Hi, I'm Ashad Mohamed, a highly motivated and self-disciplined DevOps/DevSecOps engineer with a strong background in cybersecurity and a passion for IT architecture. My journey in the world of technology and security has led me to become an enthusiast in both information security and psychology.
Professional Experience
Leyton — DevSecOps Engineer Intern
Jan 2024 - June 2024
- Integrated a DevOps approach using Jenkins, GitLab, Sentry, Grafana.
- Developed and integrated DevSecOps pipelines, incorporating security testing into the SDLC using tools such as SonarQube, Aqua Trivy, Secret Scanning, and Dependency Check.
- Developed a vulnerability management platform, DefectDojo, to centralize all reports and findings generated from security scans during DevSecOps pipelines.
- Created a vulnerability management dashboard to allow managers and team leads to track vulnerabilities found in the SDLC, monitor their status, and access detailed information about each vulnerability.
- Gained practical experience with DevOps and security tools:
- Automated build and deployment processes using Jenkins and GitLab CI/CD.
- Monitored application performance and security events with Grafana.
- Conducted static and dynamic code analysis using SonarQube.
- Performed container security scans with Aqua Trivy.
- Implemented secret scanning to detect sensitive data exposures.
- Checked for vulnerable dependencies with Dependency Check.
- Collaborated closely with development and operations teams to ensure seamless integration of security practices into the SDLC.
CYBERFORCE — Internship Penetration Tester
April 2022 - October 2022
- Conducted Multiple penetration testing on BMCE (BANK OF AFRICA) networks.
- Multiple vulnerability assessments for BMCE (BANK OF AFRICA) services.
- Assisted in writing comprehensive reports detailing findings, risks, and recommended remediation steps.
- Direct contact with clients, helped them remediate and fix findings.
- Gained practical experience with Frameworks and tools:
- Performed various scans type on clients assets using Nmap.
- Performed vulnerability assessments using Nessus.
- Exploited various vulnerabilities using Metasploit.
- Pentested various web applications using BurpSuite
- Collaborated closely with senior consultants to apply Linux/Windows hardening.
Volunteer Experience
1337, Benguerir — CyberSecurity club President
October 2019 - PRESENT
- Founded and led The Elites' Security cybersecurity club in 1337, overseeing a team of motivated students in organizing events, competitions, and workshops.
- Designed and delivered educational sessions on secure coding, penetration testing, and the latest trends in cybersecurity.
- Collaborated with local industry experts to arrange guest lectures, providing members with real-world insights and networking opportunities.
- Organized a Cyber Week event featuring talks with experts, cybersecurity presentations, and a guided Capture The Flag (CTF) competition, engaging a diverse audience and fostering practical skill development among participants.
Education
1337 (42 Network), Benguerir — IT architecture expert
October 2019 - 2024
It’s my passion for security and curiosity toward technology that brought me to 1337. It's a good place to learn self-taught and discipline to achieve greatness. In the past years in 1337, I acquired team spirit and leadership skills through several projects, apart from gaining an advanced mindset in programming and problem-solving.
Projects
Inception-of-Things (IoT): A project involving the setup of a Kubernetes cluster with CI/CD using ArgoCD and GitLab.
- Configured a lightweight Kubernetes cluster using K3s and K3d for efficient container management.
- Automated deployment of applications using ArgoCD, implementing GitOps for continuous delivery.
- Set up virtual machines and development environments with Vagrant, integrating Docker for containerization.
- Deployed and managed multiple applications within the Kubernetes cluster, utilizing kubectl for cluster management.
- Enhanced skills in Kubernetes, continuous integration, and deployment automation with ArgoCD and GitLab.
Cloud-1: Automated Deployment of Web Applications on Remote Servers with Ansible
- Automated deployment of web servers with services like WordPress, PHPMyAdmin, and a database using Ansible.
- Ensured data persistence, automated restart, and secure public access using Docker and Docker Compose.
- Configured services in separate containers for efficient inter-container communication and implemented TLS for security.
- Gained skills in cloud deployment, resource management, and using Ansible for automation.
BADASS: A comprehensive project focusing on network emulation with GNS3 and Docker, VXLAN configuration, and BGP EVPN implementation.
- Tasks Completed: Set up GNS3 with Docker, created and configured Docker images, implemented VXLAN for network segmentation, and explored BGP EVPN for efficient routing.
- Skills Gained: Enhanced understanding of network virtualization, dynamic routing protocols, and advanced network management techniques.
Skills
- DevOps: Docker, Docker-compose, Kubernetes, Ansible, K3d, K3s, ArgoCD, Jenkins, Gitlab CI/CD, Grafana, Sentry, SonarQube.
- Backend development: NestJs, SQL
- Frontend development: HTML/CSS, VueJS, Reactjs/nextjs
- Cyber Security: BurpSuite, Wireshark, Metasploit, Nmap, Nessus.
- Industry 3D Design: Solidwork, Catia
Soft Skills
- Disciplined: I am highly disciplined and dedicated to my work, ensuring that I consistently meet deadlines and deliver high-quality results.
- Driven: I am a self-motivated and ambitious individual who is always eager to take on new challenges and learn from them.
- Leader: As the President of the CyberSecurity club, I have experience in leadership, guiding a team, and organizing events successfully.
- Teamwork: I excel in collaborative environments and am skilled in working effectively within a team, whether as a leader or a contributor.
- Punctual: I take punctuality seriously and ensure that I am on time for all commitments, both personal and professional.
- Communicative: I have strong communication skills, which help me convey ideas, collaborate with others effectively, and provide clear reports and recommendations.
- Friendly: I maintain a friendly and approachable demeanor, creating a positive and engaging atmosphere for teamwork and interactions with colleagues and clients.
Languages
- English, Tamazight, Arabic, German