Building a Strong Foundation with 12+ Years of Professional Expertise
Graduate Student Researcher
The University of Texas at Arlington (UTA) · Aug 2023 – Present
Texas, USA
Responsibilities
- Optimized resource allocation and scaling strategies for microservice-based cloud applications, enhancing computational efficiency and overall system performance.
- Designed and implemented a Kubernetes-based Resource Manager to orchestrate microservices, dynamically improving deployment scalability and operational resilience.
- Identified and mitigated critical resource bottlenecks in microservices architecture, ensuring peak performance across distributed cloud environments.
Contributions
- Implemented early SLO violation detection to streamline CPU utilization, driving greater resource efficiency, reducing unnecessary CPU overhead, and saving costs.
Chief Information Security Officer (CISO)
BRAC Bank PLC · Nov 2022 – Aug 2023
Dhaka, Bangladesh
Responsibilities
- Led tactical security initiatives, aligning goals with business objectives while driving policy creation, risk assessment, knowledge training, and incident response.
- Architected robust cybersecurity solutions to protect data, counter emerging threats, and ensure compliance while proactively monitoring and reporting evolving security trends.
- Fostered strategic stakeholder relationships, effectively communicated security insights, and shared best practices to elevate organizational cybersecurity awareness.
- Led the SOC, ensuring 24x7 threat detection, breach containment, and operational excellence through advanced security techniques.
Contributions
- Directed deploying advanced Ransomware prevention and Extended Detection and Response (XDR) systems, ensuring stakeholders can operate seamlessly while protecting the bank’s reputation and business continuity.
- Augmented cybersecurity protocols across 187 branches, 33 sub-branches, and 1,041 agent-banking outlets, safeguarding operations from evolving threats and ensuring uninterrupted service.
- Strengthened BRAC Bank’s position as a member of the Global Alliance for Banking on Values (GABV), aligning with global standards in secure and sustainable banking, reinforcing its leadership in the financial industry.
National IT Security Consultant
Bangladesh Computer Council Funded Projects by World Bank Group · Jan 2019 – Sep 2022
Dhaka, Bangladesh
Responsibilities
- Served as a key strategist in strengthening Bangladesh's cybersecurity landscape through comprehensive initiatives addressing technical and strategic challenges.
- Demonstrated expertise in cyber threats, risk management, infrastructure development, and policy formulation, which is critical in advancing the nation's cybersecurity posture.
- Contributed to building a resilient cybersecurity defense ecosystem for the Government of Bangladesh, enhancing technical capabilities and fostering security awareness across various sectors.
- Acted as a pivotal force in shaping national cybersecurity policies and awareness efforts, collaborating with government agencies, financial institutions, law enforcement agencies (LEAs), critical infrastructures, academia, and civil societies.
- Supervised audit teams by creating detailed plans, guiding them through the process, and preparing blueprints for prevention, detection, correction, and deterrent controls for the Government.
Contributions
- Significantly imparted in developing Bangladesh's National Cybersecurity Strategy, IT Audit Framework, and Cloud Computing Framework policy, reinforcing the nation's digital security posture.
- Oversaw auditing efforts for the National Data Center (NDC), BGD e-GOV CIRT, Tier IV National Data Center, and Critical Information Infrastructures (CIIs) by ensuring compliance with stringent security standards.
Assistant Vice President
Eastern Bank PLC · Nov 2016 – Dec 2018
Dhaka, Bangladesh
Responsibilities
- Headed the IT Security team, setting strategic direction and overseeing the development and implementation of the bank’s comprehensive information security strategy and architecture.
- Formulated and enforced stringent security policies and standards, ensuring strict compliance with regulations and cybersecurity laws.
- Steered bank-wide threat detection and response initiatives, conducting thorough risk assessments and driving proactive vulnerability management across critical systems.
- Pioneered integrating innovative security technologies, strengthening the bank's infrastructure against evolving threats, and successfully leading high-impact IT security projects to completion.
Contributions
- Secured PCI-DSS compliance, the gold standard for protecting sensitive client data, mitigating breaches, and safeguarding customers from financial and identity theft risks.
- Instrumental in Eastern Bank PLC’s trailblazing PCI-DSS implementation, solidifying its position as a frontrunner in data security within Bangladesh’s banking sector.
- Activated 24/7 cyber defenses using SIEM and SOAR systems, fending off major threats like ransomware and DDoS attacks and protecting assets.
Assistant Manager (Cybersecurity)
KPMG Bangladesh "Big Four" · Feb 2015 – Nov 2016
Dhaka, Bangladesh
Responsibilities
- Analyzed security incidents and conducted vulnerability assessments.
- Orchestrated project execution, preparing RFPs and technical proposals for security audits and developing IT policies aligned with international standards (ISO 27001, ITIL, COBIT) and regulatory guidelines.
- Coordinated as a critical liaison between IT and business units, managing SLAs, resolving security-related breaches, and driving service improvements.
- Conducted risk management assessments, utilizing CRAMM methodologies to pinpoint and mitigate IT risks while streamlining business processes through gap analysis and workflow redesign using MS Visio.
Contributions
- Strengthened the resilience of Payment and Settlement Systems of the Central Bank (Bangladesh Bank) by conducting thorough IT security audits, ensuring the stability and security of critical financial operations.
- Fortified the IT infrastructure and bolstered the credibility of Dhaka Bank PLC, NCC Bank PLC, Prime Bank PLC, BRAC Bank PLC, and Al-Arafah Islami Bank PLC, holding 15% of the market share through comprehensive security audits.
Senior Programmer (ERP Security)
IBCS-PRIMAX Software(Bangladesh) Limited · Jan 2014 – Feb 2015
Dhaka, Bangladesh
Responsibilities
- Ensured robust database security through proactive maintenance, backups, and monitoring while securely integrating ERP systems to minimize risks.
- Identified and mitigated security vulnerabilities via regular scans, testing, and role-based access control (RBAC) implementation.
- Secured sensitive data through encryption, masking, and compliance with data privacy regulations (GDPR, CCPA), with frequent backups and recovery tests.
- Managed secure ERP configurations and applied timely patches to address vulnerabilities and maintain system integrity.
Contributions
- Securely implemented ERP solutions such as Oracle E-Business Suite and JD Edwards in multiple organizations, enabling seamless, efficient service delivery to a large customer base, enhancing operational smoothness and reliability.
IT Specialist (Security)
IBM Bangladesh · Oct 2012 – Dec 2013
Dhaka, Bangladesh
Responsibilities
- Facilitated security analysis, collaborating with stakeholders to align advanced solutions with business goals.
- Organized security integration across projects, ensuring compliance with standards and monitoring SLAs.
- Enhanced database security through proactive monitoring, secure backups, and strategic capacity planning while maintaining detailed documentation for optimization.
Contributions
- Actively ensured seamless operations for Airtel Bangladesh, the second-largest mobile operator, by delivering critical IT and security services through IBM, supporting their customer experience with precision and reliability.