Cybersecurity Enthusiast

Tanos Maalouf

N.B: This website isn't updated regularly, so please follow me on LinkedIn!

Github ReposLinkedIn

Global

EDGE

Ethical Hacking

Pentesting

Defense

Endpoint Security

Cloud Security

AWS & Azure

πŸš€

35+

Online Projects

πŸ”’

50+

Security Assessments

πŸ’Ό

7+

Years Experience

🌍

20+

Clients Secured

Certifications Highlights

Featured recognitions and standout cybersecurity achievements.

Featured

Certified Ethical Hacker (CEH)

EC Council

Certificate Number : ECC3972164508

View β†’
EC Council Badge
Featured

TryHackMe Top 1%

TryHackMe

Red Team - [0xB][MASTER]

View β†’
TryHackMe Badge

40+ certifications are verified and available on LinkedIn

Services

Professional cybersecurity services tailored to protect your business, secure your infrastructure, and validate your defenses.

πŸ—οΈInfrastructure & Cloud

Secure System Architecture & Design

Build systems that are resilient by design.

I architect cloud and web systems with security at the foundation β€” not bolted on after the fact. From zero-trust network models and identity & access management (IAM) to API security, data encryption, and infrastructure hardening, every layer is designed to withstand real-world threats.

  • βœ“Zero-Trust Architecture & Segmentation
  • βœ“Cloud Security Design (AWS, Azure)
  • βœ“IAM & Role-Based Access Control (RBAC)
  • βœ“Secure API & Microservices Architecture
  • βœ“Security Review & Threat Modeling
  • βœ“Compliance Alignment (ISO 27001, NIST, GDPR)
Request Architecture Review→
πŸ”Offensive Security

Penetration Testing & Security Assessments

Find your vulnerabilities before attackers do.

I conduct thorough, manual penetration testing on web applications, APIs, and network infrastructure to uncover real exploitable vulnerabilities. Engagements follow industry-standard methodologies (OWASP, PTES) and conclude with a detailed report covering findings, risk ratings, and actionable remediation guidance.

  • βœ“Web Application Penetration Testing (OWASP Top 10)
  • βœ“API Security Testing & Authentication Bypass
  • βœ“Network & Infrastructure Assessment
  • βœ“Vulnerability Assessment & Risk Rating
  • βœ“Detailed Reporting with Remediation Roadmap
  • βœ“Post-Fix Verification & Re-Testing
Book a Pentest→

Security Learning Hub

Grow Your Pentesting Knowledge

Explore practical cybersecurity concepts, malware analysis basics, CVE and NVD references, cloud security practices, and incident response topics in one place.

OWASPCVENVDMITRE ATT&CKAWS SecurityMicrosoft SecurityGoogle Cloud Security
Explore General Knowledge
Illustration of a penetration testing workflow spanning reconnaissance, scanning, enumeration, exploitation, and reporting

Trusted By

Organizations where my certifications and performance were recognized.

API Sec University logo
Thought Machine logo
Amazon Web Services logo
Google logo
BackBase Fintech logo
Microsoft logo
Hacker Rank - ReactJS logo
EC-Council | CEH logo
Python Free Code Camp logo
Try Hack Me - Red teamer logo
View All Badges

About Me

Experience, strengths, and education that shape the way I build products.

Senior IT Operations & Security Specialist

2025 - Present

Onlive Support Services S.A.L

As Senior IT Operations & Security Specialist, I'm managing and securing Microsoft ecosystems, including Microsoft 365, Defender for Endpoint, and Intune across enterprise environments. I monitor systems, respond to threats, and implement security best practices to ensure high availability, performance, and resilience.

Penetration Tester

2023 - Present

Freelance

I perform security assessments on web applications and APIs to identify vulnerabilities such as XSS, SQL injection, authentication flaws, and misconfigurations. I simulate real-world attacks to help organizations understand their weaknesses and improve their security posture.

Security Architect

2022 - 2025

ICC Group

I designed secure system architectures for cloud and web applications. This includes implementing best practices such as zero-trust models, identity and access management (IAM), network segmentation, and secure API design. I focused on preventing vulnerabilities before they happen by embedding security into every layer of the system.

Senior Full Stack Engineer

2020 - 2022

LadBrokes

I built modern, scalable web applications using technologies like React, Next.js, Node.js, and PostgreSQL. I followed secure coding practices, optimized performance, and ensured applications were production-ready. I also designed clean architectures that were easy to maintain and scale.

Skills

  • Cybersecurity
  • Burp Suite
  • Nessus
  • Metasploit
  • Wireshark
  • React / Next.js
  • Node.js
  • GraphQL
  • RestAPI
  • PostgreSQL
  • API Security
  • Microsoft365
  • Defender for Endpoint
  • Intune
  • AWS
  • Azure
  • Pentesting
  • OffensiveSecurity
  • CI/CD
  • Networking
  • IncidentResponse
  • Scripting

Education

American University of Beirut logo

Professional Diploma in Cybersecurity

American University of Beirut

2024 - 2025

Notre Dame University - Louaize logo

B.Sc. in Computer Science

Notre Dame University - Louaize

2015 - 2019

Some Projects

Selected work focused on business impact, elegant user experience, and technical craftsmanship.

SNB - KSA

SNB - KSA

I helped harden this financial web platform by aligning React and ASP.NET delivery with strict HSTS and secure session handling, focusing on reducing attack surface and improving resilience against common web exploitation paths.

  • React
  • HSTS
  • ASP.NET
  • FinTech
Live Demo
SGBL - LB

SGBL - LB

I worked on strengthening this banking-facing experience using Azure hosting controls, HSTS enforcement, and cryptographic handling with crypto-js to support confidentiality and safer user transactions.

  • GSAP
  • Azure
  • HSTS
  • Crypto-js
Live Demo
Dar Al Hekma - KSA

Dar Al Hekma - KSA

I improved the security posture of this academic platform by combining IIS hardening, Cloudflare edge protection, and modern transport controls like HSTS and HTTP/3 to reduce exposure to network-layer and web-layer risks.

  • HSTS
  • HTTP3
  • IIS
  • CloudFlare
Live Demo
Ellucian Banner AUB - LB

Ellucian Banner AUB - LB

I supported a secure student-system rollout by integrating Angular and ASP.NET workflows with strict transport security and Cloudflare controls, prioritizing availability and protection of sensitive academic data.

  • Angular
  • HSTS
  • ASP.NET
  • CloudFlare
Live Demo
PTP Tips - AU

PTP Tips - AU

I designed this e-commerce stack with security-first delivery by pairing React with AWS S3 and CloudFront controls, while validating payment-flow trust boundaries around Stripe integrations.

  • React
  • AmazonS3
  • Amazon CloudFront
  • Stripe
Live Demo
Healthcare - LB

Healthcare - LB

I contributed to this healthcare platform with a focus on secure frontend behavior, Cloudflare edge safeguards, and platform-level hardening in Shopify to better protect patient-facing workflows and account integrity.

  • React
  • Shopify
  • CloudFlare
Live Demo
Symply - UAE

Symply - UAE

I reinforced this commerce experience by combining Shopify and Ruby customization with Cloudflare and HSTS controls, improving defensive depth against session abuse, transport interception, and storefront attack vectors.

  • Shopify
  • CloudFlare
  • HSTS
  • Ruby
Live Demo
Hala Pop - UAE

Hala Pop - UAE

I optimized this brand storefront for both visibility and security by implementing Open Graph hygiene, enforcing HSTS and HTTP/3 transport security, and using Cloudflare protections to lower risk while keeping performance high.

  • OpenGraph
  • HSTS
  • HTTP3
  • Shopify
  • CloudFlare
Live Demo

Writing & Insights

Selected long-form writing and ongoing commentary published on LinkedIn around cybersecurity, secure architecture, and resilient delivery.

LinkedIn

LinkedIn Articles

Long-form writing on application security, cloud architecture, resilient delivery, and practical cyber defense.

Read Articles

LinkedIn

LinkedIn Activity

Recent commentary, security notes, and professional updates published alongside day-to-day engineering work.

View Activity

Featured Video

What Is Cyber Security | How It Works? | Cyber Security In 7 Minutes | Cyber Security | Simplilearn