eJPT Certified · Top 12 Jordan NCSC

Bader
Alzoubi

$ Cybersecurity Specialist · Penetration Tester · IT Infrastructure

IT professional with a strong foundation in offensive security, network infrastructure, and systems administration. Founded Team Glitch, achieved national-level CTF rankings, and disclosed critical vulnerabilities through responsible bug bounty programs.

Get In Touch Portfolio Site ↗ GlitchPub ↗
Bader@Glitch:~$ whoami
Bader@Glitch:~$ cat profile.json
{
"name": "Bader Alzoubi",
"role": "Cybersecurity Specialist",
"cert": "eJPT (INE Security)",
"location": "Al-Ramtha, Jordan 🇯🇴",
"team": "Team Glitch",
"ncsc_rank": "Top 12 — Jordan",
"bug_bounty": true,
"publication": "glitchpub.com"
}
Bader@Glitch:~$
eJPT
Certified Penetration Tester
Top 12
NCSC Jordan National Ranking
Cyber Warriors Competitions
1
Critical Bug Bounty Awarded
02 // Technical Arsenal

Skills & Capabilities

Offensive Security
Penetration Testing Vuln Assessment Exploitation Privilege Escalation Post-Exploitation Reverse Engineering Malware Analysis Digital Forensics
Web Security
Blind SQL Injection WAF Bypass XSS IDOR OWASP Top 10 Burp Suite SQLMap FFUF Gobuster
Network & Infrastructure
TCP/IP OSI Model VLANs Routing & Switching Subnetting Wireshark Nmap Fortinet
Exploitation & Frameworks
Metasploit Exploit-DB Manual Exploitation CVE Research Active Directory SIEM Concepts Threat Hunting
Automation & Development
JavaScript Python Bash Scripting PHP C/C++ Socket Programming Browser Extensions
Embedded & Systems
Raspberry Pi Linux Admin Docker IoT Integration ARM Hardware SOC L1 Incident Response
03 // Build & Research

Projects & Achievements

★ Capstone Project · JUST 2026

UniSec-Edge — IoT Edge Security System

A unified, low-cost edge cybersecurity framework built on Raspberry Pi 5, targeting SOHO and IoT environments where traditional security infrastructure is inadequate.

Raspberry Pi 5 Suricata (IDS) Tor Gateway Honeypot Docker ARM Hardware
  • Deployed containerized stack: Suricata IDS + selective Tor gateway + high-interaction honeypot — all running simultaneously on ARM with minimal latency.
  • Cross-referenced IDS and honeypot logs to reduce false-positive alert rates against evolving threat patterns.
  • Proved viability of ARM embedded devices as enterprise-capable security hardware with deep packet inspection.
  • Delivered encrypted traffic analysis at a fraction of traditional appliance cost.
Leadership · Competitive CTF

Team Glitch — NCSC Cyber Warriors

Founded and led a competitive cybersecurity team through 3 consecutive NCSC-Jordan national competition editions.

  • Achieved Top 12 national ranking in Jordan — among the strongest cybersecurity teams in the country.
  • Directed strategy across web exploitation,Penetration Testing , Reverse Engineering, and network forensics.
CTF Penetration Testing Reverse Engineering NCSC Jordan
Bug Bounty · Responsible Disclosure

Critical Infrastructure Vulnerability

Identified and responsibly disclosed a critical security vulnerability in a university's internal infrastructure.

  • Developed proof-of-concept confirming impact and risk severity before reporting through official channels.
  • Awarded a financial bug bounty; delivered structured remediation guidance for security hardening.
Manual Analysis PoC Development Remediation Report
Web Pentesting · Research

Blind SQLi & WAF Evasion Research

Engineered and executed Blind SQL Injection attack chains against target applications without direct error-based feedback.

  • Applied WAF bypass techniques: parameter obfuscation, encoding manipulation, HTTP header injection.
  • Documented all findings in structured reports with CVSS severity and remediation steps.
Blind SQLi WAF Bypass SQLMap Manual Exploitation
Development · Automation

Browser-Based Automation System

Designed a local browser extension from scratch to automate repetitive operational workflows with near-complete process control.

  • Engineered event-driven logic for dynamic page states, data extraction, API interaction, and automated sequences.
  • Significantly reduced manual overhead across multi-step workflows with zero external dependencies.
JavaScript Browser APIs Event-Driven
Publication · Research

GlitchPub — Technical Security Blog

Founded and maintain a technical security publication covering CTF writeups, penetration testing walkthroughs, and offensive security research.

  • Targets the practitioner community — bridging raw technique with structured, reproducible methodology.
  • Published coverage of vulnerability research and offensive tradecraft.
CTF Writeups Vuln Research Technical Writing glitchpub.com ↗
04 // Work History

Professional Experience

2021 – 2023 · 2 Years 4 Months
Safety & Security Operations Specialist
Careem (Uber Technologies) — Irbid, Jordan
  • Monitored and triaged live safety and security incidents across multi-regional operations, applying structured incident response procedures to mitigate risk in real time.
  • Operated in a SOC-adjacent capacity — evaluating incoming security events, escalating critical cases with precise documentation and timeline reconstruction, and coordinating with cross-functional teams under strict SLAs.
  • Served as Floor Support lead, providing live operational guidance during high-pressure incidents and building crisis communication skills directly transferable to a Security Operations Center.
  • Managed high-volume bilingual (Arabic/English) security communications with accuracy under sustained operational pressure.
Education
Bachelor of Science in Cybersecurity
Jordan University of Science & Technology (JUST) · Irbid, Jordan
2022 – Present
Coursework spanning network security, reverse engineering, cryptography, digital forensics, secure software development, and algorithms — complemented by active lab practice, competitive CTF participation, and the UniSec-Edge capstone project.
Network Security Reverse Engineering Cryptography Digital Forensics Algorithms
05 // Training & Certifications

Certifications

eJPT — Junior Penetration Tester
INE Security
Jr Penetration Tester Learning Path
TryHackMe
SOC Level 1 Learning Path
TryHackMe
Web Fundamentals Learning Path
TryHackMe
Ethical Hacking Course
Cisco NetAcad
Cyber Warriors Competition Training
NCSC Jordan — 3 Editions
Pre-Cyber Security Program
Jordan University of Science & Technology
B2 Upper-Intermediate English
British Council — Certified
Drones Course — 16 Hours
JUST / CGAAO
Ana Ushark Entrepreneurship Program
JUST · Crown Prince Foundation
Introduction to Cyber Security
TryHackMe
Pre-Security Learning Path
TryHackMe
Get In Touch

Let's Work Together

Open to cybersecurity roles, penetration testing engagements, and collaborative research opportunities.

balzoubi009@gmail.com +962 785 656 115 LinkedIn ↗ 🌐 baderalzoubi.com ↗ GlitchPub.com ↗