•8 min read•Governance & Compliance
ISO 27001 Controls Made Practical
Translating 'Access Control' and 'Asset Management' into real-world IT actions.
#ISO 27001#GRC#Compliance
I am Al Imran Bhuyan
Cybersecurity Engineer & GRC Specialist
I bridge the gap between complex security regulations and practical, automated technical controls. Specializing in GRC, Security Automation, and Infrastructure.
security-audit.sh
➜~init_security_scan --target=infrastructure
Initializing scanner...
Loading compliance modules [ISO 27001, NIS2]...
Checking container security...
✓ Vulnerability assessment complete
✓ Compliance checks passed
➜~
Core Competencies
GRC & Compliance
ISO 27001, NIS2, GDPR, EU AI Act. Translating regulations into technical controls.
Security Automation
Python, Bash, CI/CD pipelines. Automating threat intelligence and reporting.
Infrastructure
Docker, Kubernetes, Networking (TCP/IP, DNS, TLS). Hardening systems.
Security Ops
Wazuh, Suricata, ELK Stack. Monitoring, detection, and incident response.
Featured Projects
View allISMS Training Platform Design
Designed the content structure and user journey for an ISO 27001 compliant security awareness training platform.
FigmaMarkdownLMSISO 27001
View Project
Regulatory Monitoring Automation
Automated pipeline for tracking regulatory changes using RSS feeds, LLM summarization, and Slack notifications.
PythonOpenAI APISlack APIRSS
View Project
Threat Signal Pipeline
Serverless pipeline for ingesting and correlating threat intelligence indicators (IOCs) using GCP Cloud Run and BigQuery.
GCP Cloud RunBigQueryPythonPub/Sub
View Project
Latest from the Blog
Read all•10 min read•Security Tools & Labs
Getting Started with Suricata IDS
Setting up your first Intrusion Detection System with Suricata. Writing basic rules.
#Suricata#IDS#Blue Team
•8 min read•Protocols & Networking
TLS Handshake Explained Step-by-Step
A deep dive into how the TLS 1.3 handshake works, packet by packet. No magic, just bytes.
#TLS#Networking#Encryption
Let's Connect
I'm always open to discussing security automation, compliance challenges, or new opportunities.
Get in Touch