Available for Hire

Thinking Like an Adversary

Offensive Security Specialist & Full-Stack Developer. I bridge the gap between building secure systems and breaking them—delivering robust solutions that stand the test of attacks.

Explore Work Download Resume
Toronto, ON
Niraj Thapa

CURRENT STATUS

Escalating Privileges...

// About Me

Decoding Complexity,
Securing the Future.

As an Ethical Hacker and Full-Stack Developer, I operate at the intersection of creation and deconstruction. I don't just build systems; I stress-test them to their breaking points.

My philosophy is simple: "You can't defend what you don't understand." By mastering the offensive tools of the trade—Kali Linux, Metasploit, Python exploits—I bring a unique adversary perspective to software architecture, ensuring security is baked in from line one, not bolted on as an afterthought.

4+

Years Experience

20+

Projects Shipped

50+

Vulnerabilities Code

5+

Certifications

Red Teaming

Simulating advanced persistent threats (APTs) to test organizational resilience against real-world attacks.

Blue Teaming

Strengthening digital perimeters through proactive defense, SIEM analysis, and threat hunting.

Bug Bounty

Leveraging freelance platforms to responsibly disclose critical vulnerabilities in Fortune 500 companies.

Cryptography

Implementing robust encryption standards and secure key management systems for data protection.

Download Full Resume

Get the detailed PDF version.

Download
// Career Log

Professional Experience

March 2025 - PresentActive

Customer Service Associate

Scotiabank Toronto, Canada
  • Orchestrated frontline financial operations for high-volume branch.
  • Accelerated digital transformation driving 15% mobile adoption.
  • Mitigated fraud risks via vigilant transaction monitoring.
#AML/KYC#Fraud Detection#Financial Systems
Current ProjectActive

Founder & Cloud Architect

Cipherpit IT Solutions Remote
  • Architecting secure, cloud-native infrastructure on Azure.
  • Engineered Zero Trust security model with rigorous IAM policies.
  • Deployed hardened email server ecosystem with SPF/DKIM/DMARC.
  • Automated CI/CD pipelines reducing release time by 40%.
#Azure#Zero Trust#DevSecOps#Next.js
June 2025 - July 2025

Full-Stack Developer

Daramax Construction Toronto, Canada
  • Delivered custom corporate website optimizing load times by 30%.
  • Configured private email server with SSL/TLS encryption.
  • Conducted vulnerability assessments patching critical gaps.
#Web Performance#Server Security#React
September 2025

Volunteer Web Developer

Janta ko Nimti Remote
  • Designed mission-critical non-profit platform.
  • Enforced strict data privacy with full-site HTTPS.
  • Architected cost-effective email communication system.
#Non-Profit#Data Privacy#Full Stack

Combat Capability

Visualizing proficiency across key operational domains.

Attack VectorsMODULE 1

MetasploitCobalt StrikeBurp SuiteOWASP ZAPSQL InjectionXSSCSRFSSRF

Defense & AnalysisMODULE 2

SplunkWiresharkSnortSIEMForensicsMalware AnalysisReverse Engineering

InfrastructureMODULE 3

Linux (Kali/Parrot)Windows ServerActive DirectoryDockerKubernetesAWSAzure

DevelopmentMODULE 4

PythonBashJavaScriptReactNext.jsC/C++Assembly
// Portfolio

Featured Projects

Security
Completed

Penetration Testing Lab

Orchestrated a virtualized attack environment to simulate real-world exploits on web services, email servers, and wireless networks.

Kali LinuxMetasploitWireshark+1
Cloud
Production

Cloud Infrastructure Automation

Infrastructure as Code (IaC) pipeline deploying secure, scalable resources on Azure using Terraform and GitHub Actions.

TerraformAzureGitHub Actions+1
Cloud
Completed

Secure Private Cloud

Self-hosted Nextcloud instance hardening with TLS/SSL, intrusion detection, and strict access controls.

LinuxNextcloudMariaDB+1
Networking
Lab

Enterprise High Availability

Designed a fault-tolerant network architecture with load balancers and redundant server clusters.

NginxLoad BalancingLinux+1
DevOps
Completed

Hardened Email Server

Full-stack mail server deployment implementing strict anti-spam protocols (DMARC, DKIM, SPF).

PostfixDovecotDNS+1
DevOps
Completed

Docker Microservices

Containerized multi-tier application stack orchestrated with Docker Compose for consistent dev/prod parity.

DockerPythonRedis+1
// Verified Credentials

Certifications & Awards

Honors

Winter 2025

President's Honour List

Seneca Polytechnic

Awarded for achieving exceptional academic standing with a GPA of 4.0.

Professional Certifications

Certified Red Team Operations Management

Red Team LeadersDec 2025

Certified Ransomware Protection Officer

EU Cyber AcademyDec 2025

Ethical Hacker

CiscoSep 2025

Advent of Cyber 2025

TryHackMeJan 2026

JumpCloud Advanced Certification

JumpCloudDec 2025

IBM z/OS Container Extensions

IBMDec 2025

Google Data Analytics Certificate

GoogleDec 2025

Google Cybersecurity Certificate

GoogleDec 2025

AWS Cloud Foundations

AWSMar 2025

Junior Cybersecurity Analyst

CiscoSep 2025
Academic Background

Education

My academic journey and key coursework in Computer Systems and Security.

Computer System Technician - Diploma

Seneca Polytechnic

September 2024 - December 2025
Toronto, Canada

Focusing on computer systems, network administration, and IT security fundamentals.

Key Coursework

Computer Systems ArchitectureNetwork AdministrationIT Security FundamentalsOperating Systems (Linux, Windows)Database ManagementProgramming (Python, PowerShell, Bash)Cloud Computing (Azure, AWS)Cybersecurity Principles

Commerce with Applied Computer Studies - Higher Secondary

Global College of Management

July 2019 – June 2021
Kathmandu, Nepal

Relevant Coursework: Economics, Business Mathematics, Accounting, Computer Science (GPA: 3.33)

Key Coursework

EconomicsBusiness MathematicsAccountingComputer ScienceMathematics
// Community Impact

Volunteering

Volunteer Web Developer & IT Support

Volunteer Web Developer & IT Support

Janta ko Nimti

September 2025
Remote

Volunteered to design, develop, and maintain the official website for Janta ko Nimti, a non-profit organization. Configured and secured the organization’s email server and implemented SSL/TLS certificates.

Key Contributions

  • Designed and developed the official website
  • Configured and secured the organization's email server with SMTP, IMAP, and POP
  • Implemented SSL/TLS certificates, HTTPS, and server hardening
  • Created the official logo and digital branding
  • Donated personal funds and technical resources
Web DevelopmentEmail ServersSSL/TLSNon-profit
// Transmission

Initialize Handshake

Ready to secure your infrastructure? Open for Red Teaming, Penetration Testing, and Cloud Security engagements.

Secure Channels

Email Encrypted Channel

nirajthapa@niraj.info

Voice Comms

+1 (437) 436-6898

Base of Operations

Toronto, Canada

Digital Footprint

user@niraj.info: ~/contact-form