M'hirsi Hamza

As a Senior Security Engineer at Taxfix, I drive secure architecture, manage security tooling, and lead the design of Zero Trust IAM & network model. • Collaborated with engineering teams to integrate security into product development lifecycle. • Managed suite of advanced security tools and monitoring systems. • Led design and rollout of Zero Trust IAM & network model on Google Cloud Platform.

• Web penetration testing• Web penetration testing Skills: Bash · Penetration Testing · Networking · Administration système Linux

• Improve the product in terms of efficiency and performance to ensure a sustainable growth cycle. • Collect new feeds and reports from the internet using specific cybersecurity keywords to stay up to date. • Responsible for different research related to detecting malware in DNS and email protocols. • Collect and generate malicious traffic using sandboxing. • Research for new methods that will help to detect abnormal behavior using SSL certificate.

• Build an alpha version product with only three engineers, that detects malware in encrypted traffic without decrypting it. Create a unique solution in terms of technologies, software, and deployment. • Give the appropriate meaning to the data we are capturing to help our clients better understand their network data. • Developed software that collects data from the client network.

I taught the Red Team Offensive course, where I explain how the Red team is organized and how it can hold a successful mission until the end, where we discover different techniques in practice.

Red Teaming was seen as a useful ​ tool​ for generals to evaluate the security posture, Red Team, therefore, took on the role of the aggressors or “bad guys”. The bad guys do not follow the rules but are utilized in a controlled way simulating and emulating what the bad guys can do, Red Teaming serves to help the defenders spot, respond and stop attacks as well as strengthen and improve.

In this Internship, I worked on my real-life pen-testing skills. And I exercised my skills to build a SIEM inside the EY security lab to monitor the traffic between the devices and to use different techniques to detect malicious behavior.