
Laith Ziadeh
Habilidades

Revisa mis servicios


Porfolio
Experiencia laboral
Cybersecurity Engineer
Jordan Digitals • Tiempo completo
Dec 2023 - Present • 2 yrs 7 mos
1. Conducted comprehensive vulnerability assessments and penetration tests on 150+ web applications, API endpoints, and infrastructure systems, using a mix of manual testing and automated scanners to identify exploitable weaknesses and prioritize remediation. 2. Discovered and validated high impact vulnerabilities (SQLi, XSS, auth/authorization flaws, insecure configurations), documented exploitability with PoC evidence, and worked with engineering teams to verify fixes via re-testing. 3. Executed targeted phishing campaigns and social engineering assessments to evaluate employee security awareness, produced tailored training and remediation guidance, and reduced security related incidents by ~30%. 4. Integrated application and network telemetry into the SIEM and collaborated with the SOC to tune detection rules, reduce false positives, and accelerate triage and incident response workflows. 5. Performed network traffic and endpoint analysis (including EDR), investigated and mitigated real incidents such as brute force attempts and suspected intrusion activity, and coordinated containment and recovery actions. 6. Prepared clear, technical reports and remediation plans (risk ratings, CVSS references, replication steps, and recommended code/config changes) and tracked remediation through to verification in ticketing systems. 7. Leveraged industry tools and techniques such as: Burp Suite, Nmap, SQLmap, Nessus, Wireshark, Metasploit, custom Python scripts, and manual code review to perform depth testing and produce actionable findings. 8. Collaborated with cross functional teams to implement secure configuration standards, patch management processes, and CI/CD security gates, improving long-term resilience and reducing recurring vulnerabilities.
Cybersecurity Specialist
Invekor Bilgi Teknolojileri • Tiempo completo
Jul 2022 - Sep 2023 • 1 yr 2 mos
I monitored the Security Information and Event Management System (SIEM) and follow up all related security incidents and events. I followed the day-to-day operations related to own job to ensure continuity of work Respond to security incidents and report on incident handling and resolution. I participated in forensic analysis and data recovery, and penetration testing. I performed daily security analysis and scanning and assessment for information security risks, threats and vulnerabilities. I proactively researched to identify and understand new threats, vulnerabilities, and exploits. I provided the security recommendations on actions which assist in improving security posture within client's Environment.