Masoud Hamada

DevOps Engineer

Edmonton, Alberta, Canada0 mo experience

Key Highlights

  • Delivered 50+ offensive security assessments.
  • Trained over 500 security professionals in cloud exploitation.
  • Expert in chaining identity attacks and privilege escalation.
Stackforce AI infers this person is a Cloud Security Specialist with a focus on Offensive Security and Training.

Contact

LinkedIn

Skills

Core Skills

Penetration TestingCyber SecurityCloud SecurityTraining

Other Skills

Cyber Security RiskAmazon Web Services (AWS)Microsoft AzureGoogle Cloud Platform (GCP)Problem SolvingSQL InjectionCSRFEntrepreneurshipPrinciple of Least PrivilegePrivileged Access ManagementWhite BoxEnterprise Risk ManagementWiFi Security AssessmentShadow ITRogue Networks

About

Offensive security analyst with extensive hands-on experience executing offensive security operations and adversary simulations across Azure, AWS, GCP, Active Directory, and Entra ID. Delivered 50+ offensive security assessments, led red and purple team engagements, and trained 500+ security professionals in cloud exploitation, IAM abuse, and detection evasion. Proven track record chaining identity attacks, privilege escalation, lateral movement, and multi-cloud attack paths, while also leveraging deep SIEM/EDR knowledge to analyze defender visibility and detection gaps. Known for producing attack-path-driven findings, clear executive reporting, and driving measurable security improvements across identity, network, and workload layers at enterprise scale.

Experience

0 mo
Total Experience
--
Average Tenure
--
Current Experience

Secured approach

Offensive Security Analyst

Mar 2026Present · 2 mos · Edmonton, Alberta, Canada · Hybrid

  • Lead and execute offensive security engagements across enterprise environments, specializing in penetration testing, adversary simulation, and vulnerability research. Identify, exploit, and validate complex security weaknesses across networks, web applications, systems, and cloud infrastructures, delivering actionable insights that strengthen organizational security posture.
  • Drive end-to-end penetration testing activities, from reconnaissance and exploitation to post-exploitation analysis and reporting, with a focus on real-world attack scenarios. Conduct advanced vulnerability assessments, triaging findings based on risk and business impact while providing clear, practical remediation strategies.
  • Simulate sophisticated threat actors by leveraging MITRE ATT&CK-aligned tactics, techniques, and procedures (TTPs), supporting red and purple team operations to evaluate and enhance detection and response capabilities. Develop proof-of-concept exploits and contribute to ongoing security research to stay ahead of emerging threats.
  • Collaborate closely with blue teams to translate offensive findings into actionable detection use cases, strengthen defensive controls, and support incident response investigations through root cause analysis and validation.
  • Produce high-quality technical reports and executive summaries that clearly communicate risk, impact, and remediation to both technical and non-technical stakeholders. Contribute to security documentation, playbooks, and internal knowledge bases to drive continuous improvement across teams.
Penetration TestingCyber Security RiskCyber Security

Illumant

Offensive Security Analyst

Aug 2025Mar 2026 · 7 mos · California, United States · Remote

  • Conducted offensive cloud security assessments across Azure, AWS, and Google Cloud Platform, identifying exploitable misconfigurations, identity weaknesses, and control-plane exposures.
  • Performed Entra ID and Active Directory security assessments, analyzing authentication flows, identity trust relationships, and privilege boundaries from an attacker’s perspective.
  • Executed red-team-style penetration tests against hybrid and multi-cloud environments, chaining IAM abuse, lateral movement, and privilege escalation to demonstrate realistic attack paths.
  • Produced attack-path-driven assessment reports, translating technical findings into clear business impact and actionable remediation guidance for engineering and security teams.
  • Assessed enterprise cloud architectures end-to-end, identifying weaknesses in workload identity, service accounts, network segmentation, and cross-environment trust relationships.
Cloud SecurityPenetration Testing

Pwned labs

Offensive Security Analyst

Apr 2025Mar 2026 · 11 mos · Dubai, United Arab Emirates · Remote

  • Conducted offensive security assessments and penetration tests across hybrid, on-prem, and multi-cloud environments (Azure, AWS, GCP), simulating real-world adversary tradecraft to identify identity, IAM, and infrastructure weaknesses.
  • Executed cloud-focused red team operations targeting identity providers, MFA implementations, service principals, and privilege boundaries, delivering actionable remediation guidance to enterprise stakeholders.
  • Designed and delivered hands-on adversary simulation training for red-team operators, training 50–100+ professionals per cohort on cloud exploitation techniques, IAM abuse paths, and detection evasion strategies.
  • Developed advanced cloud attack and defense curricula aligned with real-world threat models, emphasizing credential abuse, lateral movement, privilege escalation, and multi-cloud attack chains.
Cloud SecurityTraining

Education

MacEwan University

Bachelor of Commerce - BCom

Sep 2021Apr 2025

Offsec

PEN 200 - Penetration Testing with Kali Linux 200 — Cyber Security

Jan 2022May 2025

HackTheBox Academy

Certificates — Cyber Security

Jan 2023May 2025

Stackforce found 100+ more professionals with Penetration Testing & Cyber Security

Explore similar profiles based on matching skills and experience

Burhan Chhotaudepur

Burhan Chhotaudepur

Product Security Analyst

at HackerOne

India3 yrs 8 mos exp
Information SecurityNetwork SecurityPenetration TestingVulnerability AssessmentWeb Application Security
Gauri G.

Gauri G.

Programmer Analyst

at Cognizant

India3 yrs 6 mos exp
Application SecurityPenetration Testing
Yogesh Prasad Gairola

Yogesh Prasad Gairola

Senior Manager - Cybersecurity, Compliance & Privacy

at Delhivery

Gurugram, India10 yrs 2 mos exp
Identity & Access Management (IAM)Incident HandlingSecurity Incident ResponseTeam Management
Rohit Suryawanshi

Rohit Suryawanshi

Fresher

at R. C. Patel Institute of Technology, Shirpur

Shirpur, India3 yrs 11 mos exp
Maunish Patel

Maunish Patel

Head of Security Engineering

at Medibank

Melbourne, Australia17 yrs 8 mos exp
Cloud SecurityCyber Security StrategyCyber Security ArchitectureProject Management
Nitin Bhamare

Nitin Bhamare

Senior Security Engineer

at GoDaddy

Thane, India10 yrs 10 mos exp
Abhishek Sharma

Abhishek Sharma

Security Engineer

at Craw Security

Saket, India3 mos exp
Network SecurityRed TeamSearch Engine Optimization (SEO)
Nick Werner

Nick Werner

Senior Information Security Engineer

at Intel Corporation

Phoenix, United States6 yrs 10 mos exp
CybersecurityThreat & Vulnerability ManagementIncident ResponseApplication Security