Mohammad Salamat
Sydney,Australia
Summary
Experienced IT professional (6 years) specializing in Cyber Security Analysis (Penetration Testing and Vulnerability Assessments). Proficient in tools like Burp Suite, Metasploit, and Nessus, with a proven track record of mitigating high-risk threats. Recognized as Best Employee of the Year for outstanding performance. Seeking to leverage my skills and achievements in a challenging cybersecurity role within a dynamic and innovative environment. Completed PWK training and actively preparing for the OSCP exam to enhance my offensive security capabilities.
Overview
2024
2024
years of professional experience
1
1
Certification
Work History
Penetration Tester
Turquoise Partners
07.2021 - 02.2024
- Company Overview: Turquoise Partners is a prominent investment firm specializing in foreign investment and portfolio management. The firm manages a major private equity fund and offers comprehensive services in asset management, venture capital, and financial advisory.
- Conducted comprehensive vulnerability assessments on over 300 infrastructure assets using industry-standard tools like Nessus, Metasploit, and Nuclei to identify potential security vulnerabilities.
- Exploited identified vulnerabilities during penetration tests and bypassed EDR and AV systems.
- Conducted adversary emulation using Cobalt and Caldera to test and challenge SOC systems.
- Conducted regular ISO 27001 risk assessments and played a key role in implementing risk management strategies to effectively mitigate identified risks.
- Conducted comprehensive vulnerability assessments on 40+ web applications using Burp Suite, Acunetix, SQLmap, and other tools, following OWASP Top 10 guidelines.
- Planned and conducted security awareness programs, including training on cybersecurity best practices and targeted phishing simulations to educate employees.
- Worked closely with IT teams to design and implement advanced security strategies, focusing on fortifying network defenses and addressing vulnerabilities identified during penetration tests.
- Redesigned network topology and performed a firewall on the network edge; enhanced network security, reducing unauthorized access incidents by 30%.
- Turquoise Partners is a prominent investment firm specializing in foreign investment and portfolio management. The firm manages a major private equity fund and offers comprehensive services in asset management, venture capital, and financial advisory.
- Identified and prioritized 80 high-risk vulnerabilities and recommended remediation actions, leading to a significant 40% reduction in cybersecurity incidents.
- Enhanced SIEM effectiveness by collaborating with the SOC team to develop detection rules, improving threat detection accuracy and reducing false positives by 30%.
- Successfully identified critical vulnerabilities previously undetected in red team simulations, with 80% success rate.
- Enhanced compliance with ISO 27001 standards, resulting in a 20% decrease in audit findings related to risk management.
- Increased employee awareness by 40% and reduced successful phishing incidents by 50%.
- Successfully reduced security breaches by 35% through implementation of targeted security measures.
Penetration Test Project
Poiesh Bazargan
08.2022 - 11.2022
- Company Overview: Industry: Steel Industry
- Performed black-box penetration tests on IT infrastructure and client networks, providing detailed solutions in reports.
- Used tools like BurpSuite, sqlmap, and Metasploit for vulnerability assessments.
- Developed C++ code to bypass EDR systems during penetration tests.
- Authored concise penetration testing reports outlining risks and security recommendations.
- Industry: Steel Industry
- Enhanced Security: Mitigated 80% of identified vulnerabilities to bolster security posture.
- Security Training: Delivered post-test training, boosting awareness and reducing future vulnerabilities.
- Improved Remediation: Increased remediation rates by 25% through precise security recommendations.
System Administrator
Agah Company
07.2020 - 06.2021
- Company Overview: Industry: Software Development Industry
- Installed, configured, and maintained Windows Server systems, managing Active Directory, Group Policy, DNS, and DHCP for secure operations.
- Delivered frontline technical support to over 500 end-users, resolving hardware, software, and network issues efficiently.
- Managed user account, group policies, and organizational units within Active Directory.
- Managed IT assets and software licenses, ensuring compliance and reducing costs.
- Industry: Software Development Industry
- Enhanced Service: Achieved 95% user satisfaction by delivering timely IT support.
- Efficiency Boost: Improved incident tracking, increasing ticket resolution by 30%.
- System Upkeep: Regularly maintained 200+ workstations, boosting system efficiency by 25%.
Technical Support
Irsa Bonsaz Alborz
03.2018 - 11.2019
- Company Overview: Industry: Civil Engineering
- Provided support for Windows Server and Active Directory, managed client systems, install and configure software, and troubleshoot both hardware and software issues.
- Created, managed, and disabled user accounts in Active Directory and other systems, ensuring proper access and security protocols are followed.
- Worked closely with other IT team members to escalate and resolve complex issues, share knowledge, and contribute to IT projects.
- Responded to helpdesk tickets and provided technical support for a wide range of IT issues.
- Assisted with the setup, maintenance, and troubleshooting of computer hardware, including laptops and printers.
- Industry: Civil Engineering
- Achieved a 98% user satisfaction rate by delivering prompt and effective technical assistance.
- Diagnosed and resolved issues with Windows and macOS systems, printers, and mobile devices, achieving an 80% first-call resolution rate.
- Implemented WSUS for patch management across 100+ systems, ensuring timely updates and security patches; improved system performance by 20%.
Cybersecurity Analyst
Pyesh
- Provided training on various topics related to cybersecurity awareness and best practices.
- Assisted with developing strategies for responding to potential cyber attacks such as malware outbreaks, phishing campaigns, ransomware attacks.
- Installed patches and upgrades on a regular basis as part of ongoing maintenance efforts.
Education
Bachelor's degree -
Skills
- Penetration Testing
- Burp Suite
- Metasploit
- GVM
- Nessus
- Nmap
- Sqlmap
- Bloodhound
- Impacket
- GoPhish
- Phishing Simulations
- PowerShell
- Bash
- Python
- C
- Vulnerability Assessments
- Proof of Concepts
- Adversary Emulation
- Caldera
- Cobalt Strike
- MITRE ATT&CK
- Essential 8
- Australian Cyber Security Centre
- ISO 27001
- Bug Bounty
- OWASP Top 10
- Web Application Security
- Windows Forensics
- Network Forensics
- Digital Evidence Analysis
- Network Traffic Analysis
- Microsoft Servers
- Active Directory
- DHCP
- DNS
- Exchange
- Cisco Networking
- Splunk
- Fortinet Firewalls
Certification
- Red Team, Nooranet Academy
- Cyber Security Analyst, IBM
- IT Fundamentals for Cyber Security, IBM
- Web Application Penetration Testing, Nooranet Academy
- Penetration Testing with Kali Linux, Nooranet Academy
- Window Forensic, Nooranet Academy
- Network Forensic, Nooranet Academy
- Security Engineering, Tryhackme
- OSCP in Progress, Completed the PWK training and currently preparing for the OSCP exam through extensive hands-on practice in penetration testing.
Accomplishments
Best Employee of the Year, 2022-2023, Recognized for cybersecurity contributions among 500 employees at Turquoise Partners.
References
Available upon request
Personal Information
Title: Penetration Tester
Bug Bounty Awards
- Microsoft - Power Platform, 2023
- CoinSpot - Australian Exchange, 2021
- Wowway - WideOpenWest, 2021
Timeline
Penetration Test Project
Poiesh Bazargan
08.2022 - 11.2022
Penetration Tester
Turquoise Partners
07.2021 - 02.2024
System Administrator
Agah Company
07.2020 - 06.2021
Technical Support
Irsa Bonsaz Alborz
03.2018 - 11.2019
Cybersecurity Analyst
Pyesh
Bachelor's degree -
Similar Profiles
TARWIREI CHAPUKIRATARWIREI CHAPUKIRA
HOUSE KEEPING & MINI-BAR ATTENDANT at RIU PALACE AND RU TURQUOISE MAURITIUSHOUSE KEEPING & MINI-BAR ATTENDANT at RIU PALACE AND RU TURQUOISE MAURITIUS
Jaron MorinJaron Morin
Junior Animator at Turquoise Sky ProductionsJunior Animator at Turquoise Sky Productions
Austin OrangeAustin Orange
Line Cook at Turquoise Desert TaproomLine Cook at Turquoise Desert Taproom
James RussoJames Russo
Student at Full TimeStudent at Full Time
Emile EverduimEmile Everduim
Senior Consultant Financial Crime Analytics at DeloitteSenior Consultant Financial Crime Analytics at Deloitte