About Jobyer Ahmed
Finding what attackers would find. Red-team operations, exploit development, and executive advisory, since 2010.
I'm Jobyer Ahmed, an offensive security researcher and founder of Bytium LLC. For fifteen years I've worked the attacker side of the table: red-teaming enterprises, breaking software others assumed was solid, and helping leaders turn findings into decisions they can defend.
My week is genuinely mixed. I might reverse-engineer a CRM appliance to find a bug nobody else has spotted, run a full-scope engagement against a production network, then sit in a boardroom and explain why the issue should change next quarter's roadmap. The hands-on work and the advisory work feed each other.
I hold nine industry certifications, including OSCE³, CISSP, and OSCP. The full list is below. What they don't capture is the working philosophy behind them: rigorous about evidence, honest about uncertainty, aligned with what the business actually needs to protect.
I founded Bytium LLC in 2024 to do this work at scale with a small, senior team. Before that I ran Rednode Services Ltd, a research lab that published CVEs against widely-deployed software and trained offensive operators. Those disclosures, and the engagements behind them, are catalogued below.
Experience
8 positions
Jan 2024 — Present
CurrentFounder & Security Lead
Bytium LLC
Cybersecurity consulting focused on offensive security, penetration testing, and security engineering.
2022 — 2024
Security Consultant & Advisor
BrosPly Ltd · Remote
Cybersecurity consulting on architecture, vulnerability assessment, and compliance alignment.
Feb 2022 — Jan 2024
Founder & Cybersecurity Researcher
Rednode Services Ltd
Established a security lab for exploit development and vulnerability research; published CVEs.
Oct 2022 — May 2023
Penetration Tester (Contract)
Red Team Partners · London, UK
Enterprise penetration testing across web, infrastructure, and cloud environments.
Jan 2021 — Aug 2021
Penetration Tester
Cyber Armed Security · United Kingdom
Jun 2020 — Dec 2021
Penetration Tester
Freelancer.com · Remote
Feb 2010 — Jun 2021
Cyber Security Specialist
Self-employed
Feb 2007 — Jan 2014
Technical Support Specialist
Self-employed
Certifications
9 total
Flagship
OffSec
Offensive Security Certified Expert 3 (OSEP + OSWE + OSED)
OffSec's most advanced offensive designation, earned by completing the three expert-level exams below: Experienced Penetration Tester, Web Expert, and Exploit Developer.
CISSP
Certified Information Systems Security Professional
OSCP
Offensive Security Certified Professional
OSEP
Offensive Security Experienced Penetration Tester
OSWE
Offensive Security Web Expert
OSED
Offensive Security Exploit Developer
CNVP
CompTIA Network Vulnerability Assessment Professional
PenTest+
CompTIA PenTest+ (CE)
Security+
CompTIA Security+ (CE)
Published CVEs
CVEs and coordinated disclosures, public or post-embargo.
- CVE-2026-77832026
SQL Injection
Perfex CRM ≤ 3.4.1
medium· 6.3CVE-2026-7783medium· 6.3SQL Injection
Perfex CRM ≤ 3.4.1
2026 - CVE-2026-77822026
Authorization Bypass in Clients::project
Perfex CRM ≤ 3.4.1
medium· 6.3CVE-2026-7782medium· 6.3Authorization Bypass in Clients::project
Perfex CRM ≤ 3.4.1
2026 - CVE-2025-32192025
Stored XSS in Project Discussion
Perfex CRM 3.2.1
mediumCVE-2025-3219mediumStored XSS in Project Discussion
Perfex CRM 3.2.1
2025
Publications & recognition
- Exploit-DB #52100 — RISE CRM 3.7.0 SQL Injection Exploit2024
- Hack The Box · RastaLabs completion
- Training workshops on secure development and pentestingOngoing