Mohamed Hashim, MA

Senior Consultant at Booz Allen Hamilton

Ft. Washington, MD, United States

Details

Education: International Baccalaureate Diploma

International Baccalaureate

Advanced Diploma

Lee High School

Bachelor of Arts - BA

International Affairs

University of Virginia

Master's of Arts

Religious Studies - Conc. in Religion, Politics & Conflict

University of Virginia

Experience: • Implement ServiceNow GRC and SCRM web-scraping tool extrapolating cyber, geopolitical, financial, legal/FOCI data to identify cyber supply chain threats to CUI on enterprise ICT - Categorized 200 vendor risk assessments for 2000+ software products to SSP

• Engage CISOs and IC/Defense Acquisitions SMEs in pilot leveraging business continuity& MonteCarlo threat sim. to quantify ATO cyber risk, tailor CMMC requirements to Treasury contracts and facilitate FISMA SCRM audit against RMF, CSF, NIST 800-53,137

• Align SCRM strategy to Tanium Zero Trust, critical software SDLC fine grained access controls to counter software/hardware supply chain attacks impacting bureau-level PAM applications/systems from SolarWinds software and semiconductor vulnerabilities

2021 : Present

Booz Allen Hamilton

Information Security Risk Specialist - Senior Consultant

• Researched and designed with penetration testing team to develop CISA’s vulnerability prioritization tool, PAM gap assessment, SOPs,SARs,STIGs - Established cyber-risk product line corroborating KEVs catalog vulnerabilities reducing time-to-publish by 25%

• Presented monthly reports to client/NRMC inter-agency partners detailing Russia, Iran, North Korea and China APT MITRE attack methods/dark-web activity and info ops against FCEB TIC cyber data and attack surface mitigations to protect CI supply chains

• Managed FISMA POAMs, monitored budgetary/quality scope of VM program KPIs technology scouting and leading CISA initiative increasing sector enrollment in CISA services by 30% from previous fiscal year to improve quality of CVE/NVD data on CISA HVAs

2020 : 2021

Guidehouse

Cybersecurity Project Management Consultant

• Managed SIEM monitoring roughly 50 security alerts per shift – assessed potential cyber threats (Tanium EDR, CyberArk PAM anomalies, DNS attacks, APT threats to IP/PKI, TCP/IP, phishing), and organized IOCs by incident type for SOAR playbook strategy

• Conducted vulnerability assessments leveraging Splunk, FireEye and other IDS tools to correlate and index machine data (IP address, time period and keyword) and detect anomalies/perform risk scoring – set-up honeypots to remove 290/300 unsecure network pages

• Lead technical implementation of access management protocols for MFA to ensure secure configuration for 30k users on network

2018 : 2020

University of Virginia

Information Security Analyst

•Responded to walk-in inquiries at the Center’s front desk (including questions about Clemons Library and the space, as well as inquiries about academic and advising resources)

•Arranged spaces prior to reservations by assisting partner offices with their needs in the space

•Assisted with the Center’s digital signage, forthcoming website and other duties related to programming and management of the space

2017 : 2019

University of Virginia

Student Assistant

Lebanon Civil War - Examining Effect of External Assistance on Meso-level Conflict Dynamics

•Assisted in linguistic and statistical analysis in research examining civil war trends in 90+ countries

•Examined civil war conduct, foreign assistance/intervention and conflict dynamics using various hypothesis tests

•Used game-theoretic analyses, interviews with former commanders in the Lebanese Civil War, cross-country statistical evidence and comparative analyses of other civil wars

2017 : 2018

University of Virginia

Undergraduate Research Assistant

Company: Booz Allen Hamilton

Years of Experience: 7

Spoken Language: Arabic, English, Farsi, French, Spanish

Skills Analytical Skills, Application Security, Bloomberg Terminal, Boolean Logic, CMMC, Cybersecurity, Data Analysis, Data Visualization, Factiva, FireEye, Foreign Policy Analysis, General Data Protection Regulation (GDPR), Geographic Information Systems (GIS), Geopolitcs and Tech Risk, Grant Writing, Hypothesis Testing, Information Security, Infrastructure Security, International Relations, Leadership, Link Analysis, Market Research, MECE Analysis, Media Analysis, Microsoft Excel, Open Source Intelligence Analysis, Open Source Software, OSINT , Policy Analysis, Project Management, Python (Programming Language), Qualtrics, Research , Risk Assessment, R programming language, SCRM, Security Operations, Security Research, Splunk, SQL, STATA, Student Leadership, Threat Intelligence, Vulnerability Assessment, Vulnerability Management

About DoD Secret cleared Sr Consultant with 5 years experience implementing controls and federal cyber requirements integrating PAM/EDR products at tactical, operational and strategic levels of CTI advising clients towards tailored VM and supply chain resiliency. Skilled in Threat Management and implementing SIEM rules into enterprise networks based off organization-specific requirements and security posture leveraging attack simulations. Experienced operationalizing cyber, supply chain & emerging technology, MENA/Sahel & US/China geopolitical research for clients attempting to gain data insights and intelligence.

SKILLS: Cyber Risk and VM | SCRM | Risk and Threat Assessments | Operations Research | APT Threat Research | Threat Intelligence/Modeling | MENA/Sahel and Indo-Pacific Geopolitics