Cybersecurity Professional Profile · 2026

Nisal Priyanka

Associate Lead Security Engineer · TechCERT

~/nisal/whoami.sh

$ cat profile.json
{
  "role": "Offensive Security",
  "org": "TechCERT.lk",
  "focus": ["red_team", "malware", "vapt"],
  "status": "breaking_things"
}
$ 

whoami

Offensive security professional and Cyber Security Researcher. I lead security engineering at TechCERT, Sri Lanka's most trusted cybersecurity institution, with hands-on expertise across malware analysis, red teaming, and enterprise security. I spend my days breaking what matters, building what defends it, and teaching others to do both.

Yrs Active

Organisations

∞

Bug Bounty

Core Competencies

Malware Analysis Reverse Engineering Red Teaming VAPT · Web / API VAPT · Network / Cloud White Hat Hacking ISO 27001:2022 Security Consultation Security Tool Dev AI / LLM Security Full Stack Dev DevOps & Infra

What I Do

🦠

Malware Analysis

Dissecting advanced malware and emerging evasion techniques used by modern attackers — turning findings into actionable intelligence.

⚔️

Red Team Content

Developing real-world malware samples, offensive tooling, and red team scenarios for training, research, and adversary simulation.

🔐

Thick Client Security

Security assessments of proprietary desktop applications — identifying design weaknesses, cracking resistance, and runtime vulnerabilities.

🌐

Web / API / Network VAPT

End-to-end vulnerability assessment and penetration testing across web applications, APIs, and enterprise network infrastructure.

🔑

IAM Assessment

Auditing organisational Identity & Access Management systems — reviewing configurations, roles, and trust boundaries.

🛠️

Security Tool Dev

Building custom offensive and defensive security tools — integrating AI and LLM capabilities for real-world deployment.

🎯

Hands-On Awareness Sessions & Industry Lectures

Delivering practical, scenario-based cybersecurity awareness training to corporate clients — real simulations, not slides. Also serving as a guest visiting lecturer at the University of Moratuwa and other institutions.

Experience

TechCERT CURRENT

Associate Lead Security Engineer · Offensive Security, VAPT, Red Teaming, Cloud & Network Security

EY · Ernst & Young

Engagement Consultant

Epic Lanka

Information Security Analyst

Yunly International Marketing

Cyber Security & DevOps Engineer

Fiverr

Full Stack Developer · Freelance software and tool development

Bug Bounty LK · INTL

Active responsible disclosure across local and global platforms

Education & Certifications

MSc in Cyber Security

SLIIT · Postgraduate · Information Security

BSc (Hons) Information Technology

SLIIT · Specialisation in Cyber Security

CQI IRCA Certified

ISO/IEC 27001:2022 Lead Auditor

Ongoing Research & Development

🛡️

Cyber Intelligence Platform

AI-Driven · Built for Analyst Workflows

Active Dev

An AI-driven cybersecurity intelligence platform that consolidates vulnerability data, threat intelligence, and exploit knowledge into a single analyst workspace — accelerating analysis, reporting, and research for security practitioners and red teams.