Mohamed Hashim, MA
Education:
International Baccalaureate Diploma
International Baccalaureate
Advanced Diploma
Lee High School
Bachelor of Arts - BA
International Affairs
University of Virginia
Master's of Arts
Religious Studies - Conc. in Religion, Politics & Conflict
University of Virginia
Experience:
• Implement ServiceNow GRC and SCRM web-scraping tool extrapolating cyber, geopolitical, financial, legal/FOCI data to identify cyber supply chain threats to CUI on enterprise ICT - Categorized 200 vendor risk assessments for 2000+ software products to SSP
• Engage CISOs and IC/Defense Acquisitions SMEs in pilot leveraging business continuity& MonteCarlo threat sim. to quantify ATO cyber risk, tailor CMMC requirements to Treasury contracts and facilitate FISMA SCRM audit against RMF, CSF, NIST 800-53,137
• Align SCRM strategy to Tanium Zero Trust, critical software SDLC fine grained access controls to counter software/hardware supply chain attacks impacting bureau-level PAM applications/systems from SolarWinds software and semiconductor vulnerabilities
2021 : Present
Booz Allen Hamilton
Information Security Risk Specialist - Senior Consultant
• Researched and designed with penetration testing team to develop CISA’s vulnerability prioritization tool, PAM gap assessment, SOPs,SARs,STIGs - Established cyber-risk product line corroborating KEVs catalog vulnerabilities reducing time-to-publish by 25%
• Presented monthly reports to client/NRMC inter-agency partners detailing Russia, Iran, North Korea and China APT MITRE attack methods/dark-web activity and info ops against FCEB TIC cyber data and attack surface mitigations to protect CI supply chains
• Managed FISMA POAMs, monitored budgetary/quality scope of VM program KPIs technology scouting and leading CISA initiative increasing sector enrollment in CISA services by 30% from previous fiscal year to improve quality of CVE/NVD data on CISA HVAs
2020 : 2021
Guidehouse
Cybersecurity Project Management Consultant
• Managed SIEM monitoring roughly 50 security alerts per shift – assessed potential cyber threats (Tanium EDR, CyberArk PAM anomalies, DNS attacks, APT threats to IP/PKI, TCP/IP, phishing), and organized IOCs by incident type for SOAR playbook strategy
• Conducted vulnerability assessments leveraging Splunk, FireEye and other IDS tools to correlate and index machine data (IP address, time period and keyword) and detect anomalies/perform risk scoring – set-up honeypots to remove 290/300 unsecure network pages
• Lead technical implementation of access management protocols for MFA to ensure secure configuration for 30k users on network
2018 : 2020
University of Virginia
Information Security Analyst
•Responded to walk-in inquiries at the Center’s front desk (including questions about Clemons Library and the space, as well as inquiries about academic and advising resources)
•Arranged spaces prior to reservations by assisting partner offices with their needs in the space
•Assisted with the Center’s digital signage, forthcoming website and other duties related to programming and management of the space
2017 : 2019
University of Virginia
Student Assistant
Lebanon Civil War - Examining Effect of External Assistance on Meso-level Conflict Dynamics
•Assisted in linguistic and statistical analysis in research examining civil war trends in 90+ countries
•Examined civil war conduct, foreign assistance/intervention and conflict dynamics using various hypothesis tests
•Used game-theoretic analyses, interviews with former commanders in the Lebanese Civil War, cross-country statistical evidence and comparative analyses of other civil wars
2017 : 2018
University of Virginia
Undergraduate Research Assistant
Company: Booz Allen Hamilton
Years of Experience: 7
Spoken Language: Arabic, English, Farsi, French, Spanish
SKILLS: Cyber Risk and VM | SCRM | Risk and Threat Assessments | Operations Research | APT Threat Research | Threat Intelligence/Modeling | MENA/Sahel and Indo-Pacific Geopolitics