2010 to till Now)
Currently working as Senior Penetration Tester Information Security
http://csb.gov.kw
Central Statistical of bureau (Kuwait)(Jan 2008 to to Jan 2010)
Working System Analyst And Oracle developer at CSB Kuwait
http://csb.gov.kw
Silver Star Co (Egypt/KafrElshikh: Aug, 2006-Jan 2008).
Worked Network specialist & Security Analyst
International Negotiator (KSA / Alehsa) Jan 2004 - Jul 2006
Worked Oracle developer and Network specialist
Top computer center (Lebanon / Beirut Jan 2000 - May 2003)
Worked Technical Support

2. Professional
Qualification
Course : Bachelor Degree IT (Information Security)
University : California University Los Anglos
Course : Bachelor degree IT(Software Engineering )
University : West Clayton University
Course : Diploma Computer IT
University : ( Sadat Academy) Egypt
Professional
Enhancements
 Certified Ethical Hacker (C|EH )
 Computer hacking forensic investigator (C|HFI)
 EC Council Certified Security Analyst (E|CSA)
 Certified Network Engineer (CNE).
 Certified Information Security practitioner (CISP)
 Certified Network Security Professional (CNSP)
 Certified Web Application Security Professional (CWASP)
 Certified Information Systems Security Expert (CISSE)
 Certified technical support professional (CTSP )
 Certified wimax professional (CWIM)
 Security Awareness (RSA) World Bank.
 Oracle (Database &Developer)
 Oracle Business Intelligence Enterprise Edition ( OBIEE)
Highlights
Technical Skills :
 Automated scans & manual security testing for web applications based on
different domains like Banking, Insurance, Government Web/Digital Marketing,
Online shopping, etc.
 Strong Web application security experience with through understanding of web
application vulnerabilities
 experience of computer forensics, network exploitation, ethical hacking,
penetration testing and tool development a plus
 Network penetration testing using automated tools like Nmap & Nessus. Manual

3.  Experience in application level attacks, bypassing firewalls, evading intrusion
detection and Strong Problem solving.
 Strong technical skill Networking (LAN – WAN - Routers, Switches )
 Extensive experience in security standards/best practices (ISO 27001,SANS)
 Extensive experience in Oracle database (9i , 10g ,11g) and developer ( SQL ,
PL/SQL ) & Form , Report
 Experience with at least one network and web application vulnerability scanners
as well as source code analysis tools
 Experience of database, application, and Knowledge of Web server design and
implementation
 Knowledge of the software development lifecycle in a large enterprise
 Development background in Python
 Knowledge OBIEE 11g ( Data warehouse and BI)
 Experience programing SQL / PL/SQl (Oracle)
 Performing Penetration Testing & Vulnerability Assessment as per client
requirements for different 3-tier web applications as well as 2-tier client server
applications also. Creation & execution of test cases.
 Manual report generation for web application & network scans using MS Office
tools. Automated reporting using MS SharePoint, InfoPath with detailed
description of vulnerabilities, supporting screenshots & detailed recommendations
to remediate the issue.
 Performing rescans, co-coordinating with project development and QA team to
remediate the vulnerabilities reported in security scans. Client interaction &
management discussions to explain the issue reported.
Functional Skills :
 Knowledge Management: Knowledge sharing sessions within the organization &
team in form of training, whitepapers, reusable documents, presentations,
preparation of baseline documents (Checklist, Methodology, Templates) &
reviews them on monthly basis.
 Process Updates: Updating the organization’s internal database used for defining
Risk Ratings, Severity, Response required by following latest trends in
Information Security domain; Internal trainings and preparation of process update
documents.
Tools &
Platforms
 (Kali Linux – Backtrack – Buqtraq )Acunetix Vulnerability Scanner, AppScan
Vulnerability Scanner, Burp Suite Professional, Paros, Web Scarab, etc.
 Nessus, Nmap, Winhex, Wireshark,Oracle10g,11g,oracle developer 6i and OBiee

4. etc.
 Windows 98/2000/XP, Windows Server 2000/03; 2008 , SQL Server,
Job
Responsibilities
As Oracle
Developer
 Making desktop application by oracle developer and Reports by Oracle Reports 6I
and 10g .
 Installation, configuration and upgrading of Oracle server software and related
products
 Establish and maintain sound backup and recovery policies and procedures
 Take care of the Database design and implementation
 Implement and maintain database security (create and maintain users and roles,
assign privileges)
 Setup and maintain documentation and standards
 Work as part of a team and provide 7x24 support when required
Job
Responsibilities
As Consultant
Information
Security
 Project planning, management & execution at different onsite locations as well as
offsite. Handling clients call, discussions regarding scope and activities to be
performed, estimation of project execution time, etc.
 Preparing estimations and schedules, identifying scenarios, accomplishing test
case preparation and test case execution in a controlled environment.
 Understanding the functional specification using the functional document, SRS,
etc provided by the client and doing the test planning, Co-ordination with IT
Heads & Project Managers for executing projects.
 Vulnerability Assessment (VA) or Penetration Testing (PT) for web application
and client server applications based on additional security audit pack
(incorporating OWASP standards).
 Performing automated scans, manually verifying the scan results for false
positives, reporting vulnerabilities using proper details, screen shots and
recommendation to rectify them. Performing the rescans, if required.
 Defining risk ratings for the vulnerabilities found in the application, impact
analysis, risk assessment specifying the security aspects and recommendation
work for each individual vulnerability.
 Discussing the reported vulnerabilities and making them understand with
development & QA team as well as senior management by conducting review
meetings & presentations.
Personal
Details
Email : eng_cne@yahoo.com
Adressa : Kuwait - Salwa
Nationality : Kuwait
Cell No : +965-97944004
Marital Status : Married.
Date of Birth :1977
DECLARATION:
I hereby declare that all the above stated information is true to the best of my knowledge.