About Jobyer Ahmed

Founder and Cybersecurity Professional

Founder of Bytium. OSCE3-certified cybersecurity expert with deep experience in pentesting, red-teaming, and secure product strategy.

Work with me Read the blog

GitHub LinkedIn Twitter/X

Jobyer Ahmed

Founder and Cybersecurity Professional

Work with me

Who I am

Hi—I’m Jobyer Ahmed, a Security Pro & Entrepreneur. I help companies harden critical apps and ship secure products. I’ve led audits, pentests, and security strategy for startups and growth-stage teams. Beyond hands-on security work, I build and advise product teams on “security by design”, org readiness, and GTM for security offerings.

When I’m not threat-modeling, I’m exploring product ideas, writing, or dialing in an espresso shot ☕.

Core skills

Web App PentestingThreat ModelingRed Team AdvisorySecurity ArchitectureActive DirectoryCloud SecurityIncident ReadinessAWSDockerPythonC/C++Assembly languageExploit development

Certifications & Badges

Offensive Security Certified Expert 3 (OSCE3)

OffSec

Offensive Security Exploit Developer (OSED)

OffSec

Offensive Security Web Expert (OSWE)

OffSec

Offensive Security Experienced Penetration Tester (OSEP)

OffSec

RastaLabs

Hack The Box

Offensive Security Certified Professional (OSCP)

OffSec

Ethical Hacking: Hacking Web Servers and Web Applications

Advanced+ Penetration Testing Certified

Virtual Hacking Labs

Penetration Testing

Virtual Hacking Labs

CompTIA Network Vulnerability Assessment Professional – CNVP

CompTIA

CompTIA PenTest+ ce

CompTIA

CompTIA Security+ ce

CompTIA

Google IT Support Professional Certificate

Google

Research: CVEs & Exploits

CVEs

CVE-2024-8784 CVE-2024-8945 CVE-2024-8867 CVE-2024-9030 CVE-2025-3219 CVE-2025-3219

Exploits & Advisories

RISE CRM 3.7.0 - SQL Injection Exploit

Tools I use

Burp SuiteCobalt StrikeCore ImpactBloodHoundOWASP ZAPNmapMetasploitsqlmapffufwfuzzNiktoWiresharkWazuhChrome DevToolsPostmanAWSDockerGitHub Actions

Timeline

Cybersecurity Expert & Founder Bytium LLC • Jan 2024 — Present · New York, USA

Leads Bytium LLC, a global cybersecurity and IT consulting firm protecting SMBs from modern cyber threats. Provides senior-led penetration testing, vulnerability assessment, and red-team advisory services. Manages client delivery, strategy, and technical leadership across engagements.

Senior Consultant BrosPly Ltd • 2021 — 2023 · Remote

Consulted with SaaS and fintech teams on secure design and architecture. Conducted web and API penetration tests, threat modeling, and risk analysis. Delivered security awareness and incident readiness programs.

Founder & Cybersecurity Researcher Rednode Services Ltd • Feb 2022 — Jan 2024 · Dhaka / Remote

Established a research-focused security lab performing exploit development, Active Directory exploitation, and vulnerability research. Published multiple CVEs, exploit advisories, and trained engineers on secure development.

Penetration Tester Red Team Partners (Contract) • Oct 2022 — May 2023 · London, UK

Performed enterprise-grade penetration testing for web, infrastructure, and cloud environments. Delivered detailed, developer-ready remediation reports with business impact analysis.

Cyber Security Specialist Freelancer.com • Jun 2020 — Dec 2021 · Remote

Performed black-box web and network pentests for global SMB clients. Delivered actionable findings and remediation verification.

Cyber Security Specialist Cyber Armed Security • Jan 2021 — Aug 2021 · United Kingdom

Executed web application penetration testing, authored in-depth technical reports, and validated fixes post-remediation.

Cyber Security Specialist Self Employed • Feb 2010 — Jun 2021 · Remote

Provided independent consulting in web security, vulnerability scanning, and incident response. Helped clients implement remediation and strengthen overall security posture.

CTF Player Hack The Box • May 2018 — Jan 2020 · Remote

Completed RastaLabs (Active Directory-focused lab). Specialized in lateral movement, privilege escalation, and red-team simulation.

Technical Support Specialist Self Employed • Feb 2007 — Jan 2014 · Remote

Delivered remote troubleshooting and IT administration, forming the foundation of deep technical problem-solving skills.

FAQ

What types of pentests do you run?

Black/gray box web apps, APIs, mobile (basic), and cloud posture checks; reports include remediation paths.

Do you sign NDAs and handle sensitive systems?

Yes. Standard security and legal processes are in place.

How do I engage you for a pentest or security audit?

Start by contacting me via the contact page with a brief scope and timeline. I’ll provide a written proposal with deliverables, timeline, and pricing.

What does a typical report look like?

Reports include an executive summary, prioritized findings, technical details, reproduction steps, and recommended fixes with severity ratings.

Do you offer training or workshops?

Yes — I offer tailored workshops for secure development practices, manual pentesting fundamentals, and red team awareness sessions. Contact for availability and pricing.