Benjamin Ali - Cybersecurity Professional

Contact

• Email: me@benjaminali.com
• LinkedIn: benjaminali
• GitHub: glitchfox

Summary

Highly motivated cybersecurity professional with 12 years of experience in penetration testing, vulnerability assessment, and security automation. Proven ability to identify and remediate critical vulnerabilities, lead teams in developing secure web applications, and streamline security processes for increased efficiency. Passionate about mentoring and empowering teams to stay ahead of emerging threats and contribute to a secure digital environment. Seeking a leadership role to drive impactful security initiatives within a forward-thinking organization.

Experience

Product Security Analyst | Huawei Technologies, Banbury | Nov 2015 - Present

• Conducted penetration testing of telecommunications infrastructure used in the UK’s critical national infrastructure, identifying vulnerabilities and providing assurance to the UK government.
• Collaborated with development teams to implement secure coding practices and remediate identified security flaws.
• Developed and maintained security testing frameworks and automation scripts to improve efficiency and coverage.

Intelligence Analyst | Centient Limited, Frimley | Nov 2012 - Nov 2015

• Monitored various intelligence sources (Darknet, open source) for trends and threats to clients, delivering timely and actionable reports.
• Conducted in-depth analysis of cyber threats and vulnerabilities, providing strategic recommendations to mitigate risks.
• Developed and maintained threat intelligence databases and tools to support proactive security measures.

SOC Analyst | Centient Limited, Frimley | Nov 2012 - Nov 2015

• Operated and delivered 24/7 service desk and front-line systems support, ensuring timely resolution of security incidents.
• Coordinated day-to-day SOC services within a team, ensuring professional and efficient delivery of client-related threat information.
• Conducted security event analysis and incident response, identifying root causes and implementing corrective actions.

Skills

Technical Skills

• Penetration Testing: Web Applications, Network Infrastructure, Telecommunications Infrastructure
• Vulnerability Assessment: Static/Dynamic Analysis, Manual Code Review
• Security Automation: Scripting (Python, Bash, PowerShell), Web Application Development
• Incident Response
• Security Tools: Burp Suite, Nessus, Metasploit, Nmap, Wireshark
• Operating Systems: Windows, Linux
• Telecommunications Security: 5G, LTE, Network Security
• Protocol Analysis: Understanding of telecommunications protocols (e.g., SS7, Diameter, SIP)

Soft Skills

• Leadership: Proven ability to lead and mentor teams, driving security initiatives and fostering a culture of security awareness.
• Teamwork: Collaborative and effective in cross-functional teams, fostering positive working relationships and achieving shared goals.
• Communication: Excellent written and verbal communication skills, able to articulate complex technical concepts to both technical and non-technical audiences.
• Problem-Solving: Strong analytical and problem-solving skills, able to identify root causes and develop effective solutions.
• Analytical Thinking: Critical thinker with the ability to assess risks, prioritize tasks, and make informed decisions under pressure.

Certifications & Courses

• CISSP: Certified Information Systems Security Professional
• SEC401: Security Essentials (GSEC)
• SEC560: Network Penetration Testing and Ethical Hacking (GPEN)
• SEC642: Advanced Web App Penetration Testing, Ethical Hacking, and Exploitation Techniques
• SEC660: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking (GXPN)
• SEC760: Advanced Exploit Development for Penetration Testers

Education

University of South Wales, Newport | Sept 2009 - May 2012

• BSc (Hons) in Computer Forensics (2:1)

Lliswerry High School, Newport | Sept 2001 - May 2009

• 2 A Levels, 1 AS Level, 6 Key Skills, and Young Enterprise OCR Level 2

Interests

Outside of work, I am passionate about continuous learning and personal development within the cybersecurity field. I enjoy:

• Personal Projects: Currently working on a project to automate web application security testing.
• CTF Participation: Actively participate in Capture The Flag competitions to challenge and expand my skills.
• Skill Enhancement: Continuously honing my web application security expertise through platforms like Burp Suite Web Academy and vulnerable VMs. In my free time, I enjoy watching rugby, attending fit camp at my local gym, and immersing myself in a good science fiction book.