Cyber Security Operator

~/profile/anurag :: live

Security engineering that turns risk into evidence, action, and resilience.

I help teams test what matters, contain what breaks, and harden what must stay online, with clear reporting and automation that turns fixes into repeatable controls.

Read the field notes

anurag@secops:~

$ whoami

security-engineer / incident-responder / automation-builder

$ load_capabilities --priority critical

  • Penetration testing and vulnerability assessment
  • Incident response, forensics, and malware triage
  • ISO 27001, Essential Eight, PCI-DSS, NIST alignment
  • Python, Bash, PowerShell, Docker, cloud hardening

signal: trusted | posture: hardened | noise: filtered

  • SecOps

    Banking security operations, SIEM tuning, threat intelligence, and Tier II incident reporting.

  • Hall of Fame

    Recognized in Microsoft's security acknowledgement program for responsibly reporting a flaw.

  • Governance

    Led Essential Eight and ISO 27001-aligned security programs as Head of Security in Melbourne.

I'm a Security Engineer with over 8 years of experience across penetration testing, incident response, digital forensics, environment hardening, automation, and compliance. I like work that is technical, evidence-led, and practical: find the risk, prove it clearly, fix it cleanly, then make the fix repeatable.

My background spans banking security operations, managed security leadership, freelance incident recovery, application testing, server hardening, and governance programs including PCI-DSS and ISO 27001. I hold certifications across ethical hacking, penetration testing, appsec, malware analysis, and cybersecurity operations, and I bring that mix of offensive thinking and defensive discipline into every engagement.

Core operations

  • design icon

    Offensive Security

    Penetration testing, vulnerability assessment, exploit validation, and clear reporting that helps teams prioritize the fixes that actually reduce risk.

  • Web development icon

    Hardening & Automation

    Server deployment, containerized workloads, backup workflows, and repeatable security automation with Python, Bash, PowerShell, Docker, and cloud platforms.

  • mobile app icon

    Governance & Compliance

    Practical alignment with ISO 27001, NIST, Essential Eight, COBIT, and PCI-DSS so policy, controls, evidence, and operations stay connected.

  • camera icon

    Incident Response & Forensics

    Calm containment, forensic analysis, malware triage, log review, and recovery guidance when the situation is noisy and the evidence needs to be precise.

Testimonials

  • Jessica miller

    Oscar C

    I highly recommend Anurag for any Security and DevOps projects. He was able to quickly and effectively address the urgent needs of our large servers and workstations. He has several certifications and a wide range of skill sets and had strong experience with System Administration, in-depth knowledge of networking, and proficiency in scripting languages such as Python, Bash, and Powershell as well as Docker and Kubernetes. He also has excellent English language and reporting skills. He was able to complete the job faster than expected and provided great results in much less time than expected. I would definitely work with him again in the future and recommend him to any employer looking for a highly skilled Security and DevOps professional.

  • Daniel lewis

    Cameron Gorskie

    Hacked Website Recovery and Security Hardening - Anurag was responsive, very professional, and worked very well. I recommend his services with my eyes closed.

  • Emily evans

    Sean Akhlaghi

    Cyber Security Professional - Highly recommend Anurag. He is very knowledgeable in the Cyber Security field. His dedication to delivering the project and making customer happy is beyond anything I have experienced on Upwork. He went beyond the job requirements and attended several meetings to ensure all ends are covered. Overall, I give him A+ on knowledge, quick turn around time and team work. I certainly will continue to work with him in the future.

  • manish0091 - Fiverr

    manish0091 - Fiverr

    Anurag is a very honest and polite seller. He has worked for more than what I wanted. He did everything on his own. He even took his time to fix all the related issues to my website and the whole server as well and I am happy overall. He upgraded and secured my server as well where he did several security fixes along with automated backup. He has been able to give me an excellent report for the website and all the vulnerabilities. The malware that took the website was entirely fixed by him which was so problematic but he did it. I 100% recommend this seller as he is very experienced, knowledgable and very good with communication. I am going to use this seller again and again

  • syncronox - Fiverr

    syncronox - Fiverr

    Wow! Anurag was amazing, very pleasant and friendly to deal with, extremely informative and comprehensive in the report and details he provided. He looks out for your best interests and goes above and beyond in the service he provides. I never thought much about website security, but recently my website was hijacked, Anurag was able to provide an in-depth analysis of the site and identified how the website was hijacked. Now my site is in a better and more secure position, giving my clients greater safety and security. I will continue to utilise Anurag's expertise and skills to ensure a safe and secure web. Highly recommended, if you have a website, this is a service you need!

quote icon

Resume

Education

  1. Kathmandu University

    Aug 2015 — Oct 2019

    BSc. in Computer Science
    Department of Computer Science and Engineering

Experience

  • Security Engineer/Data Analyst/Designer/Developer
    Upwork/Fiverr/Independent Clients, Remote Work

    Nov 2013 — Feb 2024

    • Designed logos, banners, websites, UI/UX, and managed client projects. (2013-2018)
    • Designed and developed websites, ensuring security using PHP, HTML, CSS, and JS. (2015-2020)
    • Scraped and analyzed data, and prepared research reports using Python, Selenium, and Scrapy. (2017-2020)
    • Deployed and secured applications in cloud-based solutions like AWS, Azure, Digital Ocean, and VPS. (2018 - Feb 2024)
    • Analyzed the security of web and mobile applications and servers, preparing detailed reports and remediation methods. (2018 - Feb 2024)
    • Fixed security issues and prepared future plan reports. (2018 - Feb 2024)
    • Automated server-based backups and created workflows for redundant tasks. (2018 - Feb 2024)
    • Mitigated and fixed issues caused by malware, server, or website takeover. (2019 - Feb 2024)
    • Worked with incident response and conducted malware analysis. (2020 - Feb 2024)
    • Assisted in preparing policies and standards for various organizations. (2020 - Feb 2024)

  • Head of Security
    Onsite Helper Pty Ltd, Melbourne, Australia

    Feb 2023 — Present

    • Led the adoption and management of compliance frameworks, including Essential Eight and ISO 27001, to uphold stringent security standards.
    • Directed comprehensive penetration testing and vulnerability assessments across diverse operating systems and applications, enhancing organizational security posture.
    • Managed Google Workspace integration and compliance, ensuring robust security measures aligned with corporate policies.
    • Provided strategic leadership for the HelpDesk team, streamlining responses to security and IT queries from onboarded clients to maintain high service levels.
    • Developed and implemented tailored security strategies for clients, reinforcing the MSSP's commitment to customized security solutions.
    • Maintained cutting-edge knowledge of security trends and technologies, fostering a culture of continuous improvement and resilience against emerging threats.
    • Spearheaded the development of incident response and disaster recovery plans, minimizing potential disruptions and safeguarding against data breaches.
    • Established governance structures to oversee security policies, audits, and compliance checks, ensuring accountability and transparency across all security initiatives.
    • Cultivated partnerships with technology vendors and other MSSPs, enhancing service offerings through collaborative security solutions.
    • Championed security awareness and training programs, empowering employees and clients with the knowledge to mitigate security risks.
    • Oversaw the deployment of advanced security tools and technologies, including SIEM systems, for real-time threat detection and response.
    • Guided the technical and strategic direction for cybersecurity initiatives, balancing innovation with risk management to protect organizational and client assets.

  • Freelance Security Engineer
    HL Support Pvt. Ltd., England and Wales

    Feb 2022 — Feb 2023

    • Regularly analyzed security-related issues and created detailed reports on Proof of Concepts of the vulnerabilities and issues identified.
    • Created automated backup solutions and maintained them from VPS to cloud storage mediums.
    • Maintained and fixed server and application-related issues, ensuring reliability, integrity, and confidentiality.
    • Collaborated with developers to fix potential operational issues.
    • Hardened servers and web applications for enhanced security.

  • Security Analyst Tier II
    Sanima Bank Ltd., Nepal

    Feb 2020 — Feb 2022

    • Updated tickets, wrote incident reports, and documented actions for false positive reduction.
    • Developed knowledge of attack types and fine-tuned detective capabilities such as writing SIEM alerts.
    • Examined system logs, established monitoring protocols, and conducted penetration testing.
    • Regularly monitored Information Security assets for security incidents.
    • Conducted investigations on security breaches, prepared reports, and suggested security enhancements to senior management.
    • Integrated Threat Intelligence with Intrusion Detection systems and maintained them regularly.

  • Project Manager/Security Engineer
    CICT (Covid-19 Contact Tracing Web App), Dhulikhel Hospital, Nepal

    Jan 2021 — June 2021

    • Hardened the entire server and application.
    • Managed the team and completed the project within the timeline.
    • Ran security analysis and penetration testing to identify and fix vulnerabilities.

  • Freelance Security Analyst
    Hamro Patro, Nepal

    Dec 2020 — June 2021

    • Identified security-related issues within the Hamro Patro mobile application, website, and server.
    • Created detailed reports on Proof of Concepts of the vulnerabilities.
    • Collaborated with the developer team to mitigate and fix the identified issues.

  • Security Engineer
    Eminence Ways Pvt. Ltd., Nepal

    Jul 2019 — Dec 2019

    • Performed Vulnerability Assessment and Penetration Testing for clients (onsite) and prepared reports.
    • Researched IoT-based security products and developed prototypes.

Research Papers

My Skills

  • Cybersecurity Operations
  • Penetration Testing
  • Server Hardening & Automation
  • Compliance & Governance
  • Threat Monitoring & Incident Response
  • Log Analysis
  • Malware Analysis
  • Automation & Scripting (Python/Bash)
  • Vulnerability Assessment
  • Cloud Security (AWS, Azure, GCP)
  • Containerized Deployment
  • Security Tools (BurpSuite, Nmap, Metasploit)
  • SIEM & Threat Detection (ELK, QRadar)
  • Reverse Engineering
  • Web Scraping & Data Analysis
  • Consultation & Security Strategy

Trainings

  • Autopsy Basics and Hands On

    Basis Technology

  • Incident Handling Hands-On Scenario & Malware Analysis

    CyberSecurity Malaysia

  • Cybersecurity Practices for Industrial Control Systems

    U.S. Department of Homeland Security

  • CNSS Certified Network Security Specialist

    International CyberSecurity Institute

  • Cyber Security Training Programme

    National Institute of Bank Management

  • Intermediate Python

    DataCamp

  • Lean Six Sigma White Belt in Engineering

    Aveta Business Institute

  • Fortinet Network Security Expert NSE 1 & 2

    Fortinet NSE Institute

  • Advanced Python

    PluralSight

  • ISO/IEC 27001 Information Security Associate Certification

    Skill Front

  • Ethical Hacker

    CISCO

  • Cyber Threat Management

    CISCO

  • Network Defence

    CISCO

Recognitions and Participations

  • Microsoft’s Hall of Fame (Security Flaw)

    Found a Security Flaw in Microsoft’s Site [October 31st, 2020]

    Microsoft Corporation

  • LTSP E-Library Project (Linux and Networking)

    Worked as a volunteer for HeNN E-library Project for 5 years (Monitored/Deployed at various sites)

    Help Nepal Network

  • Security Leadership in Melbourne

    Led Essential Eight, ISO 27001, penetration testing, incident response, and security governance initiatives.

    Onsite Helper Pty Ltd

  • Top Rated Plus Freelancer

    A Top Rated plus freelancer on Upwork [Member since 2014]

    Upwork

  • Level 2 Seller

    A Level 2 seller on Fiverr [Member since 2013]

    Fiverr

  • TEDx Organizer

    Co-Organizer at TEDxYouth@Gyaneshwor (Technical Lead)

    TEDxYouth@Gyaneshwor

  • 1st Runner-Up - Capture the Flag Competition

    Attained the position of 1st Runner up at Global Cyber Security Summit 2018 Capture the Flag Event

    GCSS 2018, Nepal

  • KubeCon + CloudNativeCon Europe 2022

    Physically Attended KubeCon 2022 held at Valencia, Spain

    The Linux Foundation

  • Project Amplifire - US Embassy

    Worked as a designer for Project Amplifire

    US Embassy

  • Engineers Without Borders

    Collaborated with University of Colorado Boulder for Engineers without Borders Conducted Technical Survey of Kalinchowk Ward -1 Area using Drones

    Boulder, CO 80309, USA

  • Nirvana Home Studio International Internship (AIESEC)

    Worked as an intern for a month at Nirvana Home Studio under Photography, Videography, Design, and Editing

    Nirvana Home Studio, Bogor, Indonesia

  • Kathmandu University Computer Club

    Worked for 3 years as Executive Member, Club secretary & General Secretary

    Kathmandu University, Dhulikhel, Kavre

  • IT MEET

    Organized IT MEET 2017, 2018, and v8.0, developed Smart Panas app at IT MEET 2018

    Kathmandu University, Dhulikhel, Kavre

  • PostgreSQL International Conference 2018 Nepal

    Volunteered as a logistics Manager, Designer, and Photographer

    POSTGRESQL International Conference, Kathmandu University, Nepal

  • Turbine Testing Lab Website

    Designed and Developed Turbine Testing Lab Website

    Turbine Testing Lab, Kathmandu University

  • 1st Runner up - Design Competition

    Attained the position of 1st runner up at UG Bazzaar Dashain and Tihar Competition

    Kathmandu University

  • Internal YET Conference

    Organizer at Internal Youth Entrepreneurship Conference (Technical Lead)

    Internal Youth Entrepreneurship Conference, Kathmandu, Nepal

Certifications

Contact

Base of operations

Melbourne, Australia Open in Google Maps

secure channel :: melbourne

Bring the risk, the system, or the incident. I will help turn it into a plan.

Based in Melbourne and available for security engineering, incident response, hardening, compliance, and automation work.

Contact Form