Name: Hatem Ahmed El Sahhar
Title: Team Lead, Security Engineering
Employer: Orange Business Services
Location: Cairo, Egypt
Years in IT: 12 years
Years in cybersecurity: 9 Years
Cybersecurity certifications: CISSP, CCSP, CEH, Security+, Symantec Knight, Blue Coat Certified Cloud Service Troubleshooting, Blue Coat Certified Proxy Administrator, Blue Coat Certified Proxy Professional, Zscaler Certified Cloud Administrator, Cisco Certified ASA Specialist, CCNA Security, RSA SecurID Administration, Certified Clearswift Engineer (CCE) SECURE Email Gateway, JNCIA
How did you decide upon a career in cybersecurity?
My vision was clear since my early days and after acquiring my bachelor degree in computer engineering I was decided to work in the IT field. After my graduation, I started to discover the different related fields and found myself attached to the role of securing all those different aspects of technology. It is one of the few fields that will keep me close to every branch of information technologies.
Why did you get your CCSP?
As I am getting more mature in my career development, I started to target the certifications of professionals, such as the CISSP. As my technical focus (secure web gateways and content analysis) is experiencing new dimensions, cloud was very clear on the horizon to align with the “new” ways of doing business. The CCSP was a certification that could accredit my newly gained experience.
What is a typical day like for you?
I don’t even have a fixed lunch break, so a “typical” day is hard to describe! My main activities include responding to some of our international pre-sales team questions finding a way to get our customers’ business done more securely. Sometimes, I review newly announced vulnerabilities, assessing the impact on our services to provide mitigation plans. I also validate new features that can be added to our services to raise our customers’ satisfaction. Occasionally I will act on assigned technical cases directed by level 2 security support teams and involve security vendors if needed. And of course, any other popups!
Can you tell us about a personal career highlight?
I learned long ago that the devil is in the details, and there are endless tweaks that can be done to smooth the work. So in every new team I join or every new task I get assigned, I always seek to reach those details and find a way to kill any delays. One of my remarkable achievements was when I utilized my scripting and coding skills to save around 30% of team resources coming up with new tools to automate the daily operational tasks.
How has the CCSP certification helped you in your career?
Aside from the deep understanding of cloud service categories and deployment methods, I was taught the real need for cloud computing and how cloud service providers can gain the trust of customers to place their most valuable assets in their hands. This was important for me to learn to apply in my service building phase and to understand my potential customer needs in our cloud.
What is the most useful advice you have for other cloud security professionals?
As a cloud security professional, you must be responsible. Either you are on the customer or the provider side, and data is your utmost concern. Put it in the center and build everything around it, think of how the customer will secure it before, while and after using it in the cloud, and how the provider will convince the customer to move it to his side, and how the provider will manage it while it is in his custody, and of course while transferring it.
Achieving the Certified Cloud Security Professional certificate was not an easy goal for me. It is true that cloud is another entity’s server that you use, but it is not that straight-forward. I worked in data centers, disaster recovery sites, colocation projects and managed service providers but still I needed to learn more about cloud computing and its security to be able to pass the exam. It was a tough but tasty experience.
Interesting in earning your Certified Cloud Security Professional certification? Download our CCSP exam outline.