Muhammad Hammad

Associate CISSP
Address Islamabad, Pakistan Phone +92 313 5656656
E-mail [email protected]
LinkedIn https://www.linkedin.com/in/muhammad-hammad-b73508141/

Summary
Enthusiastic Associate CISSP eager to contribute to team success through hard work, attention
to detail and excellent organizational skills. Clear understanding of technical knowledge and
experience to design, engineer, implement, and manage the overall security posture of an
organization. Motivated to learn, grow and excel in Information Security.

Security Training & Experience

GRC Analyst Master Class & Conducting Practical Risk Analysis
Simplycyber.io (ISC)2 Course
• Gained practical experience working through risk assessment, analysis, mitigation, remediation,
and communication.
• Holistically examined operational risk management, learned to work cross-functionally,
determined how to use risk data effectively, and disseminate actionable information and
findings.
• Executed threat modeling exercise to determine higher likelihood threat events to inform
cybersecurity risk modeling.
• Knowledgeable on NIST Cybersecurity Framework and how the Identify, Protect, Detect,
Respond, and Recover categories comprise and facilitate an information security program.
• Developed Information Security policy to establish authorized access management and
authenticator management for internal and third-party personnel.

Vulnerability Assessment - 1/2021 to present

Ghanimah.com
• Performed tasks like breaking into security-protected applications and networks to probe for
vulnerabilities.
• Recommended IT security improvements to achieve system confidentiality, integrity and
availability.
• Learned new skills and applied to daily tasks to improve efficiency and productivity.

Penetration Tester - 1/2021 to present

Ghanimah.com
• Exploited security-protected application and networks to confirm identified vulnerabilities.
• Performed penetration tests on network devices, operating systems and databases.
• Recommended IT security improvements to achieve system confidentiality, integrity and
availability.
Skills
• Network & Communications security • Risk management
• Security Operations • Information Security Management
• Security Assessment • Security Testing
• Identity and Access Management • Asset Security
• Python, C, C++ • Linux

Tools
• Burp Suite • ZAP
• Nessuss • W3af
• Nmap • Microsoft(Word, Powerpoint,Excel)
• Metasploit

Certifications
• Associate of (ISC)^2
Associate CISSP
Digital Badge url: https://www.credly.com/earner/earned/badge/2d6ddc2f-a094-435c-bc65-
65277625744a

Education
Bachelor of Science: Electrical Engineering – National University of Computer and Emerging
Sciences, Islamabad

Courses
• Conducting Practical Risk Analysis - (ISC)^2
• Cloud Basics - (ISC)^2
• Ehtical Hacking - Alnafi
• CIS Top 20 Controls - Alnafi
• Vulnerability Assessment - Alnafi
• Web Application Pentesting – Alnafi

Interests
Reading books, Learning new skills.