Hello
My name is Mohamed Nur! I'm a Software Developer and Security Engineer based in Ottawa.
Code Crimson Software Development
by Mohamed Nur
by Mohamed Nur
Experience
IT Security
Lead Application Security Engineer
Canadian Digital Services
August 2021 - Current
Currently owning efforts related to securing CDS's applications and infrastructure.
- As Lead, I'm providing security expertise ranging from security architecture, to the implementation of security controls, and helping CDS products achieve Government of Canada compliance standards (ITSG-33).
- Defining and leading the application & cloud security strategy..
- Performing security code reviews, threat modeling, and providing recommendations and solutions on how to eliminate security vulnerabilities.
- Built a serverless continuous accessibility and vulnerability scanner for CDS web apps (Python, Lambda, ECS Fargate, Step functions).
- Built automation to provide asset inventory and actively audit the infrastructure for security misconfigurations (Terraform, ECS, SSO Proxy).
- Built a file scanning API to support CDS products that required the ability to send files to AssemblyLine.
Senior Security Engineer
Canada Revenue Agency
July 2018 - June 2021
Worked on the cloud and application security team.
- Architected and launched the vulnerability management program for CRA's migration to Microsoft Azure and Amazon AWS.
- Deployed vulnerability scanning tools to Microsoft Azure and Amazon AWS.
- Built automation scripts using PowerShell to generate monthly vulnerability reports.
- Planned, and Integrated a Web Application Firewall for CRA web applications not residing in the Cloud.
- Built a PowerShell framework to help retrieve and collate web application firewall data to help analyze and identify threats against CRA Web applications.
- Tested applications for security vulnerabilities.
Software Development
Senior Software Developer
Canadian Digital Services
June 2021 - August 2021
Worked on the Covid Alert Server team.
- Worked on the Python Covid Alert Metrics service and AWS Lambda metrics aggregator that receives millions of transactions a day.
- Used Terraform to manage and provision Infrastructure as Code to development and production AWS environments.
Senior Software Engineer
Canada Revenue Agency
August 2015 - July 2018
Worked on the redesign team for automated tax enforcement.
- Built the backend system of a new automated debt enforcement distributed system that processes millions of transactions a day; Java/Mainframe hybrid
- Architected a Business Rules Engine solution responsible for making automated tax enforcement decisions.
- Implemented functionality into existing CRA systems in support of new tax policies. Java on the front-end and COBOL/Mainframe in the backend.
Software Engineer
Canada Revenue Agency
December 2009 - August 2015
Worked on the Call Centre software team.
- Programmed and maintained the Java software used by CRA call centres.
- Converted legacy COBOL programs into standalone Java applications.
Junior Software Engineer
Scouts Canada
December 2009 - August 2015
Worked on the team responsible for migrating from paper registrations to online.
- Developed a web-based Java application using the Spring framework supporting 98,000 users using three tier object-oriented architecture and web services.
- Integrated TD Canada Trust's payment API into the Scouts online payment system.
Projects
React
NodeJS
- Full stack web application created using ReactJS, NodeJS, and MongoDB to solve a gap in the Africa's real-estate online marketplace.
- Developed the majority of the NodeJS RESTful API and heavily contributed to the base front-end architecture.
- Developed the Jenkin's DevOps pipeline to continuously deploy to Production
- Architected and built the Amazon infrastructure. Let's Encrypt auto renewal, automated database backups, and custom health check scripting