About Me

Cybersecurity Solutions Engineer — building sovereign-grade security systems at the intersection of architecture, automation, and intelligence.

Background

I'm a Cybersecurity Solutions Engineer with a deep focus on building systems that don't just detect threats — they understand them, respond to them, and evolve. My work spans cloud security, SIEM engineering, ML-driven anomaly detection, and sovereign-grade architecture design.

Over the past four years I've worked across SME security deployments, enterprise-scale architecture, hands-on penetration testing, and AI-integrated defense systems. Every engagement pushes me to think about security not as a product you buy but as a capability you engineer.

I'm the creator of Project Synapse — a multi-phase sovereign security engineering program that grew from a basic detection prototype into a national-scale architecture with six specialized domains: Vector, Umbra, Spectra, Holmes, Axiom, and Aegis. Each phase represents a distinct leap in capability and depth.

My academic foundation is a Bachelor's degree in Cybersecurity from IT Security (expected 2025), complemented by AWS certifications in Cloud, Architecture, Machine Learning, and AI — and ongoing Cisco CCNA training.

Outside technical work, I serve as Vice Chair of IEEE Jordan Section (SMC TTU), organizing cybersecurity awareness and education programs for university communities — because the next generation of engineers needs better security instincts, not just better tools.

Mu'ath Yousef

Cybersecurity Solutions Engineer

StatusAvailable

LocationAmman, Jordan

RemoteYes

EmailMuath.ysf@gmail.com

LinkedInmuath-altali

GitHubMuath-Yousef

FocusSecurity Architecture

FlagshipProject Synapse

Experience

Professional Background

2022– Present

Freelance

Cybersecurity Solutions Engineer

Designed and deployed tailored security architectures for SME clients — covering IAM hardening, SIEM deployment, vulnerability management, incident response, and security awareness programs.

Improved overall security posture by ~35% through IAM hardening, endpoint controls, and network segmentation

Conducted 40+ vulnerability assessments — reduced high-risk findings by up to 60% in first remediation cycles

Built ELK + ML SIEM pipelines cutting false-positive noise by 25–40%

Led incident response and RCA investigations, reducing repeat incidents by ~50%

Delivered 12+ security awareness workshops — improved phishing-resilience scores by 20–35%

ELKAWSISO 27001NessusPython

2024

NCSCJO — MASAR Project

Penetration Tester

Built and penetration-tested a Windows Server 2019 Active Directory environment simulating enterprise HR/Finance workloads. Executed multi-stage attacks and produced full governance-aligned risk reports.

Executed RDP/SMB exploitation, ZeroLogon, and PrintNightmare attack scenarios

Achieved privilege escalation using PowerView, PowerUp, and Mimikatz

Produced risk & compliance report mapping gaps to ISO control categories

Active DirectoryMimikatzPowerViewZeroLogon

2024

NCSCJO — Nashama Cyber Bootcamp

Cybersecurity Trainee

Completed an intensive 4-month program covering SOC operations, cloud security, digital forensics, cryptography, and Red/Blue team operations with governance-aligned practices.

SOCDigital ForensicsRed/Blue TeamCryptography

2023– Present

IEEE Jordan Section

Vice Chair — SMC TTU

Organizing cybersecurity awareness and compliance-focused educational programs for university communities across Jordan.

LeadershipSecurity AwarenessEducation

Technical Stack

Skills & Tools

SIEM & Detection

SplunkELK StackWazuhIBM QRadarOpenSearchSnort

Cloud Security

AWS GuardDutyCloudTrailSecurity HubWAFIAMAzure (Fundamentals)

Automation & Dev

PythonBashPowerShellKafkaApache SparkDocker

Offensive Security

MetasploitMimikatzBurp SuiteNmapPowerViewNessus

Incident Response

TheHiveCortexEDR/XDRDLPNACPAM

Governance

ISO 27001ISO 22301MITRE ATT&CKBC/DRRisk AssessmentCompliance

Philosophy

How I Think About Security

01 /

Engineer First, Not Vendor First

Security is a capability you build, not a product you install. I design systems from first principles — what's the threat model, what's the detection logic, what's the response path?

02 /

Precision Over Volume

Fewer, better-tuned detections beat alert floods every time. I optimize for signal-to-noise because analysts have finite attention and every false positive erodes trust in the system.

03 /

Offense Informs Defense

Understanding attacker TTPs isn't optional. Synapse Vector exists because I believe you can't build a great defense without thinking like an adversary. Threat simulation is built into the architecture.

04 /

Governance as Foundation

Security without governance is chaos. Every system I build is aligned to ISO 27001 control categories, documented with assumptions and constraints, and designed to survive the next audit.

05 /

Automation With Judgment

Automation handles the repeatable; humans handle the ambiguous. I design clear handoff boundaries so automation accelerates analysts rather than replacing their critical thinking.

06 /

Sovereignty by Design

In a world where data is power, who controls your security data matters. Synapse Sovereign was built on the premise that national-grade security requires national-grade data control.