ABAD Ayoub
Open to new opportunities

ABAD Ayoub

$ whoami >>  |

Cybersecurity Engineer specializing in SecOps, Penetration Testing & DevSecOps.
Building defenses. Breaking assumptions.

Get in Touch View Projects
2+ Years Exp.
Scroll

About Me

I'm a Cybersecurity Engineer based in Morocco, currently working as a SecOps Engineer at Tessi, where I monitor and investigate security alerts across Network, SaaS, Email, and Endpoint vectors using SIEM, NDR, EDR, WAF, and IPS/IDS solutions.

I hold a State Engineer Diploma in Computer Security & Cybersecurity from ENSA Oujda (2019–2024). My background spans offensive security (web pentesting, bug bounty), defensive security (SOC, incident response), and cloud security (DevSecOps, Kubernetes, AWS/Azure).

I'm passionate about the intersection of automation and security — from building secure CI/CD pipelines to developing custom Python tooling for SOC operations and threat intelligence.

Location Oujda, Morocco
Email ayoub.02.abad@gmail.com
LinkedIn linkedin.com/in/abaa-youb
Languages Arabic (Native) · English (Advanced) · French (Advanced)

Offensive Security

Web App Pentesting, VAPT, Bug Bounty, CTF competitions

Defensive / SOC

SIEM operations, Incident Response, Threat Hunting, CVE management

Cloud & DevSecOps

AWS, Azure, Kubernetes security, CI/CD pipelines, IaC scanning

Digital Forensics

Linux, Windows & Android forensics, memory analysis

Technical Skills

Offensive Security

Web App Pentesting API Security Recon & OSINT VAPT Bug Bounty SQLi / XSS / LFI WAF Bypass Fuzzing
87%

Defensive / SOC

SIEM SOC Operations Incident Response Threat Hunting NDR / EDR / WAF IPS / IDS CVE Management Digital Forensics Threat Modeling
85%

Cloud & DevSecOps

AWS Microsoft Azure Azure AD Kubernetes Docker CI/CD Jenkins Terraform ArgoCD SAST / DAST / SCA Secrets Management Monitoring & Logging
66%

Programming & Scripting

Python Bash Scripting C Shell PowerShell
76%

Security Tools

Burp Suite OWASP ZAP Nmap Wireshark Metasploit Nessus OpenVAS Nuclei SQLMap Shodan CrackMapExec BloodHound Volatility Ghidra ELK Stack SonarQube Trivy Palo Alto
83%

Compliance & Frameworks

PCI-DSS ISO 27001 NIST Network Security IPSec VPN DLP
55%

Work Experience

SecOps Engineer

Tessi
Mar 2025 – Present Oujda, Morocco · Hybrid
  • Monitor, analyze and investigate security alerts (Network, SaaS, Email, Endpoint) via SIEM, NDR, EDR, WAF, and IPS/IDS
  • Critical vulnerability (CVE) monitoring, exposure analysis, and remediation tracking
  • Respond to client cybersecurity questionnaires (ISO 27001 compliance posture)
  • Developed a Python dashboard with IRIS API for incident/alert/CVE visualization and SOC KPI tracking (MTTD, MTTR)
SIEMEDR NDRSOC PythonISO 27001 CVE

Network & Security Engineer

Société Générale ABS Internship · 6 months
Feb 2024 – Aug 2024 Casablanca, Morocco
  • Built a secure network infrastructure connecting SG African subsidiaries to the public internet with NGFW, Proxy, and DLP layers
  • Configured IPSec VPN tunnels for site-to-site connectivity
  • Assisted with PCI-DSS compliance implementation
  • Contributed to EDR and IDS/IPS solution deployment
  • Managed HW & SW obsolescence
NGFWIPSec VPN PCI-DSSEDR IDS/IPSDLP Proxy

Cybersecurity Engineer

Tisalabs Internship · 2 months
Jul 2023 – Sep 2023 Cork, Ireland · Remote
  • Vulnerability Assessment and Penetration Testing (VAPT)
  • Python development and Bash scripting for automation
  • Docker containerization and Kubernetes security
  • Agile methodology — GitLab workflows
VAPTPython BashDocker KubernetesGitLab

Education

State Engineer Diploma — Computer Security & Cybersecurity

ENSA Oujda (École Nationale des Sciences Appliquées)
2019 – 2024 Oujda, Morocco

5-year engineering program covering networks, system administration, cryptography, mobile security, ethical hacking, penetration testing, cloud computing, big data, machine learning, and security audits.

Networking Cryptography Ethical Hacking Penetration Testing Cloud Computing Machine Learning Security Audits

Recent Projects

Featured

Cloud-Native DevSecOps on AWS EKS

End-to-end DevSecOps pipeline for a 3-tier application on Amazon EKS. CI/CD with Jenkins + ArgoCD + Terraform IaC. Security embedded at every stage: GitLeaks pre-commit hooks, SAST tools, OWASP DependencyCheck (SCA), OWASP ZAP (DAST), Trivy for containers/Kubernetes/IaC, SonarQube for code quality, Vault for secrets, Prometheus & Grafana for monitoring, and EFK for centralized logging.

AWS EKSKubernetesJenkins TerraformArgoCDTrivy SonarQubeVault

RDP Brute-Force Map — Azure Sentinel

Real-time global threat map tracking RDP brute-force attacks using Azure Sentinel SIEM. A custom PowerShell script extracts event metadata from Windows Event Viewer and enriches it via geolocation API. Azure Log Analytics ingests custom logs; a Sentinel workbook visualizes global attacks by location and intensity.

Azure SentinelLog Analytics PowerShellSIEMGeolocation API

Web & API Pentest Automation

Suite of Bash scripts automating repetitive pentesting and bug bounty tasks: recon, WAF detection & bypass, technology fingerprinting (WordPress, GraphQL), fuzzing, spidering, secrets scanning, and comprehensive vulnerability testing (LFI, SQLi, XSS).

BashReconWAF Bypass FuzzingSQLi / XSSBug Bounty

Web App Source Code Security Audit

In-depth source code analysis of PHP and Node.js applications to identify critical vulnerabilities — input validation flaws, authentication weaknesses, error handling issues, and business logic bugs. Proposed concrete remediations including secure coding practices, input validation, and regular audits.

PHPNode.jsSAST Code ReviewOWASP Top 10

Achievements & Certifications

TryHackMe — Top 1%

Web Fundamentals · Pre-Security · Jr. Pentester · Pentest+ · Cyber Defense

Top 1%

HackTheBox — Senior Web Penetration Tester

Offensive Web Security Track

67%

HackTheBox — SOC Analyst

Blue Team Operations Track

50%

Azure Security Engineer (AZ-500)

CloudGuru · Microsoft Azure Security

AWS Cloud Practitioner + Security Fundamentals

CloudGuru · Amazon Web Services

CTF Competition — 3rd Place

University CTF · Competitive Hacking

Get In Touch

I'm open to new opportunities, collaborations, or just a good conversation about cybersecurity. Whether you have a project in mind or want to discuss the latest in threat intelligence — feel free to reach out.

Email ayoub.02.abad@gmail.com
LinkedIn linkedin.com/in/abaa-youb
TryHackMe Top 1% Rank
Send a Message