<BB/> Baraa Baroudi

Baraa Baroudi

Cybersecurity & Infrastructure Security Engineer
01101001 01101110 01100110 01101111 01110011 01100101 01100011

Cybersecurity & Infrastructure Security Engineer Securing enterprise networks, systems, and cloud environments. Experienced in MikroTik firewalls, VLAN segmentation, VPN architectures, and Microsoft 365 security. Strong background in vulnerability assessment, penetration testing, and system hardening.

View Projects Get in Touch
πŸ“ Riyadh, Saudi Arabia πŸͺͺ Transferable Iqama πŸ“± +966 50 517 5049 βœ‰οΈ Email LinkedIn

About Me

I’m a Cybersecurity & Infrastructure Security Engineer with hands-on experience in securing enterprise environments, including network infrastructure, cloud services, and endpoints. I specialize in network security, system hardening, and vulnerability management, with practical experience in both offensive security (penetration testing) and defensive security (incident handling and monitoring).

Currently working on real-world security implementations including firewall configurations, access control systems, and infrastructure protection, while continuously building advanced skills through hands-on labs and bug bounty platforms.

Contact

πŸ“§ BaraaBaroudi.wo@gmail.com
πŸ“ Riyadh, Saudi Arabia
πŸͺͺ Transferable Iqama
πŸ“± +966 50 517 5049
πŸ”— linkedin.com/in/BaraaBaroudi

My Skills

Security
VAPT
Vulnerability Mgmt
Security Monitoring
MITRE ATT&CK
SIEM (Splunk / QRadar)
IR Playbooks
Incident Response
OWASP Top 10
IAM
Log Analysis
Endpoint Protection (EDR/XDR)
Threat Intelligence
Networking
MikroTik
Cisco
VLANs
VPN
Firewalls
Routing & Switching
Wireshark
Nmap
Structured Cabling
Active Directory
Windows Server
Network Security
Programming & Tools
Python
Bash
PowerShell
SQL
Burp Suite
Metasploit
GitHub
Linux
Windows
Automation
Virtualization (VMware / Hyper-V)
Scripting
Governance, Risk & Compliance
ISO 27001
NIST CSF
SAMA CSF
NCA ECC-2
Policy Development
Awareness Training
Documentation
Audit Readiness

Security Work / Case Studies

Security Monitoring & Log Analysis

Documented 20+ simulated incidents with detection notes, IOCs, and escalation paths using SIEM-style dashboards (Splunk / Azure Sentinel). Improved accuracy of alert classification and response documentation.

MITRE SIEM Logs

Pentest Write-ups

PortSwigger / HTB labs: BAC, XSS, IDOR. Produced professional reports with impact, risk, and remediation recommendations aligned with ISO 27001 and OWASP.

OWASP Burp Reporting

ISP Network Hardening

Configured MikroTik firewalls, VLAN segmentation, and VPN tunnels to secure client networks for ISP users. Improved network stability and isolated client traffic, reducing risk of unauthorized access.

MikroTik VLAN VPN
OPEN CASE IR-2025-01

πŸ” Investigating a Malicious Connection

Incident Response exercise analyzing PCAP and Splunk logs to uncover Qakbot malware and reverse shell activity. Correlated network + endpoint evidence to confirm infection chain.

Wireshark Splunk Qakbot

IT Infrastructure & Endpoint Hardening

Implemented Windows updates, antivirus configuration, and secure access policies across 200+ user endpoints. Reduced system downtime and improved compliance with internal IT security standards.

Windows Endpoint Access Control

Professional Experience

🏒 IT & Network Supervisor Β· Address Group Jan 2026 – Present
  • Lead IT and network operations supporting 200+ users across multi-branch environments, ensuring secure and reliable infrastructure.
  • Design and implement network security controls including firewalls, VLAN segmentation, VPN tunnels, and access policies.
  • Administer Microsoft 365 security and identity management, including Entra ID, access control, email security, and compliance policies.
  • Support and coordinate security incident response across endpoints, email, and network layers.
  • Perform vulnerability assessments and remediation aligned with ISO 27001 and infrastructure security best practices.
  • Lead technical projects including ERP (Odoo), CCTV security systems, infrastructure upgrades, and system hardening initiatives.
🧠 Cybersecurity Researcher Β· Freelance Jan 2025 – Present
  • Performed penetration testing and security validation on HackerOne and YesWeHack using OWASP Top 10 methodology.
  • Identified and reported XSS, Broken Access Control, and authentication-related vulnerabilities with remediation guidance.
  • Completed 50+ labs on HackTheBox, PortSwigger, and CTFlearn covering exploitation, incident analysis, and remediation.
  • Produced structured security assessment reports aligned with OWASP, ISO 27001, and NIST concepts.
πŸ›‘οΈ Cybersecurity Analyst Trainee Β· Semicolon Academy Aug 2024 – May 2025
  • Conducted vulnerability assessments and penetration testing using Burp Suite, Wireshark, and Nmap.
  • Developed incident response playbooks and ISO 27001-aligned security policies.
  • Performed SOC-style monitoring, alert triage, and log analysis in simulated enterprise environments.
  • Delivered phishing simulations and security awareness training to strengthen user security practices.
  • Applied governance and compliance concepts including ISO 27001, NIST CSF, SAMA CSF, and NCA ECC-2.
🌐 Network Technician Β· Al Arrab Net (ISP) Nov 2023 – Feb 2025
  • Installed, configured, and maintained MikroTik routers, switches, and wireless access points for secure broadband connectivity.
  • Designed and implemented VLAN segmentation to isolate customer traffic and improve network security.
  • Applied firewall, NAT, VPN, and bandwidth-management policies to support reliable network operations.
  • Performed packet-level troubleshooting, diagnostics, and incident resolution to restore service continuity.
  • Hardened router configurations and documented infrastructure settings for faster troubleshooting and smoother escalations.
πŸ’» Web Developer Β· Markaz Studio Feb 2023 – Oct 2023
  • Built and maintained secure web applications using React.js and Express.js with authentication and session control.
  • Implemented OWASP Top 10 countermeasures and API hardening to reduce security weaknesses during QA.
  • Collaborated with design and QA teams to enhance UI/UX and maintain secure integration workflows.
βš™οΈ IT Support Technician Β· Lebanese Military Jan 2018 – Jan 2022
  • Supported 200+ users across hardware, software, and network systems in a mission-critical environment.
  • Installed and configured Windows OS, printers, LAN/WAN links, and end-user devices.
  • Administered Active Directory accounts, permissions, and group policies for secure access control.
  • Managed file sharing, endpoint protection, and preventive maintenance to minimize downtime.
  • Conducted security awareness training and authored technical documentation to streamline troubleshooting.

Education

πŸŽ“

Bachelor of Science in Computer Science

Lebanese International University Β· 2023
Focus: Networking, Security, and Software Development
Graduation Project: Secure Web Application Deployment Framework

πŸ’‘

Technical Baccalaureate in Informatics

Lebanese Ministry of Education Β· 2018
Concentration: IT Systems, Programming, and Network Fundamentals

Certifications

Contact

I’m currently based in Riyadh, Saudi Arabia, and open to opportunities in Penetration Testing, Security Engineering, Network Security, or IT Infrastructure roles.

πŸ“§ Email πŸ“± Call πŸ’¬ WhatsApp πŸ”— LinkedIn
Download CV

Baraa Baroudi β€” Cybersecurity & Infrastructure Security Engineer

Code Breaker

Decrypt the 4-Digit Code
Guess the unique 4-digit code before you run out of attempts.
Attempts Left
8

How to Play

  • The computer selects a 4-digit secret code β€” all digits are unique.
  • Enter your guess (example: 1234) and click Submit.
  • For each guess you get feedback:
    • Bull πŸ‚ = Correct digit in the correct position.
    • Cow πŸ„ = Correct digit but in the wrong position.
  • You have 8 attempts to find the code.
  • Click New Game to restart anytime.