About me

Cybersecurity
Analyst & Consultant

3+ Years Experience ISO 27001 & NIST VAPT · Audits · IR

I am a Cybersecurity professional specializing in VAPT, security audits, threat detection, and compliance frameworks such as ISO 27001 and NIST. With over 3 years of hands-on experience, I help organizations strengthen their security posture and improve governance frameworks to reduce risk exposure.

My work focuses on identifying and remediating critical vulnerabilities, having successfully addressed 50+ high and critical security issues. I have also contributed to mitigating advanced threats such as ransomware, helping prevent potential operational and financial impact.

Experience
Aug 2024
Present Current

Senior Executive, Cyber Security

BRACNet Limited

  • Conducted internal cybersecurity audits and assessments to ensure compliance with international standards and evaluate control effectiveness.
  • Performed vulnerability assessments, led incident investigations, and implemented effective remediation strategies for critical vulnerabilities.
  • Developed security policies, procedures, and reports to drive continuous improvement in governance.
  • Monitored security systems, SIEM platforms, and threat intelligence feeds to identify and respond to potential threats.
Sept 2022
July 2024

Executive Engineer, Security Operations

Enterprise InfoSec Consultants (EIC)

  • Performed consultancy for ISO 27001, Risk Assessment, real-time monitoring, VAPT, and incident response.
  • Analyzed complex systems including applications, operating systems, and networking devices to identify risks within client environments.
  • Successfully delivered security testing and audits for Banking, Government, Telecommunications, and International NGOs.
Expertise

Audit & Compliance

IT Audit, ISO 27001 Lead Auditing, Risk Assessment, and Policy Development.

Offensive Security

Vulnerability Assessment & Penetration Testing (Web, Mobile, Network) following OWASP methodologies.

Defensive Operations

Security Monitoring, SIEM management, Threat Detection, and Incident Response.

Infrastructure

Endpoint Protection Management and Remediation Planning.

Tools & Stack

Industry-leading security tools used for daily operations, vulnerability scanning, and SIEM monitoring.

Burp Suite Tenable Wazuh FortiSIEM SOC Radar Qualys Acunetix Metasploit Pro Python C
Education
2019 — 2023

BSc in Software Engineering

Daffodil International University

Major in Cybersecurity  ·  CGPA 3.43 / 4.00

HSC

Higher Secondary Certificate

Brindaban Govt College, Habiganj

Science Group