Mohammed Belcaid

KITS AB Norra Allégatan 8 413 01 Göteborg www.kits.se Mohammed Belcaid Cyber Security Consultant Mohammed Belcaid 2 (7) Mohammed is a Cyber Security Consultant and Developer at KITS AB, Enthusiast by Web App Security and Reverse Engineering. Mohammed enjoys penetration testing systems and networks, and hunts during his free time for interesting vulnerabilities on bug bounty programs. He loves challenges and problem solving especially in Cyber Security field. He participates in many international CTF (Capture the Flag) competitions which are known by Hacking Challenges in different categories like Web App Security, Reverse Engineering, Binary Exploitation, Forensics, Cryptography. Mohammed has also completed several internships within the Cyber Security field during his student career where he learned many new technologies and new vulnerability types. Mohammed Belcaid 3 (7) Profile Specialty Application servers Web App Sec, IT-Security, Reverse Engineering, Bug Bounty Nginx, Apache, Tomcat Roles IT-Security Specialist, Developer Programming Languages Databases MySQL, PostgreSQL, MongoDB Experiences 2020 – Linux, Windows, OS X KITS AB 2019 – Cybersprint (6 months) 2018 – VUL9 Security Solutions (6 months) 2017 – Ptrace Security GmbH (6 months) 2016 – Regional Department of Equipment, Transport and Logistics – Moroccan Government (2 months) 2015 – TIBCO Maroc (1 month) 2015 - WARSH Electronics (1 month) Frameworks Education Spring Boot, Django, Flask 2017 – 2019 Python, JavaScript, Java, SQL, LaTeX Developer Tools IntelliJ IDEA, Git, Docker, Vagrant Software Development Software Development Life Cycle (SDLC) Platforms JavaScript-frameworks jQuery, React, NodeJs, Electron Security Tools Burp, Kali, IDA, Wireshark, Metasploit, Nmap, SQLMap, APKTool, GDB, Ffuf, GoBuster. Agile Methodologies Scrum Communication Skills English (Fluent), Swedish (Basic), French (Fluent), Arabic (Fluent) 2015 – 2017 Master of Science, IoT and Mobile Services, National School of Computer Science and System Analysis (ENSIAS), Rabat - Morocco Bachelor, Computer Systems Administration and Networks Security, Abdelmalek Essaadi University, Tétouan Morocco Mohammed Belcaid 4 (7) Projects 2020-01 Ongoing Cyber Security Specialist, KITS, Göteborg Performs penetration tests and code review on system integrations and web applications. Help customers achieve better overall security posture by improving policies and defense against different types of attacks. Uses a white box approach in order to dig deep into an application. Builds and presents courses in application security. Role: Cyber Security Consultant Technologies: Java, React, OWASP, Micro Services, Forensics. 2020-07 Incident Investigation – Patrix, Göteborg Respond to and investigate security incidents. Extract and analyze information from Windows- and Linux based systems. Present timelines and mitigation options. Role: Cyber Security Analyst Technologies: Java, Forensics - Web Development – Batchman v0.5 Develop a REST API for managing external cron jobs. Purpose of Batchman is to monitor and alert if scheduled jobs do not check in as expected. Role: Developer Technologies: Java, Spring Boot, Maven, Git, Docker, PostgreSQL, JUnit. 2020-03 Penetration test – Patrix, Göteborg Perform penetration tests and code review on web applications. Help customers achieve better overall security posture by improving policies Mohammed Belcaid 5 (7) and defense against different types of attacks. Uses a white box approach in order to dig deep into an application. Role: Penetration Tester Technologies: Java, Spring Boot, OWASP, Burp. 2020-11 Incident Investigation – Patrix, Göteborg Respond to and investigate security incidents. Linux server’s logs. Present timelines and mitigation options. Role: Cyber Security Analyst Technologies: Forensics, Log Analysis 2020-01 – Developer – Log Lady 2020-06 Develop software that analyzes log files. The program is based on Electron and can ingest local files for analysis. My team and I worked according to agile principles. Role: Developer Technologies: JavaScript, NodeJS, React, Electron, Git. 2021-01 Penetration test – Plint with Assured AB, Göteborg Perform penetration tests and code review on web applications. Help customers achieve better overall security posture by improving policies and defense against different types of attacks. Uses a white box approach in order to dig deep into an application. Role: Penetration Tester Technologies: OWASP, Burp. 2021-01 Incident Investigation – Patrix, Göteborg Respond to and investigate security incidents. Proxy Access Logs Analysis. Present timelines and mitigation options. Role: Cyber Security Analyst Mohammed Belcaid 6 (7) Technologies: Forensics, Log Analysis 2021-02 Incident Investigation – Patrix, Göteborg Respond to and investigate security incidents. WebServer Infection Analysis (Ransomware Attack). Present timelines and mitigation options. Role: Cyber Security Analyst Technologies: Forensics, Log Analysis 2021-03 Penetration test – Validoo (Katmai AB) with Assured AB, Göteborg Perform penetration tests and code review on web applications. Help customers achieve better overall security posture by improving policies and defense against different types of attacks. Uses a white box approach in order to dig deep into an application. Role: Penetration Tester Technologies: OWASP, Burp. 2021-04 Ongoing Server Hardening and Logs Monitoring – Patrix, Göteborg Respond to and investigate security incidents. Monitor the customer’s logs servers. Present timelines and mitigation options in case we found any security attack. Role: Cyber Security Analyst Technologies: Forensics, Log Analysis 2021-09 Incident Investigation – Patrix, Göteborg Respond to and investigate security incidents. WebServer Infection Analysis (CryptoMiner Attack). Present timelines and mitigation options. Role: Cyber Security Analyst Mohammed Belcaid 7 (7) Technologies: Forensics, Log Analysis 2021-11 Penetration test – Patrix, Göteborg Perform penetration tests and code review on web applications. Help customers achieve better overall security posture by improving policies and defense against different types of attacks. Uses a white box approach in order to dig deep into an application. Role: Penetration Tester Technologies: Java, Spring Boot, OWASP, Burp. 2021-12 Penetration test – Patrix, Göteborg Perform penetration tests and code review on web applications. Help customers achieve better overall security posture by improving policies and defense against different types of attacks. Uses a white box approach in order to dig deep into an application. Role: Penetration Tester Technologies: Java, Spring Boot, OWASP, Burp.