Tinusha Savidya

I try to find the cracks before the hackers do.

Combines resilient security architecture with automated vulnerability discovery. Focusing on making defense simple and clean.

Latest Articles
View all articles →
Latest Projects
View all projects →

Security Undergraduate • Security Architecture and Forensics

Security Engineer equipped with technical exposure in multi-host digital forensics and threat detection. Proven ability to preserve data continuity and synthesize findings into formal technical reports with hands-on experience securing SaaS systems and end-to-end VAPT.

Professional Experience
System Administrator Associate Trico Maritime (Pvt) Ltd (May 2026 - Present)

Manage enterprise systems and networks. Autonomously design, deploy, monitor, and manage defensive measures.

Academic Qualifications
BSc in Cyber Security Edith Cowan University (2024 – Expected Nov 2026)
Foundational Diploma in Computing, IT & Engineering ACBT and Edith Cowan College (2023 – 2024)
Secondary Education, GCE O/L St. Anthony's College, Wattala, Sri Lanka (2022)
Languages English (Proficient) and Sinhala (Native)
Core Competencies
SOC & Forensics

Incident Handling & Response, Digital Forensics, CoC, SIEM/SOAR, IAM, Cyber Defence, DLP, Digital Key Management, RCA.

Vulnerability & Malware Labs

Binary Reverse Engineering, Exploitation Techniques, Vulnerability Scanning, Behavioural Analysis, Protocol Dissection.

Network & Cloud

Cloud & Network Architecture, Database, Network Telemetry, Sandboxing/Containers.

Compliance

Risk-Based Judgment, Compliance Frameworks, IR Planning, Technical Report Writing.

Technical Exposure

SecOps: Microsoft Sentinel, Splunk, Elastic Security, Wireshark, Zeek

Forensics & Analysis: Autopsy, IDA, ANY.RUN, KAPE, Cutter, Ghidra, FTK

Infrastructure: Docker, SQL, Bash, Python, PowerShell, YARA

Offensive: Metasploit, BurpSuite, BloodHound

Defensive: CrowdStrike Falcon, Google SecOps, Elastic Security, Suricata, ManageEngine

Secure Systems & Research Portfolio
Corporate Forensic Investigation & Evidence Preservation (Simulated)

Full lifecycle forensic investigation into policy violation. Deployed procedures for data collection, retention, and chain of custody. Used Volatility 3, Autopsy, and Plaso for host-based image collection and memory forensics. Reconstructed attack from telemetry and generated Supreme Court-admissible expert witness report.

Inventory Management and Forecasting for SMEs

Predictive Decision Support System in Flutter and FastAPI using smoothing and EOQ. Authored vulnerability assessment report, overhauled system architecture, deployed backups, implemented MFA, and administered application security.

Aegis C2 Malware

Developed evasive fileless Command & Control Worm in Python simulating APT behavior to successfully hide Windows behavioral and network-layer telemetry.

Malware Reverse Engineering & IoT Monitoring

Bypassed anti-debugging and performed static/dynamic analysis on a zombie worm and botnet using IDA and x64dbg. Deployed T-Pot and Cowrie honeypots for cloud-native IoT monitoring and real-time response to anomalies.

Writing on digital forensics, security architecture, and threat research.
For the full collection, visit blog.tinusha.com.

Latest Articles
Compliance Ledger for Sri Lanka's Personal Data Protection Act

A technical note on regulatory compliance requirements and the design of a cryptographic compliance ledger under the Sri Lankan PDPA framework.

Anatomy of the Accenture Data Breach (July 2026)

An analysis of the July 2026 security incident at Accenture, investigating threat actor vectors, breach impacts, and architectural remediation steps.

A collection of secure systems, malware reverse engineering, and digital forensics projects.

Projects
Fuel — Metabolic Tracker

A metabolic tracker that calculates your precise TDEE. Uses moving averages and regression models to filter out temporary weight fluctuations. Continuously updates calorie and macronutrient targets based on progress to prevent stalls and guarantee predictable results.

Inventory Management and Forecasting for SMEs

Engineered a predictive Decision Support System using Flutter and FastAPI. Applied smoothing and EOQ to maximize capital efficiency, conducted vulnerability assessments, and implemented MFA and backups.

Aegis C2 Malware

Developed evasive fileless Command & Control Worm in Python simulating behavior of Advanced Persistent Threats. Successfully hid Windows behavioral and network-layer telemetry.

Reach me at hello@tinusha.com and @tinusha

Based in GMT+5:30, Typically responding within 24 hours.

Message copied!

Article Title