<BB/> Baraa Baroudi

Baraa Baroudi

Cybersecurity & Network & IT Support Specialist
01101001 01101110 01100110 01101111 01110011 01100101 01100011

Hands-on specialist bridging IT Support, Network Engineering, and Cybersecurity Operations. Experienced in MikroTik firewalls, VLAN segmentation, and SOC-style monitoring with SIEM tools. Certified by Google, IBM, Cisco, and EC-Council.

View Projects Get in Touch
πŸ“ Riyadh, Saudi Arabia πŸͺͺ Transferable Iqama πŸ“± +966 50 517 5049 βœ‰οΈ Email LinkedIn

About Me

I’m a Cybersecurity and Network Support Specialist with hands-on experience in vulnerability management, penetration testing, and ISO 27001–aligned security policy development. I’ve delivered user awareness sessions, drafted incident response playbooks, and simulated SOC workflows including alert triage, log analysis, and documentation.

Currently building a practical portfolio through bug bounty testing (HackerOne / YesWeHack), PortSwigger Web Security labs, and SOC-style investigation write-ups that show real detection and response capability.

Contact

πŸ“§ BaraaBaroudi.wo@gmail.com
πŸ“ Riyadh, Saudi Arabia
πŸͺͺ Transferable Iqama | Ready to Join
πŸ“± +966 50 517 5049
πŸ”— linkedin.com/in/BaraaBaroudi

My Skills

Security
VAPT
Vulnerability Mgmt
SOC Monitoring
MITRE ATT&CK
SIEM (Splunk / QRadar)
IR Playbooks
Incident Response
OWASP Top 10
IAM
Log Analysis
Endpoint Protection (EDR/XDR)
Threat Intelligence
Networking
MikroTik
Cisco
VLANs
VPN
Firewalls
Routing & Switching
Wireshark
Nmap
Structured Cabling
Active Directory
Windows Server
Network Security
Programming & Tools
Python
Bash
PowerShell
SQL
Burp Suite
Metasploit
GitHub
Linux
Windows
Automation
Virtualization (VMware / Hyper-V)
Scripting
Governance, Risk & Compliance
ISO 27001
NIST CSF
SAMA CSF
NCA ECC-2
Policy Development
Awareness Training
Documentation
Audit Readiness

Projects

SOC Labs – Alert Triage & Log Analysis

Documented 20+ simulated incidents with detection notes, IOCs, and escalation paths using SIEM-style dashboards (Splunk / Azure Sentinel). Improved accuracy of alert classification and response documentation.

MITRE SIEM Logs

Pentest Write-ups

PortSwigger / HTB labs: BAC, XSS, IDOR. Produced professional reports with impact, risk, and remediation recommendations aligned with ISO 27001 and OWASP.

OWASP Burp Reporting

ISP Network Hardening

Configured MikroTik firewalls, VLAN segmentation, and VPN tunnels to secure client networks for ISP users. Improved network stability and isolated client traffic, reducing risk of unauthorized access.

MikroTik VLAN VPN
OPEN CASE IR-2025-01

πŸ” Investigating a Malicious Connection

Incident Response exercise analyzing PCAP and Splunk logs to uncover Qakbot malware and reverse shell activity. Correlated network + endpoint evidence to confirm infection chain.

Wireshark Splunk Qakbot

IT Infrastructure & Endpoint Hardening

Implemented Windows updates, antivirus configuration, and secure access policies across 200+ user endpoints. Reduced system downtime and improved compliance with internal IT security standards.

Windows Endpoint Access Control

Professional Experience

🧠 Cybersecurity Researcher Β· Freelance Jan 2025 – Present
  • Performed penetration testing and log analysis on HackerOne and YesWeHack using OWASP Top 10 methodology.
  • Identified and reported XSS and Broken Access Control vulnerabilities with detailed remediation guidance.
  • Completed 50+ labs on HackTheBox, PortSwigger, and CTFlearn focusing on exploitation, incident response, and SIEM correlation.
  • Produced structured vulnerability and incident reports, improving alert triage accuracy by 25%.
πŸ›‘οΈ Cybersecurity Specialist Β· Semicolon Academy Aug 2024 – May 2025
  • Conducted vulnerability assessments and VAPT aligned with ISO 27001 and NIST CSF frameworks.
  • Developed and tested Incident Response Playbooks and ran phishing simulations that reduced user risk by 30%.
  • Delivered user awareness training to strengthen defenses against social engineering attacks.
  • Mapped threats and controls to SAMA CSF and NCA ECC-2 for compliance readiness.
🌐 Network Technician Β· Al Arrab Net (ISP) Nov 2023 – Feb 2025
  • Installed, configured, and maintained MikroTik routers, switches, and wireless APs ensuring secure connectivity for broadband clients.
  • Designed and implemented VLAN segmentation to isolate customer traffic, boosting performance and reducing cross-network risk.
  • Applied firewall, NAT, VPN, and bandwidth-management policies achieving 99% network uptime.
  • Integrated Fortinet and Cisco ASA firewalls for perimeter protection.
  • Performed structured cabling, diagnostics, and incident resolution to restore service continuity.
  • Documented configurations for faster troubleshooting and smoother escalations.
πŸ’» Web Developer Β· Markaz Studio Feb 2023 – Oct 2023
  • Built and maintained secure web applications using React.js and Express.js with authentication and session control.
  • Implemented OWASP Top 10 countermeasures and API hardening to reduce vulnerability findings during QA.
  • Collaborated with design and QA teams to enhance UI/UX and maintain secure integration workflows.
βš™οΈ IT Support Technician Β· Lebanese Military Jan 2018 – Jan 2022
  • Supported 200+ users across hardware, software, and network systems in a mission-critical environment.
  • Installed and configured Windows OS, printers, LAN/WAN links, and end-user devices.
  • Administered Active Directory accounts, permissions, and group policies for secure access control.
  • Managed file sharing, endpoint protection, and preventive maintenance to minimize downtime.
  • Conducted security awareness training and authored network documentation to streamline troubleshooting for junior staff.

Education

πŸŽ“

Bachelor of Science in Computer Science

Lebanese International University Β· 2023
Focus: Networking, Security, and Software Development
Graduation Project: Secure Web Application Deployment Framework

πŸ’‘

Technical Baccalaureate in Informatics

Lebanese Ministry of Education Β· 2018
Concentration: IT Systems, Programming, and Network Fundamentals

Certifications

Contact

I’m currently based in Riyadh, Saudi Arabia, and open to opportunities in SOC Operations, Penetration Testing, Network Security, or IT Infrastructure roles.

Available for immediate joining with a transferable Iqama.

πŸ“§ Email πŸ“± Call πŸ’¬ WhatsApp πŸ”— LinkedIn
Download CV

Baraa Baroudi β€” Cybersecurity & Network Support Specialist

Code Breaker

Decrypt the 4-Digit Code
Guess the unique 4-digit code before you run out of attempts.
Attempts Left
8

How to Play

  • The computer selects a 4-digit secret code β€” all digits are unique.
  • Enter your guess (example: 1234) and click Submit.
  • For each guess you get feedback:
    • Bull πŸ‚ = Correct digit in the correct position.
    • Cow πŸ„ = Correct digit but in the wrong position.
  • You have 8 attempts to find the code.
  • Click New Game to restart anytime.