Skip to main content
Background Image

Resume

Table of Contents
Senior Security Engineer specialized in cybersecurity research, vulnerability assessment, and AI-driven security solutions.

Contact Information
#

Email: moh_amgad@hotmail.com

Connect:

Experience
#

R&D Tech Lead | Cyshield
#

Present | Cairo, Egypt

  • Leading cybersecurity innovation initiatives and research & development projects
  • Driving the development of cutting-edge security solutions and threat detection technologies
  • Collaborating with cross-functional teams to translate security research into practical applications

Senior Security Engineer | Unifonic
#

Jun 2024 – Jun 2025 | Cairo, Egypt

Led enterprise-wide security initiatives and DevSecOps implementations
  • Led implementation of enterprise-wide DevSecOps pipelines, integrating SAST, DAST, and SCA tools
  • Architected and deployed cloud-native security solutions for AWS and Kubernetes environments
  • Conducted architecture reviews and threat modeling sessions for critical systems

Senior Cyber Security Engineer | Cyshield
#

Jan 2020 – Jun 2024 | Cairo, Egypt

  • Led comprehensive security assessments including web, mobile, and network penetration testing
  • Mentored team members and enhanced overall security assessment quality

Security Engineer | Shieldfy
#

Jan 2018 – Oct 2018 | Alexandria, Egypt

  • Conducted security research and developed detection rules to enhance Shieldfy’s RASP (Runtime Application Self-Protection) solution
  • Performed comprehensive web and mobile application security assessments to validate protection mechanisms and identify security gaps

Projects
#

DVBLab - Secure Banking Application Training Project
#

Security Developer & Course Author

Tech Stack: Python, Flask, SQLAlchemy, React, JWT Authentication

GitHub: https://github.com/mamgad/DVBLab/

  • Developed a comprehensive banking application with intentionally embedded security vulnerabilities for educational purposes
  • Created course modules covering secure code review, authentication vulnerabilities, SQL injection prevention, and API security
  • Implemented real-world security scenarios including race conditions, JWT vulnerabilities, and authorization bypass exploits
  • Integrated industry security standards including OWASP, PCI DSS, FFIEC, and NIST frameworks

Skills
#

Software Development
#

Python Java JavaScript Ruby on Rails MySQL Bash

Primary Focus: Secure software development across multiple languages and frameworks, with emphasis on building secure and scalable applications.

Application Security
#

SAST DAST Penetration Testing BurpSuite Metasploit SCA

Specialization: Implementing comprehensive security solutions across the software development lifecycle, from design to deployment.

Cloud & Infrastructure
#

AWS Kubernetes Docker CI/CD IaC DevSecOps

Experience: Securing cloud-native applications and implementing DevSecOps practices in modern infrastructure environments.

Certifications
#

Advanced Security Certifications
#

Offensive Security Web Expert (OSWE) - Verify
Advanced certification demonstrating expertise in white box web application assessment and security.

Certified Cloud Native Security Expert (CCNSE) - Verify
Advanced certification validating expertise in implementing and managing Cloud Native Security programs.

Certified Container Security Expert (CCSE) - Verify
Advanced certification validating expertise in container security and vulnerability management.

Certified DevSecOps Professional (CDP) - Verify
Professional certification validating expertise in implementing DevSecOps programs and security automation.

Penetration Testing Certifications
#

Web Application Penetration Tester Extreme v2 (eWPTXv2) - Verify
Advanced web application security certification focusing on complex exploitation techniques.

Certified Professional Penetration Tester v2 (eCPPTv2) - Verify
Professional certification demonstrating expertise in network penetration testing.

Mobile Application Penetration Tester (eMAPT) - Verify
Specialized certification in mobile application security testing and vulnerability assessment.

Achievements
#

Awards & Competitions
#

  • ADDA Finals CTF - 3rd Place, 2022
  • EG-CERT National CTF - 1st Place, 2019
  • Arab Cyber Wargames Championship - 4th Place, 2018
  • CyberTalents Finals CTF - 5th Place, 2017

CVEs
#

  • CVE-2017-1000058 - Stored XSS at Chevereto CMS
  • CVE-2018-5222 - Pending Disclosure

Research Highlights
#

Security Research - HackerOne | Bugcrowd
Responsible disclosure of security vulnerabilities in Fortune 500 companies including Twitter, Sony, Adobe, TripAdvisor, Ford Motors, Pinterest, and Dell.

Related

Professional Certifications
Vibe Coding My Way Out of ADHD: How I Built an AI Assistant with Claude Code and Obsidian
·2252 words·11 mins
General Productivity Adhd Ai-Assistant Obsidian Claude-Code Automation