Mohamed Elasmar

I am a senior cloud security engineer with extensive experience in security cloud environments, Kubernetes clusters and applications. 

WORK EXPERIENCE:

Citizens Bank                                  June 2020-Present

Principal Cloud Security Engineer                                                                                                                                         Jun 2021 – Present 

Security Architecture

• Conducted security architecture reviews of cloud migration initiatives across the bank and produced threat models for both cloud-native and lift and shift applications.
• Served as a cloud security subject matter expert to the various lines of businesses by providing them with security consultations regarding current and emerging cloud technologies. 

Cloud Automation & Development

• Developed a cloud-native application consisting of an API Gateway, several containerized APIs, and a MongoDB table in an OpenShift cluster. Developers can query the internal API and view image scans, namespace scans and CSPM scans. Created a front-end plugin in Backspace to view consolidated scan results 
• Developed a serverless application using Lambda, SQS, and Dynamodb to poll Lacework intermittently and create Jira stories for compliance findings. This application tracks the state of the findings and periodically checks whether they have been remediated or if the resource has been terminated. 
• Developed a serverless IAM Privlige escalation automation, where the requestor enters data in a ServiceNow ticket, which then sends the data to a lambda function via an SQS queue. This function then executes the Terraform to create the temporary permissions attached to the role, which are set to expire within a defined timeframe. A Terraform Destroy is then also executed to ensure permissions are removed. 
• Developed numerous Python lambda functions that autoremediate various types of common cloud misconfigurations related to IAM, VPC and S3. 
• Developed several CSPM scripts that deliver Prisma CSPM reporting to key stakeholders, and lambda functions that deliver cloud security metrics to Splunk dashboards using the Splunk HEC. 

Cloud Security Engineering

• Created several Terraform modules to configure AWS GuardDuty, CloudTrail and VPC Flow logs. Also created TF modules that ship these logs to our SIEM using Kinesis Firehose, AWS EventBridge and CloudWatch Logs. 
• Created a Golden AMI Pipeline for creating hardened AMIs using Packer, Terraform, and Qualys VM scanner/Inspector. 

Cloud/Container Vulnerability Management

• Implemented Prisma Cloud CSPM across AWS, Azure and OCI, and created dozens of custom policy rules. Configured the tool (defined alert rules, accountgroups, policies…etc) using Terraform. 
• Experience configuring and utilizing Lacework and Datadog CSPM/CloudSIEM (used by companies we acquired). 
• Deployed Twistlock Container Security via Helm in an Openshift Kubernetes environment.
• Worked with Cloud Operations teams to remediate cloud security findings with Terraform. 
• Assisted various development teams in remediating container security findings and educating them on secure container practices. 
• Deployed OPA Gatekeeper in an OpenShift Kubernetes environment and wrote several Rego rules for the Prisma Compute Admission Controller. Implemented a process for verifying image signatures utilizing a Rego script that sends an HTTP request to Notary w/ image signature and cross-references with image hash in the cluster. 
• Assisted with integrating Fortify On-Demand scanner in Jenkins Pipeline. 
• Led the transition from Qualys CSPM/CWPP to Prisma Cloud Suite. 
• Led the IaC scanning and serverless security initiatives at the bank using the Prisma Cloud suite. 
• Integrated Qualys Container Scans into Jenkins CI/CD pipeline for the Enterprise Pipeline.                       
• Participated in several Red Team exercises that were focused on Cloud and Container related attacks.
• Oversaw a third-party cloud security assessment.

  Senior Cyber Defense Specialist (Citizens Bank)                                                                                    Jun 2020 – June 2021                                                

• AWS Subject Matter Expert. Assisted in the development of a Cloud Security incident response program by creating several AWS security playbooks. 
• Mentored co-workers in cloud security and produced educational content on various AWS security tools. 
• Monitored, investigated and responded to AWS security alerts. 

PurpleShield (PurpleShield.io - (PART-TIME)                                                                                      Oct 2021 – June 2022

Lead Cloud Security Engineer

• Conducted AWS security audits on several small-midsize companies using Prowler and remediated misconfigurations. 
• Deployed Twistlock and configured scans w/ Github Actions and Jenkins pipelines.
• Instrumented security controls within development pipelines, including AWS Inspector, SAST (CodeQL), container (Trivy), Kubernetes (Kube-Bench), and IaC scanners (Checkov).
• Prepared several companies for SOC2 audits by drafting cloud architectural diagrams for SOC2, setting up SSO integrations w/ OKTA (some requiring custom code) using Terraform, configuring OAuth2-Proxy/OIDC integration for applications running in Kubernetes, configuring WAFs, configuring SOC2 automated compliance tools (Drata), and configuring Datadog monitoring and logging. 

Vertikal6                                              Feb. 2020 – June 2020

L3 Analyst                                                                               Warwick, RI 

• Worked on several security incidents related to phishing, malware, and VPN troubleshooting.
• Resolved technical problems with LAN, O365, Active Directory, and performed software troubleshooting.

Qatar University                                                                                                                                                           Sept. 2016 – Dec 2020

Law Researcher                                                                                                                            Doha, Qatar

• Assisted law professors in researching legal topics. 
• Edited and translated for the QU Law Journal.

EDUCATION 

University of Rhode Island                                                                   2008-2012

BA.                                                                                                                                                                                       North Kingston, RI

Qatar University                                                                              2017-2020

MA, Law (ABD)       

CERTIFICATIONS: