Hi, I'm Elias
Security Minded Professional
I am fluent in English and French as well as speak Arabic. Having lived, travelled and worked across the globe, I have a solid track record of international and national level experience with deep expertise across many security domains mainly specializing in cross-functional collaboration and Security Design.
Contact MeAbout Me
My introduction
Security minded and customer focused professional with extensive experience leading teams and projects on security initiatives and digital transformations over the past 25 years. Curious and a perpetual learner, my passion for hacking and protecting society started after getting the Ping of Death during the dial-up days and while I was a network admin.
I am an exceptional cross-functional leader with excellent communication, analysis, presentation, people, and project management skills. I like big problems and actively seek complex challenges to leverage my creative problem-solving skills. On my free time I build systems, solutions and participate in Bug Bounty to keep improving my craft and skillset.
experience
projects
worked
Organizational Skills
Team focused with a "Get it done" attitudeSoft Skills
More than 25 yearsCommunication
Time management
Self Starter
Adaptability
Teamwork
Problem-solving
Leadership
Critical Thinking
Coaching
Mentoring
Mindfulness
Empathy
Business Skills
More than 25 yearsDigital Transformation
Corporate Initiatives
Strategic Projects
Value Realization
Planning and Integration
Change Management
Stakeholder Communication
Cross-Functional Leadership
Performance Monitoring
Reporting and KPIs
Process Improvement
Project Management
Security Posture Improvement
Executive Communication
Feedback Executive Summary
PreSales RFI and RFP
Professional Services
Customer Facing
Customer Service
Customer Support
Technical Support
Customer Success
Business Analysis
Technical Business Analysis
Quality Assurance
Frameworks
More than 20 yearsAgile
Waterfall
TOGAF
PMBOK
NIST
CIS
ITSG
OWASP
ISO
GPDR
HIPAA
PCI-DSS
SA&A
MITRE
CAPE
SAFE
ITIL
SSDLC
STRIDE
PASTA
ICS
Security Domains
More than 15 yearsSecurity Operations
Security Engineering
Security Assessment & Testing
Data Security
Network Security
Information Security
Security Architecture
Business Continuity
Physical Security
Cloud Security
Security Awareness
Identity and Access Management
Security Controls
System Security
Risk Assessments
Security Design
Vulnerability Assessment
Bug Bounty
Penetration Testing
Security Program Maturity
Secure Coding Practices
Code Review
Technical Skills
Tools and techniques to get it doneCloud and Hosting
More than 25 yearsBare-metal
Self-hosted
Co-location
Azure
GCP
AWS
Digital Ocean
VMware
VirtualBox
Hyper-V
Programming Languages
More than 10 yearsPython
JavaScript
HTML
XML
VBS
Batch
Shell
PowerShell
SQL
Jython
Electron
SDL
KSQL
YARA2
Operating Systems
More than 30 yearsWindows 3.1 - 11
Windows NT
Windows Server 2000-2019
Linux - Ubuntu
Linux - Red Hat/Centos
Linux - Debian
Unix - Solaris
Unix - HP UX
Unix - IBM AIX
Micro Services - Alpine
Database Management
More than 25 yearsOracle 7i-11g
Microsoft SQL Server 6.5-2019
MySQL
PostgreSQL
Consul
Snowflake
Hadoop
MongoDB
Vertica
InfluxDB
Redis
Couchbase
Network Management
More than 25 yearsNetwork Architecture
Dial-up + ISDN + SAT + Ethernet + Fiber
Fault Tolerant / Resilient to Failure
Network Installation
Cisco + Citrix + Netgear + HP
Network Administration
Monitoring + Logging + Auditing
Security by Policy
Firewall rules
NetFlows + IP Routing
Windows GPO
Cloud Security Groups
Network Segmentation
VPN + VLAN + 802.1x
System Hardening
Identity and Access Management (IAM)
Privileged Access Management (PAM)
Windows AD + Azure AD (B2C+B2B)
RBAC + PKI + Least Privilege
SSO + OAuth + SAML + OKTA + WebAuthn
Oracle Identity Manager
NetIQ DRA (AD Automation and Audit logging)
Audit Report Development
Network Services
Backup + Storage + DR
DNS + DHCP + WINS + NNTP + SSH
SAN + NAS + NFS + FTPS + LDAPs
Wifi + Mesh + F5
Kubernetes + Fluent + kube-proxy
TLS + COMSEC + FIPS
Tools and ERP Software
More than 30 yearsMicrosoft O365
Google GSuite
Totango
Workday
Adobe Acrobat
DocuSign
Visio
Excel
PowerPoint
Putty
Notepad++
Security Stuff
Tools and Services to Fight Cyber CrimeDevOps/DevSecOps
More than 20 yearsCI / CD
IaC + Ansible + Terraform + YAML
K8s Security Policies + Tigera
Performance Testing
Distributed Processing
JIRA + Chef + Puppet + CDF
AWS CodeCommit + Beanstalk
GitHub - Git + Actions + Pages
Jenkins + Gitlab + Eclipse + SVN
Lint + Snyk + Fortify
Kubernetes + Docker + Fluent + Kube-Proxy
Kafka + Zookeeper + Spark + Mirrormaker + SOLR
Rest + SOAP API + Flask + NodeJS
TheGrinder + JConsole + Firebug + Fiddler + Browser DevTools
HP QC + HP ALM + SQL Trace + SAMLTRACER
Adobe LiveCycle + HP Loadrunner + Webload
Sysinternals
Apache + Nginx + Tomcat + IIS
JBOSS + Sun Java + Oracle Application Servers
Grafana + Telegraf + InfluxDB
Security Operations (SOC)
More than 7 yearsIncident Management
Incident Response
VirusTotal + URLVoid + OPORA
IPS + IDS + HIPS + HIDS + NgFW
Zeek + Suricata + Snort + Sophos UTM
Imperva WAF
Stakeholder Communication
Sophos Web and Email Appliances
Web and Email Content Filtering
Sophos Endpoint + Microsoft Defender + CrowdStrike Falcon
Entrust ESP + SecurID RSA tokens
Mcafee EPO + Disk Encryption + DLP
Apricorn Aegis USB
Omnipeek + Netwitness + Wireshark + Tcpdump
SDWan + SASE + CASB + EDR + XDR
Security Testing and Detection
More than 15 yearsBurpSuite + Nmap + FFUF + Kali Dist + F12
Android Studio + Rengine + Jadx + MoBSF
WebInspect + Nessus + Qualys + Fortify + Sqlmap
SIEM + Outliers + UEBA + SOAR
Data Source Onboarding + Detection Engineering
Security Data Lakes
EDR + XDR
Big Data
Security Event Analysis + Routing
Security Event Parsing + Enriching
Threat Intelligence + Threat Hunting
Insider Threat Detection + Identity Attribution
HashiCorp Vault
ArcSight Suite + Flex + SmartConnectors
Syslog + CEF + JSON + CSV + Snare + WEC + WEF + Parquet
Qualifications
My personal journeyFinished 1st year Chemistry major
Hénin-Beaumont(France) - Lycée Louis-PasteurHigh School
Ottawa - Andrée LaurendeauManagement Information Systems
Ottawa - Collège La CitéNetworking Technology - Microsoft Certified Systems Engineer (MCSE)
Ottawa - Praxis Training InstituteITIL v2
Ottawa - Job RequirementCertified Information Systems Security Professional (CISSP)
Ottawa - SelfUnix badge
Ottawa - PentesterLabsMicrosoft Certified: Azure Fundamentals
Ottawa - SelfAWS Certified Cloud Practitioner
Ottawa - JobSecure Payments and PCI
Ottawa - LinkedIn LearningSnowFlake Data Applications, Engineering, Lake, Sharing and Warehouse Badges
Ottawa - SnowFlake UAPI Penetration Testing
Ottawa - APISec UniversityCertified Cloud Security Professional (CCSP)
Ottawa - SelfGitHub Actions for CI/CD
Ottawa - LinkedIn logo LearningPCAP Badge
Ottawa - PentesterLabsPractical Industrial Control System Penetration Testing 2024
Ottawa - UDemyGoogle Cybersecurity Certificate
Ottawa - CourseraAcademic Tutor
Ottawa - Collège La Cité"Internet Consultant
Ottawa - Collège La CitéHelp Desk Representative
Ottawa - Bell CanadaVideo Conferencing Dial-up Specialist
Ottawa - NortelInformation Security Advisor / Technical lead
Ottawa - FreeBalanceService Desk Specialist
Ottawa - Adobe CanadaTechnical Business Analyst/Security Advisor
Ottawa - GrantiumImplementation Manager
Ottawa - WorkDynamics TechnologiesSecurity Operations Specialist
Ottawa - Bell CanadaERP Consultant
Ottawa - Industry CanadaDigital Transformation Consultant
Ottawa - Canadian Mental Health AssociationNetwork Security Analyst
Ottawa - Environment and Climate Change CanadaApplication Security Consultant
Ottawa - Environment and Climate Change CanadaSecurity Consultant
Ottawa - My BusinessArcSight Security Consultant
Ottawa - Micro FocusArcSight PreSales Engineer
Ottawa - Micro FocusArcSight Technical Customer Success Manager
Ottawa - Micro FocusSenior Integration Test Engineer
Ottawa - Micro FocusSIEM/UEBA Customer Success Manager
Ottawa - SecuronixSecurity Architect / Design Specialist
Ottawa - Shared Services CanadaSecurity Architect / Design Specialist
Ottawa - Economic and Social Develpment CanadaVulnerability Assessment Specialist
Ottawa - Health CanadaPortfolio
Most recent work
This Site
Created this portfolio site to showcase my skills, experience and accomplishments.
VATRION: QR Code and URL Security Scanner
SIEMTrax
SA&A Security Practitioner
Reviewed project artifacts and provided deep expertise in Security Attestation & Accreditation (SA&A) for a government classified project, showcasing skills in Information Security, Security Operations, and Security Control Triage
Security SaaS Services
Championed a world-class SAAS customer experience and driving value realization for clients through strategic client partnerships.
Process Improvement
Played a crucial role in reviewing and enhancing Quality Assurance (QA) processes across the ArcSight ecosystem, contributing to security and quality for an improved end-user experience.
Customer Focus
Guided the team through the successful adoption of ArcSight security solutions contributing to customer satisfaction and value realization.
SaaS Architecture
Spearheaded efforts to architect and evaluate the deployment of ArcSight ESM in Azure to simulate a SaaS service and reported on gaps and limitations in the product along with the changes needed to turn it into a SaaS offering with lean Operating Costs.
SaaS Performance Testing
Setup a full ArcSight clustered stack in Azure and pushed it to incrementally up to 1 Million EPS to identify and report on bottlenecks to product development.
Technical Enablement
As the resident kubernetes and deployment expert, I created a full technical enablement course with videos on building the new ArcSight starting with network services all the way to integration and receiving events.
Technical Writing
Upon noticing hours wasted by support on rebuilds I created a "Tango Down, fix kubernetes P1 in under 5 minutes" document for Customer Support who had little resources or knowledge on troubleshooting and restoring broken kubernetes clusters on Priority 1 incidents back to normal.
Product Improvement
Initiated and led a Performance Testing effort to showcase the benefit of using SSDs instead of 5400RPM drives in the write and read heavy Logger product.
Release Improvement
Following multiple customer complaints about the lack of details of fixes in release notes, I improved processes to ensure developers added more details on each fix in JIRA for the documentation team to publish. This translated in substantial support or inquiry related requests to release note content at each release cycle.
Security Operations Center
Worked with the internal SOC team in capturing event sources to size up a kubernetes based installation of ArcSight for the Corporate SOC and designed a resilient solution to meet the requirements.
Product Innovation
Created a POC for a new ArcSight product to provide PKI services and to automate the certificate exchange process across hundreds of assets like SmartConnectors.
Detection Engineering
Engineered a simulated windows network for event generation and using known data sets to validate ML models as well as use case detection. This ensured that detection quality did not deviate following model or code changes.
Technical Writing
Evaluated technical product documentation, identified gaps that could lead to support/sales inquiries and worked with the documentation teams often being the author to update the documentation to reduce support costs and improve the customer experience.
Customer Focus
Guided the team through the successful adoption of ArcSight security solutions contributing to customer satisfaction and value realization.
Strategic Project / Tiger Teams
Drove key "White Glove" initiatives and played a central role in the success of high-profile accounts, contributing to substantial revenue generation and process improvement.
Risk Reduction
Identified legal liabilities and risks associated with customer production databases loaded in Oracle servers on employee laptops, with no disk encryption. Evaluated security solutions for end-point security and consolidated all databases on laptops into a central database with access control security processes.
Application Performance Testing
Customer responsible for 60% of the company's revenue was having performance issues with the J2EE application. Spearheaded a performance testing effort and built everything required, including updating recorded Jython scripts, for distributed testing to identify product fixes.
Lead Security Architect
Directed efforts in architecting and deploying ArcSight cybersecurity solutions, contributing to cross-functional collaboration and the development of implementation methodologies.
Threat & Vulnerability Assessments
Demonstrated proficiency in security assessments, penetration testing, and comprehensive reporting.
Information Security Program Delivery
Steered InfoSec project initiatives, contributing significantly to process enhancement, security controls, and knowledge transfer.
Security Operations Engineer
Played a pivotal lead role within the Security Operations team on the ETI SaaS email project, contributing to various aspects of the Identity Control Access Management system.
Digital Transformation
Led comprehensive digital transformation initiatives for customers encompassing testing, documentation, training, and system transitions, contributing significantly to company success.
Strategic Security Initiatives
Transformed company dynamics and reduced risks through strategic security initiatives and leadership.
Business Development
Pioneered and drove substantial financial gains, and elevated operational efficiency through a multifaceted approach.
Digital Transformation / Training
Upgraded the financial management system for the Nunavut and North West Territories, and trained their resources on new Standard Operating Procedures to manage the new system.
Network and System Implementation
Computerized the Sierra Leonian Ministry of Finance across 7 floors from received parts and managing local resources. Performed Physical penetration testing and site surveys then implemented mitigations to reduce risks. Trained the locally contracted company on network management and business continuity tasks.
War Zone Contractor
Designed a turn key network with systems to operate the financial management system for Iraq's Ministry of Finance, travelled in-country assess sites and deployed the solution.
Business Continuity
Provided the government of Antigua subject matter expertise in designing a resilient financial database replication strategy as well as other network related challenges.
Disaster Recovery
Travelled into a conflict country for a United Nations project to recover and fix the financial system for the country. Data had reached max configured size and was not growing with 3 months worth of data uncommitted in transaction log files. Rebuilt the database and hacked a process for the engine to import and commit the transactions in the log files.
Not just Solutions, Frameworks
In response to Solution Engineering, I've often had to create custom frameworks to manage new solutions or tools, ensuring attention throughout their lifecycle. I have a solid track record in getting at the root of issues and engineering solutions not just to address the issue but also bake in detective as well as protective layers to identify them earlier.
Consumer Product Inventor
Designed a product in Autodesk Inventor and 3d printed it. The product is a cabinet door attachment that enabled me to use my elbows or feet to open kitchen cabinets when cooking.