About me

I'm a Security Engineer with over 8 years of experience, specializing in Penetration Testing, Incident Response, Digital Forensics, Environment Hardening and Compliance. I am passionate about creating secure, efficient, and automated solutions.

My expertise includes securing infrastructures and automating processes with scripting, ensuring your systems are not only functional but resilient against potential threats. I hold multiple certifications such as Certified Ethical Hacker (Practical), eLearnSecurity Certified Professional Penetration Tester, and Certified AppSec Practitioner, among others. I've also worked on implementing industry compliances like PCI-DSS, ISO27001, and more. Whether working for an A-class bank or leading technical initiatives for local communities, I am adaptable and dedicated to delivering exceptional results.

What i'm doing

  • design icon

    Cyber Security Solutions

    I offer expert-level cyber security services, including penetration testing, vulnerability assessments, incident response, and server hardening. With extensive experience, I ensure top-notch security solutions for your business.

  • Web development icon

    Server Deployment & Automation

    Providing high-quality server deployment, containerized solutions, and automated backups with professional-level expertise in Python, Bash, and PowerShell scripting to optimize efficiency and security.

  • mobile app icon

    Compliance & Governance

    Ensuring adherence to industry standards and best practices such as ISO 27001, NIST, Essential Eight, and COBIT, by implementing robust compliance and governance frameworks to protect your organization's information assets and mitigate risks.

  • camera icon

    Incident Response and Digital Forensics

    With expertise in incident response, digital forensics, and data analysis, I deliver in-depth investigative insights and provide tailored solutions that mitigate risks and enhance cybersecurity, particularly in the fields of cyber threat detection and digital evidence handling

Testimonials

  • Jessica miller

    Oscar C

    I highly recommend Anurag for any Security and DevOps projects. He was able to quickly and effectively address the urgent needs of our large servers and workstations. He has several certifications and a wide range of skill sets and had strong experience with System Administration, in-depth knowledge of networking, and proficiency in scripting languages such as Python, Bash, and Powershell as well as Docker and Kubernetes. He also has excellent English language and reporting skills. He was able to complete the job faster than expected and provided great results in much less time than expected. I would definitely work with him again in the future and recommend him to any employer looking for a highly skilled Security and DevOps professional.

  • Daniel lewis

    Cameron Gorskie

    Hacked Website Recovery and Security Hardening - Anurag was responsive, very professional, and worked very well. I recommend his services with my eyes closed.

  • Emily evans

    Sean Akhlaghi

    Cyber Security Professional - Highly recommend Anurag. He is very knowledgeable in the Cyber Security field. His dedication to delivering the project and making customer happy is beyond anything I have experienced on Upwork. He went beyond the job requirements and attended several meetings to ensure all ends are covered. Overall, I give him A+ on knowledge, quick turn around time and team work. I certainly will continue to work with him in the future.

  • manish0091 - Fiverr

    manish0091 - Fiverr

    Anurag is a very honest and polite seller. He has worked for more than what I wanted. He did everything on his own. He even took his time to fix all the related issues to my website and the whole server as well and I am happy overall. He upgraded and secured my server as well where he did several security fixes along with automated backup. He has been able to give me an excellent report for the website and all the vulnerabilities. The malware that took the website was entirely fixed by him which was so problematic but he did it. I 100% recommend this seller as he is very experienced, knowledgable and very good with communication. I am going to use this seller again and again

  • syncronox - Fiverr

    syncronox - Fiverr

    Wow! Anurag was amazing, very pleasant and friendly to deal with, extremely informative and comprehensive in the report and details he provided. He looks out for your best interests and goes above and beyond in the service he provides. I never thought much about website security, but recently my website was hijacked, Anurag was able to provide an in-depth analysis of the site and identified how the website was hijacked. Now my site is in a better and more secure position, giving my clients greater safety and security. I will continue to utilise Anurag's expertise and skills to ensure a safe and secure web. Highly recommended, if you have a website, this is a service you need!

Resume

Education

  1. Kathmandu University

    Aug 2015 — Oct 2019

    BSc. in Computer Science
    Department of Computer Science and Engineering

Experience

  • Security Engineer/Data Analyst/Designer/Developer
    Upwork/Fiverr/Independent Clients, Remote Work

    Nov 2013 — Feb 2024


    • Designed logos, banners, websites, UI/UX, and managed client projects. (2013-2018)
    • Designed and developed websites, ensuring security using PHP, HTML, CSS, and JS. (2015-2020)
    • Scraped and analyzed data, and prepared research reports using Python, Selenium, and Scrapy. (2017-2020)
    • Deployed and secured applications in cloud-based solutions like AWS, Azure, Digital Ocean, and VPS. (2018 - Feb 2024)
    • Analyzed the security of web and mobile applications and servers, preparing detailed reports and remediation methods. (2018 - Feb 2024)
    • Fixed security issues and prepared future plan reports. (2018 - Feb 2024)
    • Automated server-based backups and created workflows for redundant tasks. (2018 - Feb 2024)
    • Mitigated and fixed issues caused by malware, server, or website takeover. (2019 - Feb 2024)
    • Worked with incident response and conducted malware analysis. (2020 - Feb 2024)
    • Assisted in preparing policies and standards for various organizations. (2020 - Feb 2024)

  • Head of Security
    Onsite Helper Pty Ltd, Melbourne, Australia

    Feb 2023 — Present


    • Led the adoption and management of compliance frameworks, including Essential Eight and ISO 27001, to uphold stringent security standards.
    • Directed comprehensive penetration testing and vulnerability assessments across diverse operating systems and applications, enhancing organizational security posture.
    • Managed Google Workspace integration and compliance, ensuring robust security measures aligned with corporate policies.
    • Provided strategic leadership for the HelpDesk team, streamlining responses to security and IT queries from onboarded clients to maintain high service levels.
    • Developed and implemented tailored security strategies for clients, reinforcing the MSSP's commitment to customized security solutions.
    • Maintained cutting-edge knowledge of security trends and technologies, fostering a culture of continuous improvement and resilience against emerging threats.
    • Spearheaded the development of incident response and disaster recovery plans, minimizing potential disruptions and safeguarding against data breaches.
    • Established governance structures to oversee security policies, audits, and compliance checks, ensuring accountability and transparency across all security initiatives.
    • Cultivated partnerships with technology vendors and other MSSPs, enhancing service offerings through collaborative security solutions.
    • Championed security awareness and training programs, empowering employees and clients with the knowledge to mitigate security risks.
    • Oversaw the deployment of advanced security tools and technologies, including SIEM systems, for real-time threat detection and response.
    • Guided the technical and strategic direction for cybersecurity initiatives, balancing innovation with risk management to protect organizational and client assets.

  • Freelance Security Engineer
    HL Support Pvt. Ltd., England and Wales

    Feb 2022 — Feb 2023


    • Regularly analyzed security-related issues and created detailed reports on Proof of Concepts of the vulnerabilities and issues identified.
    • Created automated backup solutions and maintained them from VPS to cloud storage mediums.
    • Maintained and fixed server and application-related issues, ensuring reliability, integrity, and confidentiality.
    • Collaborated with developers to fix potential operational issues.
    • Hardened servers and web applications for enhanced security.

  • Security Analyst Tier II
    Sanima Bank Ltd., Nepal

    Feb 2020 — Feb 2022


    • Updated tickets, wrote incident reports, and documented actions for false positive reduction.
    • Developed knowledge of attack types and fine-tuned detective capabilities such as writing SIEM alerts.
    • Examined system logs, established monitoring protocols, and conducted penetration testing.
    • Regularly monitored Information Security assets for security incidents.
    • Conducted investigations on security breaches, prepared reports, and suggested security enhancements to senior management.
    • Integrated Threat Intelligence with Intrusion Detection systems and maintained them regularly.

  • Project Manager/Security Engineer
    CICT (Covid-19 Contact Tracing Web App), Dhulikhel Hospital, Nepal

    Jan 2021 — June 2021


    • Hardened the entire server and application.
    • Managed the team and completed the project within the timeline.
    • Ran security analysis and penetration testing to identify and fix vulnerabilities.

  • Freelance Security Analyst
    Hamro Patro, Nepal

    Dec 2020 — June 2021


    • Identified security-related issues within the Hamro Patro mobile application, website, and server.
    • Created detailed reports on Proof of Concepts of the vulnerabilities.
    • Collaborated with the developer team to mitigate and fix the identified issues.

  • Security Engineer
    Eminence Ways Pvt. Ltd., Nepal

    Jul 2019 — Dec 2019


    • Performed Vulnerability Assessment and Penetration Testing for clients (onsite) and prepared reports.
    • Researched IoT-based security products and developed prototypes.

Research Papers

My Skills

  • Cybersecurity Operations
  • Penetration Testing
  • Server Hardening & Automation
  • Compliance & Governance
  • Threat Monitoring & Incident Response
  • Log Analysis
  • Malware Analysis
  • Automation & Scripting (Python/Bash)
  • Vulnerability Assessment
  • Cloud Security (AWS, Azure, GCP)
  • Containerized Deployment
  • Security Tools (BurpSuite, Nmap, Metasploit)
  • SIEM & Threat Detection (ELK, QRadar)
  • Reverse Engineering
  • Web Scraping & Data Analysis
  • Consultation & Security Strategy

Trainings

  • Autopsy Basics and Hands On

    Basis Technology

  • Incident Handling Hands-On Scenario & Malware Analysis

    CyberSecurity Malaysia

  • Cybersecurity Practices for Industrial Control Systems

    U.S. Department of Homeland Security

  • CNSS Certified Network Security Specialist

    International CyberSecurity Institute

  • Cyber Security Training Programme

    National Institute of Bank Management

  • Intermediate Python

    DataCamp

  • Lean Six Sigma White Belt in Engineering

    Aveta Business Institute

  • Fortinet Network Security Expert NSE 1 & 2

    Fortinet NSE Institute

  • Advanced Python

    PluralSight

  • ISO/IEC 27001 Information Security Associate Certification

    Skill Front

  • Ethical Hacker

    CISCO

  • Cyber Threat Management

    CISCO

  • Network Defence

    CISCO

Recognitions and Participations

  • Microsoft’s Hall of Fame (Security Flaw)

    Found a Security Flaw in Microsoft’s Site [October 31st, 2020]

    Microsoft Corporation

  • LTSP E-Library Project (Linux and Networking)

    Worked as a volunteer for HeNN E-library Project for 5 years (Monitored/Deployed at various sites)

    Help Nepal Network

  • Top 1% on TryHackMe

    One of the top 1% on TryHackMe

    TryHackMe

  • Top Rated Plus Freelancer

    A Top Rated plus freelancer on Upwork [Member since 2014]

    Upwork

  • Level 2 Seller

    A Level 2 seller on Fiverr [Member since 2013]

    Fiverr

  • TEDx Organizer

    Co-Organizer at TEDxYouth@Gyaneshwor (Technical Lead)

    TEDxYouth@Gyaneshwor

  • 1st Runner-Up - Capture the Flag Competition

    Attained the position of 1st Runner up at Global Cyber Security Summit 2018 Capture the Flag Event

    GCSS 2018, Nepal

  • KubeCon + CloudNativeCon Europe 2022

    Physically Attended KubeCon 2022 held at Valencia, Spain

    The Linux Foundation

  • Project Amplifire - US Embassy

    Worked as a designer for Project Amplifire

    US Embassy

  • Engineers Without Borders

    Collaborated with University of Colorado Boulder for Engineers without Borders Conducted Technical Survey of Kalinchowk Ward -1 Area using Drones

    Boulder, CO 80309, USA

  • Nirvana Home Studio International Internship (AIESEC)

    Worked as an intern for a month at Nirvana Home Studio under Photography, Videography, Design, and Editing

    Nirvana Home Studio, Bogor, Indonesia

  • Kathmandu University Computer Club

    Worked for 3 years as Executive Member, Club secretary & General Secretary

    Kathmandu University, Dhulikhel, Kavre

  • IT MEET

    Organized IT MEET 2017, 2018, and v8.0, developed Smart Panas app at IT MEET 2018

    Kathmandu University, Dhulikhel, Kavre

  • PostgreSQL International Conference 2018 Nepal

    Volunteered as a logistics Manager, Designer, and Photographer

    POSTGRESQL International Conference, Kathmandu University, Nepal

  • Turbine Testing Lab Website

    Designed and Developed Turbine Testing Lab Website

    Turbine Testing Lab, Kathmandu University

  • 1st Runner up - Design Competition

    Attained the position of 1st runner up at UG Bazzaar Dashain and Tihar Competition

    Kathmandu University

  • Internal YET Conference

    Organizer at Internal Youth Entrepreneurship Conference (Technical Lead)

    Internal Youth Entrepreneurship Conference, Kathmandu, Nepal

Certifications

Contact

Contact Form