initializing_security_profile.sh
root@security:~$ ./initialize_portfolio.sh
Loading security profile
security_profile.sh
root@security:~$ whoami

Md Minhazul Islam

Senior Engineer, Product Security

@ Axiler

root@security:~$ cat /etc/motd

Securing products and infrastructure with 2+ years of experience in threat modeling, vulnerability assessment, and security automation. Specialized in cloud security, DevSecOps, and offensive security techniques.

root@security:~$
security_monitor.sh — bash — 80×24
minhaz@security:~$ nmap -sS 192.168.1.0/24
Starting Nmap scan...
Host is up (0.001s latency)
22/tcp open ssh
80/tcp open http
443/tcp open https
minhaz@security:~$ netstat -tulpn | grep LISTEN
tcp 0.0.0.0:22 LISTEN 1337/sshd
tcp 0.0.0.0:80 LISTEN 1842/nginx
minhaz@security:~$ ps aux | grep suspicious
No suspicious processes found
minhaz@security:~$ tail -f /var/log/auth.log
Monitoring authentication logs...
minhaz@security:~$

Work Experience

Senior Engineer, Product Security

Axiler

November 2024 - Present

  • Threat Modeling & Risk Assessment
  • Infrastructure & Cloud Security
  • Code Review & Security Testing
  • Vulnerability Management
  • Security Automation & Monitoring
  • Incident Response

Security Engineer

MeghOps

April 2024 - November 2024

  • VAPT (Vulnerability Assessment & Penetration Testing)
  • Product Feature R&D
  • Security Assessment & Monitoring

Jr. Cybersecurity Engineer

TechForing Ltd

December 2023 - April 2024

  • VAPT on Internal Applications & Client Infrastructure
  • Digital Forensics & Hack Recovery
  • Cybercrime Investigation

Education

Bachelor of Science in Information Technology

University of Information Technology & Sciences, Dhaka
January 2020 - December 2023
Concentration: Cybersecurity
GPA: 3.3/4.0

Technical Arsenal

Security Engineering

Threat Modeling Risk Assessment STRIDE PASTA NIST ISO 27001/27002 OWASP

Cloud & DevOps

AWS GCP Azure Docker Kubernetes Terraform Ansible Jenkins

Offensive Security

VAPT Web App Testing API Testing Network Testing Cloud Security OWASP Top 10

Defensive Security

Threat Hunting Forensics SIEM Wazuh Splunk Suricata Yara

Malware Analysis

Reverse Engineering Static Analysis Dynamic Analysis IDA Ghidra x64dbg

Programming

Python Go Bash Assembly ARM MIPS

Projects & Research

Dynamic Phishing URL Detection

Machine Learning & Deep Learning algorithms for detecting phishing URLs in real-time

Python ML/DL Thesis

Driftsec

Tool for detecting and managing configuration drift in cloud resources

Cloud Security DevSecOps In Development

Threat Play

Product threat hunting playbook generator for security teams

Threat Hunting Automation In Development

eBPF Kubernetes Auditor

Network Policy Auditor powered by eBPF for Kubernetes environments

eBPF Kubernetes In Development

Hound

Port scanner and website security header checker script

Python Security Testing Open Source

SSHHH

SSH login brute force testing tool for security assessments

Python Penetration Testing Security Tool

Achievements & Certifications

CTF Competitions

2nd

IEEE Cyber Crawler CTF 2023

Bangladesh

5th

National Inter-University CyberDrill 2022

Bangladesh

11th

LEETCON HackMeIfYouCan 2023

Bangladesh

11th

National Flaghunt 2022

Bangladesh

14th

National Cyber Drill 2022

Bangladesh

Certifications

Google Cybersecurity Professional

Google

Multi Cloud Red Team Analyst (MCRTA)

CWL

Certified AppSec Practitioner

The SecOps Group

Certified Cloud Security Practitioner – AWS

The SecOps Group

Contact

contact.sh
root@security:~$ grep -r "contact" /etc/profile
minhajshuvo7@gmail.com
LinkedIn
GitHub
Twitter
root@security:~$ echo "Thanks for visiting!"

Available for security consulting, penetration testing, and product security roles.