FlowCV Logo
Mohannad DarwishCybersecurity Specialist
Profile

Cybersecurity Analyst with a strong foundation in vulnerability management, incident response, and forensic analysis. Adept at applying NIST and ISO standards to create robust security frameworks. Possessing a unique, holistic security mindset developed from a background in both cybersecurity and physical security operations, which provides a comprehensive understanding of layered defense strategies. Eager to leverage hands-on experience in simulated incident response and remediation to contribute to a team's security posture.

Skills
Penetration Testing|Red Team|Blue Team|Vulnerability Management|Network Security|Risk Management|Cyber Intelligence|Incident Investigation/Response|Digital Forensics|Privilege Escalation|OSINT|DLP|Nmap|Wireshark|ARP|Command Line/Terminal|Ethical Hacking|Server Administration|Cloud Environments|Linux|Windows|Python|ISO 27001|NIST|ENS|Audit Logging|Documentation|Reporting|Singularity Hackers
Projects

Led a simulated cybersecurity incident on a compromised Debian server, executing a three-phase process of forensic investigation, controlled exploitation, and standards-aligned remediation to secure critical systems and prevent future attacks.

  • Remediated 9 high-impact vulnerabilities across 5 core services (SSH, FTP, MySQL, WordPress, Apache/Open Ports), including 2 confirmed exploited misconfigurations. Conducted forensic triage using journalctl, WP-CLI, MariaDB CLI, Nmap, and Nessus; disabled root login, enforced key-based SSH, and hardened exposed services to block further unauthorized access.
  • Simulated root-level privilege escalation, eliminating 2 privilege escalation vectors and locking 3 high-risk accounts. Implemented security controls including password rotation for 4 critical accounts, enabled MariaDB general logging, and enforced SSH authentication limits, creating a hardened environment for ongoing monitoring.
  • Developed an Incident Recovery Plan and ISMS aligned with NIST SP 800-115 and ISO/IEC 27001, covering 7 incident response roles. Incorporated 2 backup strategies (weekly full-system, daily incremental), DLP measures, and service-specific restoration procedures, improving readiness and reducing recovery times for critical web services.
  • Education
    Cybersecurity Specialist Certificate, 4Geeks Academy
    03/2025 – 07/2025
    Professional Experience
    Front Desk Manager, FirstService Residential
    07/2023 – Present
  • Optimized internal systems and workflows, improving issue tracking, task coordination, and team efficiency—regularly providing technical support and troubleshooting IT issues in the absence of in-house IT staff.
  • Documented incidents and vendor activities in real time, improving operational transparency and enabling faster root cause analysis.
  • Security Officer, East Coast Protection Co.
    05/2021 – 08/2024
  • Monitored and assessed security threats through access control systems and CCTV, enabling quick and informed responses to incidents.
  • Improved security protocols and reporting, streamlining documentation and enhancing readiness for potential threats.
  • Responded to emerging threats with rapid, decisive action to minimize potential impact.