Jobyer Ahmed

About Jobyer Ahmed

Founder and Cybersecurity Professional

Founder of Bytium. OSCE3-certified cybersecurity expert with deep experience in pentesting, red-teaming, and secure product strategy.

Jobyer Ahmed
Jobyer Ahmed
Founder and Cybersecurity Professional

Who I am

Hi—I’m Jobyer Ahmed, a Security Pro & Entrepreneur. I help companies harden critical apps and ship secure products. I’ve led audits, pentests, and security strategy for startups and growth-stage teams. Beyond hands-on security work, I build and advise product teams on “security by design”, org readiness, and GTM for security offerings.

When I’m not threat-modeling, I’m exploring product ideas, writing, or dialing in an espresso shot ☕.

Core skills

Certifications & Badges

Offensive Security Certified Expert 3 (OSCE3)
OffSec
Offensive Security Exploit Developer (OSED)
OffSec
Offensive Security Web Expert (OSWE)
OffSec
Offensive Security Experienced Penetration Tester (OSEP)
OffSec
RastaLabs
Hack The Box
Offensive Security Certified Professional (OSCP)
OffSec
Ethical Hacking: Hacking Web Servers and Web Applications
LinkedIn
Advanced+ Penetration Testing Certified
Virtual Hacking Labs
Penetration Testing
Virtual Hacking Labs
CompTIA Network Vulnerability Assessment Professional – CNVP
CompTIA
CompTIA PenTest+ ce
CompTIA
CompTIA Security+ ce
CompTIA
Google IT Support Professional Certificate
Google

Research: CVEs & Exploits

Tools I use

Timeline

Cybersecurity Expert & Founder Bytium LLC • Jan 2024 — Present · New York, USA
Leads Bytium LLC, a global cybersecurity and IT consulting firm protecting SMBs from modern cyber threats. Provides senior-led penetration testing, vulnerability assessment, and red-team advisory services. Manages client delivery, strategy, and technical leadership across engagements.
Senior Consultant BrosPly Ltd • 2021 — 2023 · Remote
Consulted with SaaS and fintech teams on secure design and architecture. Conducted web and API penetration tests, threat modeling, and risk analysis. Delivered security awareness and incident readiness programs.
Founder & Cybersecurity Researcher Rednode Services Ltd • Feb 2022 — Jan 2024 · Dhaka / Remote
Established a research-focused security lab performing exploit development, Active Directory exploitation, and vulnerability research. Published multiple CVEs, exploit advisories, and trained engineers on secure development.
Penetration Tester Red Team Partners (Contract) • Oct 2022 — May 2023 · London, UK
Performed enterprise-grade penetration testing for web, infrastructure, and cloud environments. Delivered detailed, developer-ready remediation reports with business impact analysis.
Cyber Security Specialist Freelancer.com • Jun 2020 — Dec 2021 · Remote
Performed black-box web and network pentests for global SMB clients. Delivered actionable findings and remediation verification.
Cyber Security Specialist Cyber Armed Security • Jan 2021 — Aug 2021 · United Kingdom
Executed web application penetration testing, authored in-depth technical reports, and validated fixes post-remediation.
Cyber Security Specialist Self Employed • Feb 2010 — Jun 2021 · Remote
Provided independent consulting in web security, vulnerability scanning, and incident response. Helped clients implement remediation and strengthen overall security posture.
CTF Player Hack The Box • May 2018 — Jan 2020 · Remote
Completed RastaLabs (Active Directory-focused lab). Specialized in lateral movement, privilege escalation, and red-team simulation.
Technical Support Specialist Self Employed • Feb 2007 — Jan 2014 · Remote
Delivered remote troubleshooting and IT administration, forming the foundation of deep technical problem-solving skills.

FAQ

What types of pentests do you run?
Black/gray box web apps, APIs, mobile (basic), and cloud posture checks; reports include remediation paths.
Do you sign NDAs and handle sensitive systems?
Yes. Standard security and legal processes are in place.
How do I engage you for a pentest or security audit?
Start by contacting me via the contact page with a brief scope and timeline. I’ll provide a written proposal with deliverables, timeline, and pricing.
What does a typical report look like?
Reports include an executive summary, prioritized findings, technical details, reproduction steps, and recommended fixes with severity ratings.
Do you offer training or workshops?
Yes — I offer tailored workshops for secure development practices, manual pentesting fundamentals, and red team awareness sessions. Contact for availability and pricing.