Syed Muhammad Siddiq Bin Syed Ali
Summary
A cybersecurity graduate with hands-on experience in blue team operations during my National Service (2021-2023). Gained exposure to SOC operations and incident response, and eager to further enhance my knowledge and expertise in cybersecurity. Committed to continuous learning and contributing to a secure and resilient digital environment.
Overview
8
8
years of professional experience
Work History
Cyber Security Officer (SOC)
Ministry Of Home Affairs (MHA HTX)
01.2022 - 08.2023
- Assess potential security incidents and escalate them to the appropriate Home Team personnel.
- Analyze reported malicious phishing emails and escalate them as necessary.
- Conduct proactive monitoring to identify fraudulent or defaced government websites.
- Perform Indicator of Compromise (IOC) scanning to detect signs of cyber attacks.
- Improve and document operational workflows to align with a dynamic work environment.
- Collection and generation of log reports to support security analysts in conducting incident investigations.
Research and Development Intern
Trilogy Technologies Pte. Ltd.
09.2020 - 02.2021
- Conduct independent research on assigned projects to gather relevant information, analyze requirements, and develop innovative solutions.
- Oversee the assembly and integration of project components, ensuring the successful completion of box builds in accordance with technical specifications.
- Propose and present innovative ideas aimed at enhancing product effectiveness while optimizing cost efficiency.
- Develop and implement independent scripting and coding solutions to ensure the functionality, performance, and reliability of project deliverables.
Tech/Desktop Support Intern
United Industrial Corporation (UIC) Ltd.
08.2017 - 02.2018
- Installed and configured specific Operating Systems (OS) on desktops and laptops to meet user and business requirements.
- Conducted staging of computer systems, including software installation, driver updates, system imaging, and initial testing to ensure seamless deployment.
- Assisted in the deployment of PCs by setting up hardware, installing necessary applications, and ensuring proper network connectivity.
- Configured IP settings, network parameters, and system preferences as part of the setup process to ensure proper integration with enterprise networks.
- Provided technical troubleshooting and support for hardware, software, and network-related issues, diagnosing and resolving system malfunctions.
- Managed the packing and preparation of IT products for delivery, ensuring proper handling and documentation.
- Assisted end-users with system setup, network configuration, and initial software installations to ensure a smooth transition to new hardware or software environments.
Check-in Assistant
SATS Ltd.
10.2015 - 03.2016
- Assisted passengers with the check-in process, including verifying travel documents and processing checked baggage in accordance with airline policies.
- Guided passengers through self-service kiosk machines for boarding pass retrieval and baggage tag printing, ensuring a smooth check-in experience.
- Provided clear directions to passengers regarding boarding gates, security checkpoints, and other airport facilities to facilitate efficient passenger flow.
- Offered general customer service support, addressing passenger inquiries and providing assistance with travel-related concerns.
- Ensured compliance with airline and airport security regulations while handling passenger interactions and baggage check-in procedures.
Education
Bachelor's Degree - Cyber Security and Forensics
Murdoch University
Singapore03.2025
Diploma - Electronic Systems
Nanyang Polytechnic
Singapore03.2021
Higher-Nitec - Cyber and Network Security
Simei College East (ITE)
Singapore04.2018
GCE ‘O’ level -
Changkat Changi Secondary School
Singapore12.2015
Skills
- Alert Management
- Anti-Phishing (JAGA)
- C#
- C
- Cisco Packet Tracer
- Cyber Forensic Tools (OSForensics, Hex Workshop, Autopsy)
- Customer Support
- Documentation
- Honeypot (Cowry)
- Incident Response
- Intrusion Detection/Prevention (Snort)
- IT Support
- Kali Linux
- Linux OS
- Microsoft Office
- Networking
- Product Deployment
- Project Management
- Python
- Research & Development
- Security Information and Event Management (Splunk, Resilient, QRadar)
- SOC Operations
- Staging
- Trouble Shooting
- Ubuntu
- Vulnerability Management
- Windows OS
Personal Information
- Place of Birth: Singapore
- Ethnicity: Arab
- Date of Birth: 11/04/99
- Gender: Male
- Nationality: Singaporean
Projects
1. Security Master Plan for an SME scenario (Sep 2024 - Nov 2024)
- Conducted comprehensive risk assessments and threat analyses across technical, physical, and human resource assets to identify potential vulnerabilities.
- Designed mitigation strategies including the implementation of SIEM (Security Information and Event Management) and the enforcement of RBAC (Role-Based Access Control) to enhance security posture.
- Proposed a phased implementation timeline in alignment with ISO/IEC 27001 standards to ensure systematic and structured deployment of security measures.
- Delivered a cost-benefit analysis to substantiate the proposed investments in cybersecurity enhancements, emphasizing long-term organizational value and risk reduction.
2. CVE-2022-44877 (CWP Remote Arbitrary Command Execution) Detection, Alert, and Mitigation (May 2024 - Aug 2024)
- Configured Burp Suite on Kali Linux to effectively exploit the vulnerability within the Control Web Panel installed in a target machine, CentOS 7.
- Utilized Splunk Enterprise on Ubuntu Linux to detect CVE-2022-44877 exploit attempts, implementing SMS and email notifications for timely alerts.
- Implemented necessary sudo commands such as the 'firewalld' solution on the target machine to mitigate the vulnerability.
- Documented demonstration setups, installations, configurations, and limitations for future replication.
3. CVE-2023-22809 (Unauthorized Privilege Escalation via sudoedit) Exploit (Feb 2024 - Apr 2024)
- Utilized affected Ubuntu 22.04.1 LTS to proceed with the exploit.
- Create a standard user account with no admin privileges to show proof of concept.
- Execute a bash command on a downloaded GitHub script to exploit the vulnerable '' handles in the sudoedit functionality.
- Gained access to sudoers file to forcefully alter and escalate privileges to ALL.
- Successfully gain temporary root access once exploit is complete.
- Documented demonstration setups, installations, configuration, and prevention strategies for future replication.
Languages
English
Malay
Awards
- 2023, Performance Recognition Award 2023 for Full-Time National Servicemen in MHQ
- 2017, Edusave Good Progress Award, ITE College East (Simei)
- 2012, Edusave Certificate of Academic Achievement, Changkat Changi Secondary School
Additional Information
Professional Certifications: None
Timeline
Cyber Security Officer (SOC)
Ministry Of Home Affairs (MHA HTX)
01.2022 - 08.2023
Research and Development Intern
Trilogy Technologies Pte. Ltd.
09.2020 - 02.2021
Tech/Desktop Support Intern
United Industrial Corporation (UIC) Ltd.
08.2017 - 02.2018
Check-in Assistant
SATS Ltd.
10.2015 - 03.2016
Bachelor's Degree - Cyber Security and Forensics
Murdoch University
Diploma - Electronic Systems
Nanyang Polytechnic
Higher-Nitec - Cyber and Network Security
Simei College East (ITE)
GCE ‘O’ level -
Changkat Changi Secondary School
Similar Profiles
Samantha WickhamSamantha Wickham
Head, Strategic Management Department at Ministry of Home AffairsHead, Strategic Management Department at Ministry of Home Affairs
Zoen LeeZoen Lee
Police Officer at Ministry of Home AffairsPolice Officer at Ministry of Home Affairs
ZAMNAH HAMIS MWABAMVUAZAMNAH HAMIS MWABAMVUA
Police Officer /Procurement Officer at Ministry Of Home AffairsPolice Officer /Procurement Officer at Ministry Of Home Affairs