// cybersecurity specialist · dubai, uae

Sufyan
Alsayeh

$ whoami  →  _
View Projects Resume GitHub
scroll
01.

About

I'm a Cybersecurity Specialist and RIT Dubai graduate, certified in eJPT, CompTIA Security+, Fortinet FCF, and NIST RMF, with hands-on experience across both offensive and defensive security.

Currently working full-time at Cryptocompliance.ai, where I monitor internal security posture, conduct vulnerability assessments, and support incident response. Previously interned at Beta Information Technology deploying enterprise network and security infrastructure, and completed an apprenticeship at Fortinet working hands-on with FortiGate NGFW, ZTNA, and customer-facing secure network design.

Bilingual in English and Arabic, combining technical execution with security research to help organizations build stronger, more resilient systems.

  • Penetration Testing
  • Network Security
  • SIEM / SOC
  • Threat Detection
  • Compliance Frameworks
  • Red / Blue Team
profile.json 
{
  "name": "Sufyan Alsayeh",
  "role": "Cybersecurity Specialist",
  "location": "Dubai, UAE",
  "certs": [
    "eJPT",
    "CompTIA Security+",
    "Fortinet FCF"
  ],
  "languages": ["English", "Arabic"],
  "available": true
}
02.

Skills

Offensive Security

  • Penetration Testing (eJPT certified)
  • Kali Linux / Metasploit
  • Burp Suite for Web App Testing
  • Nmap / Wireshark / Maltego
  • MITM, ARP Spoofing, Exploitation

Defensive & SOC

  • SIEM & SOAR Platforms
  • Suricata IDS / Sysmon
  • Log Analysis & Alert Triage
  • Incident Response
  • MITRE ATT&CK Framework

Network Security

  • FortiGate NGFW & ZTNA
  • VPN & Firewall Policy Management
  • PfSense & Network Segmentation
  • IDS/IPS Technologies
  • TCP/IP & Protocol Analysis

Frameworks & Compliance

  • NIST RMF / NIST SP 800-30
  • OWASP Top 10
  • ISO 22301 / CIS Controls
  • GDPR & UAE PDPL
  • Secure Architecture Design

Certifications

  • eJPT Aug 2025
  • CompTIA Sec+ Jan 2024–2027
  • Fortinet FCF Jun 2024
  • NIST RMF May 2024

Programming

  • Python for Scripting & Automation
  • Bash / Shell Scripting
  • Java
  • English (Fluent)
  • Arabic (Native)
03.

Projects

// code & tools

Encryption / Decryption - Monoalphabetic Cipher

Implementation of a monoalphabetic substitution cipher with full encryption and decryption support. Includes a cryptanalyzer for Caesar shift and monoalphabetic breaking.

Java Cryptography Cipher Analysis

Keylogger

Python-based keylogger built for educational and security research purposes, demonstrating how keystroke capture works at a low level for defensive awareness.

Python Security Research Educational

// research & academic papers

Detection of Covert Communication Channels - Minecraft MASC

Custom Suricata IDS rules to detect covert skin upload/download activity without inspecting encrypted content.

Suricata IDSNetwork Forensics

Exploitation & Monitoring - CVE-2023-38831 (WinRAR RCE)

Red/blue exercise targeting a live WinRAR RCE - VM lab build, Sysmon deployment, and cross-team attack simulation.

CVERed/Blue Team

Wireless Penetration Testing

PfSense/Kali Linux network with 6 deliberate misconfigurations - exploited via MITM, ARP spoofing, and data exfiltration.

Kali LinuxMITM

IoT Attack Classification - ML (SVM, KNN, Decision Trees)

Evaluated classifiers on the CIC IoT-DIAD 2024 dataset for multi-class IoT attack detection - SVM achieved highest accuracy.

Machine LearningIoT Security

Web Application Security Lab

Tested SOP/CORS/CSP policies using Burp Suite for real-time traffic monitoring across same and cross-domain environments.

Burp SuiteOWASP

Privacy-Preserving Federated Document Sharing - Blockchain

Hybrid on-chain/off-chain architecture using zero-knowledge proofs (Polygon PrivadoID) for GDPR & UAE PDPL compliant verification.

BlockchainZKP

AI Risk Management & BCP for Smart Warehouse Systems

NIST SP 800-30 Risk Management Plan covering adversarial ML and insider threats, with BCP/DR aligned to ISO 22301.

NIST RMFISO 22301

Global Legal & Policy Frameworks for Generative AI

Comparative analysis of AI governance across UAE, US, EU AI Act, UNESCO, Canada, China, and Brazil - covering data privacy and cross-border enforcement.

AI GovernanceGDPR
View code on GitHub
04.

Resume

Education

B.S. Cybersecurity

Aug 2022 - Jan 2026

Rochester Institute of Technology (RIT Dubai)

Coursework: Penetration Testing, Network Security, Cryptography, Digital Forensics, Secure Software Development

Certifications

eJPT - Junior Penetration Tester

Aug 2025

INE Security

CompTIA Security+ ce

Jan 2024

Fortinet Certified Fundamentals in Cybersecurity

Jun 2024

NIST Risk Management Framework v2.0

May 2024

Experience

Cybersecurity Specialist

Jan 2026 - Present

Cryptocompliance.ai · Full-time · Dubai

  • Monitor and enhance security posture of internal systems and infrastructure
  • Conduct vulnerability assessments and support threat detection workflows
  • Implement controls aligned with industry standards and compliance frameworks
  • Support incident response procedures and risk assessments

System & Network Technical Intern

May - Aug 2025

Beta Information Technology · Dubai, UAE

  • Configured and troubleshot enterprise-level network and security solutions
  • Hands-on experience in system deployment and security infrastructure management

Systems Engineering Trainee

May - Aug 2024

Fortinet · Apprenticeship · Dubai, UAE

  • Completed Fortinet Certified Fundamentals training with the systems engineering team
  • Worked with NGFW, ZTNA, and FortiGate solutions on customer-facing secure network design
Download Full Resume (PDF)
05.

Contact

Open to cybersecurity roles, penetration testing engagements, and collaborations. Based in Dubai. Feel free to reach out.

Email sufyanalsayeh.sa@gmail.com
LinkedIn sufyan-alsayeh
GitHub sufyanOalsayeh