Open to opportunities

Hirusha User

@hirushauser

Message

Energetic cybersecurity professional with hands-on experience in GRC.

Sri Lanka

Message

What I'm looking for

I am looking for opportunities that allow me to grow in cybersecurity, focusing on risk management and compliance while contributing to organizational security.

I am an energetic cybersecurity professional with hands-on experience in Governance, Risk, and Compliance (GRC), vulnerability assessments, and incident response. My journey in cybersecurity has been marked by a commitment to enhancing organizational resilience through proactive security strategies and regulatory compliance.

Currently, I am an Information Security Analyst Intern at Sri Lanka CERT, where I coordinate cross-sector cybersecurity initiatives and assist in conducting national-level risk assessments. My previous role at Peoples Bank involved conducting vulnerability assessments and developing cybersecurity policies, which honed my skills in identifying risks and recommending actionable improvements. I am dedicated to fostering a culture of security awareness and compliance within organizations.

Experience

Work history, roles, and key accomplishments

Current

Information Security Analyst Intern

Current

Sri Lanka CERT|CC

Jan 2025 - Present (5 months)

Coordinated cross-sector cybersecurity initiatives, enhancing collaboration between public and private stakeholders. Assisted in conducting national-level cybersecurity risk assessments to identify critical infrastructure vulnerabilities and contributed to the development of risk management documentation. Supported IT audit processes by reviewing security controls, SLAs, NDAs, and internal cyberse

GRC Vulnerability Assessment Incident Response IT Audit Regulatory Compliance

Information Security Intern

Peoples Bank Head Office

Jul 2024 - Present (11 months)

Conducted comprehensive vulnerability assessments on internal and external digital banking platforms. Contributed to the development of cybersecurity policies for the Risk Management department and reviewed vendor reports, identifying risks and recommending improvements. Prepared clear, detailed reports outlining technical findings, risk assessments, and mitigation strategies for both technical te

Vulnerability Assessment Risk Management Vendor Management

Education

Degrees, certifications, and relevant coursework

Sri Lanka Institute of Information Technology (SLIIT)

BSc(Hons), Information Technology Specializing in Cyber Security

Pursuing a comprehensive Bachelor of Science (Honors) degree focusing on the core principles and advanced practices of cybersecurity. The curriculum covers areas such as information security, network security, and risk management.