Cyber Security & Digital Forensics graduate (BSc Hons, University of the West of England). SOC operations, cybercrime investigation, forensic casework, AI-driven threat detection, and ISO/IEC 27001:2022 GRC — trained inside a bank's security floor and Nepal's Cyber Bureau.
Where the technical, investigative, and compliance sides of security meet.
I'm a Cyber Security and Digital Forensics graduate from The British College, Kathmandu, affiliated with the University of the West of England, Bristol. My work sits across four areas that don't usually live in one CV: live security operations, courtroom-facing forensic investigation, applied AI for threat detection, and governance/compliance frameworks.
That range comes from where I trained. At Kumari Bank Limited, I worked inside real SOC operations — CrowdStrike Falcon, SIEM alert triage, privileged access management. At the Cyber Bureau, Nepal Police, I sat with investigators handling actual cybercrime cases under Nepal's Electronic Transaction Act 2063, learning evidence handling, chain of custody, and how findings get presented to a court.
Academically, I build things rather than just study them: a phishing classifier at 98.85% accuracy, an LLM prompt-injection firewall, an AI-assisted SIEM, and a full ISO/IEC 27001:2022 ISMS proposal for a multinational health consultancy.
Five working areas, each backed by hands-on tooling, not just theory.
SIEM monitoring, CrowdStrike Falcon, threat detection & response, privileged access management, patch management, incident reporting, banking-grade security auditing.
Cybercrime investigation, evidence collection & preservation, chain of custody, forensic image analysis using Autopsy, FTK Imager, Cellebrite, Magnet AXIOM, Belkasoft, Passware Kit Forensics.
Phishing detection, email security, LLM security & prompt-injection defense, anomaly detection, malware classification, insider-threat analytics, NLP, explainable AI (LIME).
ISO/IEC 27001:2022 compliance & ISMS design, Annex A control mapping, risk assessment, risk registers, risk treatment, vendor risk, healthcare cybersecurity governance.
Python, Flask, C, C++, Bash, SQL, MongoDB, Apache Spark, Pandas, NumPy, Matplotlib, NetworkX, HTML/CSS, Arduino.
Two placements, two very different sides of the same fight — defending a bank's perimeter, and investigating after the fact.
Applied security and machine learning, end to end — from raw data to a deployable interface.
Secure Flask web app classifying emails as phishing or legitimate. TF-IDF + SMOTE + SVC on 164,953 emails, with LIME explainability so analysts can see which words drove each prediction. Hardened with bcrypt, 2FA (PyOTP/TOTP), RBAC, and HTTPS/TLS.
Combines traditional ELK Stack log aggregation with Isolation Forest models to surface unusual login attempts and system-access behaviour that rule-based SIEM alone would miss.
Real-time firewall detecting and blocking prompt-injection and jailbreak attempts against LLMs — regex + NLP filters, role-separated prompt design, attack logging, and an admin dashboard.
Two-part assessment: prompt-injection exploitation against LLMs, plus a structured five-phase penetration test demonstrating SQLi, XSS, command injection, and reverse-shell access with documented mitigations.
Three-part study: packet-capture traffic investigation, malware-family classification across 28,000 samples / 14 families, and multi-source insider-threat analysis (login, USB, web, file, email logs).
Full data-science pipeline — cleaning, segmentation, anomaly detection. Random Forest model hit 99% accuracy on DoS Hulk detection; unsupervised learning flagged potential insider-threat behaviour.
Simulated forensic investigations, built and presented the way a real case package would be — statement, timeline, evidence map, and a verified image.
Built a complete simulated cybercrime case package: case statement, evidence map, investigative timeline, evidence items, concealment artifacts, and a verified E01 forensic image. Mapped evidence across obsession, escalation, a police-warning violation, third-party surveillance, and concealment phases. Presented the case to an instructor serving as DSP in the Cyber Bureau, Nepal Police.
Simulated forensic examinations on Windows XP E01 images using read-only methods, hash verification, artifact analysis, registry examination, and timeline reconstruction. Investigated concealment, deleted artifacts, encrypted containers, and steganography indicators, with contemporaneous notes throughout.
Loaded and validated a forensic image with dual-hash verification, recovered deleted files, analyzed registry hives and email artifacts, reconstructed a timeline, and produced a formal forensic report.
Translating frameworks and law into controls — and into arguments at the negotiating table.
Co-led an ISMS proposal for MediCore Consulting Pvt. Ltd., a Nepal-headquartered multinational health consultancy with offices in Kathmandu, London, Amsterdam, and New York.
Contributed risk identification, scoring, and treatment for the Payment Gateway, Third-Party Vendor Access, Multi-Cloud Data Exposure, and Physical Infrastructure at the Nepal HQ — plus Annex A control mapping and regulatory alignment.
Built a web-based AD audit tool automating security checks across 87 controls, mapping findings to ISO/IEC 27001:2022 Annex A Section 8, and generating HTML/PDF reports — Flask backend, PowerShell over WinRM, YAML-based audit playbooks.
Findings covered password policy, LDAP signing, firewall profiles, removable storage, logging, PowerShell visibility, domain controller redundancy, and security event log configuration.
Simulated a Russia delegation on cyberspace demilitarization and legally binding cyber norms. Researched Russia's Information Security Doctrine, National Security Strategy, Sovereign Internet Law, Runet, and UN cyber-governance positions to support negotiation strategy — building skills in cyber diplomacy and position-statement writing under pressure.
What's actually in the kit, organized the way a forensics workstation would tag it.
Open to roles in SOC analysis, digital forensics, security operations, AI security, and GRC. Based in Kathmandu, Nepal — available for remote and on-site work.