Enterprise cybersecurity architect with 7+ years shaping security strategy, architecture, and governance across IT–Telco environments. Trusted to protect mission-critical platforms at Bangladesh's second-largest telecom operator.
// about me
I'm Rejwan Ahmed, an Associate Manager of Cyber Security Planning at Robi Axiata PLC — Bangladesh's second-largest mobile network operator and an Axiata Group subsidiary. I architect and govern cybersecurity across IT–Telco systems that serve tens of millions of subscribers.
My work sits at the intersection of security strategy, enterprise architecture, and risk management. I lead end-to-end information security assessments, vulnerability management programs, and cross-functional security projects — while translating complex threats into governance actions the business can act on.
Before pivoting into cybersecurity leadership, I built a strong foundation in full-stack software engineering and enterprise systems delivery. That dual fluency — developer intuition combined with security mindset — shapes how I approach DevSecOps, application security, and secure-by-design architecture.
Beyond Robi, I serve as Adjunct Faculty at United International University (UIU), teaching a Software Engineering Lab that integrates real-world DevSecOps practices into the next generation of engineers.
Designing enterprise security blueprints aligned to Zero Trust, NIST, CIS, and ISO 27001 for complex IT–Telco environments.
300+ IS assessments for critical platforms including CBS, HLR/HSS, SIM Provisioning, IAM/PAM, and customer-facing services.
Embedding security into CI/CD pipelines via SAST/DAST, container security, and API security across development lifecycles.
Adjunct Faculty at UIU, designing industry-grade lab curricula that bridge academic software engineering with enterprise security.
// career journey
Lead enterprise cybersecurity architecture and security governance strategy across complex IT–Telco infrastructure
Drive security framework compliance (NIST, CIS, ISO 27001, Zero Trust, MBSS) at organizational scale
Oversee security platforms including TrendMicro XDR, Tenable SC, Acunetix, Burp Suite, and AlgoSec
Lead CAPEX/OPEX planning, business case development, and extended cybersecurity team coordination
Performed 300+ end-to-end IS assessments for IT–Telco projects including CBS, EasyLoad, MyRobi/MyAirtel, HLR/HSS, SIM Provisioning, IAM, and PAM platforms
Automated IS assessment and approval workflow — reducing manual processing time significantly
Led Trend Micro XDR enterprise-wide rollout across the organization
Managed VA/PT lifecycle using Tenable SC, Acunetix, Burp Suite; coordinated remediation with vendors
Executed security monitoring, incident investigation, ERM/BCM support, and IS awareness programs
Conducted RFQ/RFI procurement for cybersecurity platforms and managed external security service providers
Managed full enterprise IT systems lifecycle: E2E solution design, implementation, UAT, OLA, deployment, and operations
Led design and deployment of DAM (Telco asset automation), Contact Center Solution, Queue & POS, Provident Fund, DMS, eBusiness Card, PABX, and NGP systems
Governed SLA compliance, CAPEX/OPEX planning, procurement, vendor management, and partner payments
Oversaw BCP/DR planning, system maintenance, performance monitoring, and incident management
Designed and developed enterprise banking systems: Collateral Security Management System (CSMS), Litigation Management System (LMS), and Zero-Coupon Bond Management System
Delivered full-stack web application development and solution architectures for banking clients
Served as primary PoC for client communication, UAT facilitation, and SLA tracking
Provided operational support and O&M activities ensuring smooth departmental operations
Prepared and analyzed business reports for operational insights and decision-making
// technical expertise
// key initiatives
Led the organization-wide deployment of Trend Micro XDR across Robi Axiata's enterprise IT infrastructure. Coordinated agent onboarding, policy configuration, alert tuning, and integration with incident response workflows to deliver centralized endpoint detection and response at scale.
Designed and implemented an automated Information Security assessment and approval workflow, replacing manual processes for 300+ IT–Telco project security reviews. Significantly reduced cycle time for IS approval while improving consistency and auditability across compliance checkpoints.
Full-stack design and development of three mission-critical banking systems: Collateral Security Management System (CSMS), Litigation Management System (LMS), and Zero-Coupon Bond Management System. Delivered end-to-end solution architecture, implementation, and UAT for institutional banking clients.
Led end-to-end design and deployment of the Digital Asset Management platform for Robi's enterprise Telco infrastructure, alongside Contact Center Solution, Queue & POS systems, Provident Fund platform, DMS, and NGP — transforming operations across multiple business units.
Designed an industry-grade Software Engineering Lab at United International University integrating DevSecOps across the full SDLC. The 6-phase curriculum covers Git workflows, Docker, CI/CD with GitHub Actions, REST APIs, security testing, and deployment — far beyond conventional CRUD-focused labs.
Managed continuous vulnerability assessment and penetration testing programs across Robi's critical platforms — CBS, MyRobi/MyAirtel, HLR/HSS, SIM Provisioning, EasyLoad, IAM, and PAM — using Tenable SC, Acunetix, and Burp Suite. Coordinated remediation tracking with vendors and internal teams.
// credentials
Cisco · Security Operations & SOC Analytics
Cisco Certified Network Associate
AZ-900 · Microsoft Azure
Red Hat Certified System Administrator
Certified Kubernetes Administrator
Amazon Web Services · Cloud Architecture
Secure Software Development Lifecycle
// research
// academic background
// knowledge sharing
Teaching a lab-first Software Engineering course that diverges from traditional CRUD-based pedagogy. The curriculum is structured around a six-phase real-world development lifecycle — from requirements engineering through DevSecOps-integrated CI/CD deployment.
Students work in 2–5 member teams using an industry-standard stack (Django + React + PostgreSQL + Docker Compose) to build and secure full applications from the ground up, with security integrated at each phase rather than treated as an afterthought.
// get in touch
Whether you're looking for a cybersecurity architect, a security consultant, a technical collaborator, or want to discuss enterprise security strategy — I'd love to hear from you.
With 7+ years in enterprise security architecture and a track record of protecting critical Telco infrastructure, I bring both strategic depth and hands-on technical capability to security leadership roles.
I'm particularly interested in opportunities at the intersection of security architecture, cloud security, and DevSecOps leadership — where I can help organizations build security into the fabric of their systems, not just bolt it on.