Download Resume

Professional Summary

Cybersecurity Architect with expertise in red teaming, penetration testing, vulnerability management, security monitoring, and application security assessment. Currently working as an IT Security Specialist at Bank of Maldives, specializing in identifying and mitigating security risks in critical financial infrastructure.

With over 10 years of experience in the cybersecurity field, I have developed expertise in exploit research, threat monitoring, and strategic planning for cybersecurity technologies. I am passionate about enhancing organizational security posture and delivering innovative solutions that improve resilience against emerging threats.

My core competencies include:

  • Red teaming and penetration testing
  • Vulnerability management and research
  • Security monitoring and incident response
  • Application security assessment
  • Strategic planning for cybersecurity technologies

Professional Experience

December 2017 - Present
IT Security Specialist
Bank of Maldives
  • Manage exploit research activity and monitor global development of threats and vulnerabilities
  • Promptly respond to critical threats & vulnerabilities by assessing and testing the impact on the Bank's IT infrastructure and applications
  • Participate in strategic planning for the deployment of cybersecurity technologies and program enhancements
  • Conduct application security assessments to identify security weaknesses
  • Implement security monitoring: logging, detection, alerting, response, and investigation
  • Monitor all controls in Security Management Program activities related to PCI-DSS
  • Lead incident response and threat hunting initiatives
January 2013 - March 2023
Cybersecurity Architect
Cyber Security Maldives
  • Conducted web/application penetration testing and security assessments
  • Provided IT security consulting services
  • Implemented vulnerability management solutions
  • Delivered security awareness training
January 2011 - November 2017
Head of Information Technology Operations
Anti-Corruption Commission Maldives
  • Managed organization network infrastructure, data security & IT projects
  • Created IT policies, procedures, and best security controls and practices
  • Drove innovation by delivering new technology solutions
  • Established metrics and analytic reporting including monitoring, incident response, and log management
  • Planned, implemented, and maintained networks with varying topology and infrastructure models
  • Implemented multiple technologies to ensure system security
January 2007 - December 2010
Security Researcher
Freelancer

Published several web application and Windows application exploits and proof of concepts. Published POCs available on Exploit-DB profile.

Notable Projects

PCI-DSS Security Management Program
Security Controls, Compliance, Risk Management
Implemented and monitored comprehensive security controls for PCI-DSS compliance in a banking environment. Established monitoring systems and procedures to ensure continuous compliance with industry standards.
Enterprise Security Monitoring System
SIEM, Log Management, Incident Response
Designed and implemented an enterprise-level security monitoring system with logging, detection, alerting, and response capabilities. Established metrics and analytic reporting to enhance visibility into security events and incidents.
Vulnerability Management Program
Threat Intelligence, Risk Assessment, Remediation
Developed a comprehensive vulnerability management program to identify, assess, and remediate security vulnerabilities across the organization's infrastructure and applications. Implemented processes for tracking and prioritizing vulnerabilities based on risk.
Security Awareness Training Program
Training, Social Engineering, Phishing Simulations
Created and delivered a security awareness training program to educate employees on security best practices, social engineering threats, and phishing awareness. Conducted regular simulations to measure effectiveness and improve organizational security posture.

Skills

Information Security Governance 95%
Information Security Risk Management 90%
Cybersecurity 95%
Penetration Testing 90%
Vulnerability Management 85%
Cloud Security 80%
Application Security 85%

Education

2013 - 2015
Bachelor of Science (BSc) in System Administration
Cyryx College
2007 - 2010
Bachelor of Science (BSc) in Commerce & Computer Science
Osmania University
2006 - 2007
A' Level in Civics, Economics, English, Accounting
Shadan Junior College

Certifications

Current
Certified Information Security Manager (CISM)
ISACA
Current
Certificate of Cloud Security Knowledge v.4 (CCSK)
Cloud Security Alliance
Current
Certified Ethical Hacker (CEH)
EC-Council
Current
Microsoft Certified Solution Associate
Microsoft
Current
Microsoft Certified: Azure Fundamentals
Microsoft

Honors & Awards

SAP Security Researchers Acknowledgment
SquidooHQ Security Researchers Acknowledgment

Contact

Email: [email protected]

Blog: ptrace.net

If you'd like to communicate with me securely, get my PGP public key from the MIT PGP Public Key Server

Fingerprint: 8F1F ECD3 786D A657 60EB F644 240B 4C44 E426 997A

Languages

  • English
  • Hindi