Submitting more applications increases your chances of landing a job.

Here’s how busy the average job seeker was last month:

Opportunities viewed

Applications submitted

Keep exploring and applying to maximize your chances!

Looking for employers with a proven track record of hiring women?

Click here to explore opportunities now!
We Value Your Feedback

You are invited to participate in a survey designed to help researchers understand how best to match workers to the types of jobs they are searching for

Would You Be Likely to Participate?

If selected, we will contact you via email with further instructions and details about your participation.

You will receive a $7 payout for answering the survey.


User unblocked successfully
Rafi  Riswan, Network Security Engineer

Rafi Riswan

Network Security Engineer·ITSEC.

United Arab Emirates

Bachelor's degree, Information Technology

Work experience

Total years of experience: 3 years, 3 months

Network Security Engineer

October 2025 - Present

ITSEC.

Dubai, United Arab Emirates

October 2025 - Present

• Spearheaded multiple end-to-end VAPT engagements across client-facing digital assets and proprietary SaaS
platforms, collaborating closely with the CISO to strengthen enterprise security posture.
• Executed rigorous security QA and adversarial penetration testing on OTC crypto trading applications, helping
remediate 95%+ identified vulnerabilities across the DevOps lifecycle in coordination with development teams.
• Enforced 100% adherence to VARA regulatory compliance requirements across application layers, aligning
platforms with Dubais virtual asset governance framework.
• Administered and hardened enterprise endpoint security via Microsoft Entra ID, improving identity-driven Zero
Trust enforcement and reducing unauthorized access risks.
• Architected and audited network perimeter security controls including firewall reviews, ACL hardening, and
network segmentation, while strengthening VPN and ZTNA policies to reduce enterprise attack surface.

Company industry:
IT Services
Job role:
Information Technology

Cyber Security Analyst

October 2023 - October 2025

IconBlocks Inc.

New York, United States Remote

October 2023 - October 2025

• Conducted comprehensive VAPT against SaaS Products using Burp Suite, OWASP ZAP, Nessus, and MobSF,
identifying and reducing high-risk vulnerabilities by over 75%.

• Performed source code reviews (PHP, JavaScript, Node.js, TypeScript), uncovering 30% more issues than black
box testing alone and automated repetitive testing and validation tasks using Python and PowerShell

• Created detailed, developer-friendly VAPT reports with clear risk descriptions and actionable remediation steps,
helping teams resolve vulnerabilities efficiently to achieve overall system hardening by 90%.

• Provided training, security awareness guidelines, and technical support for 20+ developers, improving overall
security hygiene by significant levels.

Company industry:
Software Development
Job role:
Information Technology

Cyber Security and Privacy Intern

April 2023 - September 2023

Deloitte

Colombo 7, Sri Lanka Hybrid

April 2023 - September 2023

• Tested software against the OWASP framework and updated functionality statuses in reports; developed Proof of Concept (PoC) for identified vulnerabilities.

• Participated in client sessions and technical training, and conducted physical VAPTs at client locations using tools like Kali Linux, Nessus, Nmap, and Burp Suite.

Company industry:
Business Consultancy Services
Job role:
Information Technology

Education

Sri Lanka Institute of Information Technology (SLIIT)

September 2025

September 2025

Bachelor's degree, Information Technology

Sri Lanka

Skills

OWASP
Expert
OWASP
Expert
IT Security
Expert
IT Security
Expert
Web Application Security
Expert
Web Application Security
Expert
Penetration Testing
Expert
Penetration Testing
Expert
Vulnerability Assessment
Expert
Vulnerability Assessment
Expert
Burpsuite
Expert
Burpsuite
Expert
AWS Cloud
Intermediate
AWS Cloud
Intermediate
Mobile Application Security
Intermediate
Mobile Application Security
Intermediate
Cloud Security
Intermediate
Cloud Security
Intermediate
Nessus
Expert
Nessus
Expert
Vulnerability Assessment
Expert
Vulnerability Assessment
Expert
VAPT Report Writing
Expert
VAPT Report Writing
Expert
Penetration Testing
Intermediate
Penetration Testing
Intermediate
OWASP
Expert
OWASP
Expert
Machine Learning
Beginner
Machine Learning
Beginner
Web Application Security
Intermediate
Web Application Security
Intermediate
Linux
Expert
Linux
Expert
Security
Intermediate
Security
Intermediate
ISO 27001
Intermediate
ISO 27001
Intermediate
IT Security
Intermediate
IT Security
Intermediate
Cyber Security
Intermediate
Cyber Security
Intermediate
Network Security
Intermediate
Network Security
Intermediate
Information Security Management
Intermediate
Information Security Management
Intermediate
Information Security
Intermediate
Information Security
Intermediate
Project Management
Intermediate
Project Management
Intermediate
IT Project Management
Intermediate
IT Project Management
Intermediate
Cloud Computing
Intermediate
Cloud Computing
Intermediate
APPLICATION PROGRAMMING INTERFACE API
Intermediate
APPLICATION PROGRAMMING INTERFACE API
Intermediate
COMPUTER SECURITY
Intermediate
COMPUTER SECURITY
Intermediate
CYBER KILL CHAIN FRAMEWORK
Intermediate
CYBER KILL CHAIN FRAMEWORK
Intermediate
OFFENSIVE SECURITY
Intermediate
OFFENSIVE SECURITY
Intermediate
SAFETY ASSURANCE
Intermediate
SAFETY ASSURANCE
Intermediate
THREAT MODELING
Intermediate
THREAT MODELING
Intermediate
VULNERABILITY ASSESSMENTS
Intermediate
VULNERABILITY ASSESSMENTS
Intermediate

Languages

English

Expert

Tamil

Native Speaker

Arabic

Beginner

Training and Certifications

Certifications
AWS CERTIFIED CLOUD PRACTITIONER
ISC2 CERTIFIED APPSEC PRACTITIONER (CAP)
ISC2 CERTIFIED IN CYBERSECURITY (CC)

Hobbies and interests

Security Researcher

Got a hall of fame in NASA Vulnerability Disclosure Program