HF.

Hasan Firnas I

A technophile finding a lazy way to get things done.

Risk & Compliance Automation Digital Forensics CEH CTF Player

Who I am

Senior Security Analyst.

Synchrony Financial · Jun 2024 – Present

Senior Security Analyst specialising in PCI DSS compliance and cybersecurity risk, with a foundation rooted in ethical hacking and digital forensics. Supports risk-based assessments across PCI DSS, HIPAA, and SWIFT frameworks, focusing on evidence validation and audit readiness. Known for spotting gaps in existing processes and engineering automation workflows that eliminate manual overhead — whether optimising what exists or building something entirely new.

PCI DSS 4.0.1 HIPAA SWIFT Python Power Automate Digital Forensics Splunk

LinkedIn GitHub TryHackMe Instagram

Career

Experience.

Senior Security Analyst — IS PCI & Compliance Jun 2024 – Present

Synchrony Financial

Supports end-to-end PCI DSS 4.0.1 compliance assessments covering evidence validation, application reviews, and audit readiness.
Built Power Automate + Python automation workflows reducing manual effort by 60–70%, saving ~50 hours monthly.
Manages RITM review operations via ServiceNow ensuring accurate classification and audit-ready documentation.
Coordinates SWIFT Assessment evidence; partnered with Governance, SOX & DR teams on tailored automation solutions.

Security Analyst — Risk Management Apr 2023 – Jun 2024

Synchrony Financial

Supported PCI DSS compliance assessments: application reviews, evidence collection, and audit documentation.
Managed application onboarding reviews in ServiceNow, evaluating data elements to determine PCI scope.
Assisted in HIPAA assessment activities; contributed to internal PCI portal enhancements.

Security Analyst Intern — Detection & Response Feb 2022 – Apr 2023

Synchrony Financial

Hands-on exposure to corporate SOC workflows within a large financial institution.
Wrote Splunk queries for log analysis and security event investigation.
Built proof-of-concept for Synapse — Python-based CTI platform to detect malware and trigger Splunk alerts.

Bug Bounty Hunter Intern Aug 2021 – Dec 2021

Ersegment

Web application scanning and manual vulnerability assessments on government and e-commerce platforms.
Reported vulnerabilities acknowledged by target organisations.

Toolkit

Skills.

Compliance & Risk Management

PCI DSSHIPAASWIFT CMDB RiskControl Validation Audit DocsEvidence Collection

Process & Automation

PythonBashPower Automate ServiceNowGap AnalysisMicrosoft 365

Security Operations

SplunkThreat Intelligence Digital ForensicsVuln AssessmentNetwork Security

Penetration Testing

Burp SuiteNmap MetasploitWiresharkKali Linux

Highlights

Achievements.

22,000+

TryHackMe Room Creator

Designed and published the "Disk Analysis & Autopsy" room — a hands-on digital forensics challenge completed by over 22,000 learners worldwide, contributing an active learning resource to the global cybersecurity community.

🎓

🥇

1st Place — VIT Chennai CTF

First place in the CTF event hosted by VIT Chennai.

🥈

2nd Place — InCTF Nationals 2021

Second place at InCTF Nationals 2021.

🥉

3rd Place — Aurora 2.0 CTF

Delhi Technological University.

🏅

4th Place — AppSec Hackathon

The Great AppSec Hackathon.

Credentials

Certificates & More.

Certificates

Certified Ethical Hacker Practical — EC-CouncilNov 2022

Certified AppSec Practitioner (CAP) — SecOps GroupJan 2023

Digital Forensics Essentials (DFE) — CodeREDFeb 2022

Complete Digital Forensics Masterclass — UdemyJul 2021

NDG Linux Essentials — Cisco Networking AcademyJul 2021

Programming with Python for Data Sciences — NIITOct 2019

Leadership & Volunteering

Led the OWASP Sathyabama Student Chapter, organising cybersecurity awareness activities and community engagement initiatives.

Volunteered at cybersecurity events including Rootsectak and OWASP Chennai.

Education

B.E — Computer Science Engineering

Sathyabama Institute of Science & Technology

2019 – 2023

12th — Computer Science & Maths

Seventh Day Adventist School (TN State Board)

2018 – 2019

10th — ICSE

Seventh Day Adventist School

2016 – 2017

You made it to the end

Why are you still here?

Not selling anything. Not consulting. Not available for hire right now?
If you want to connect, nerd out about security, or just say something — I'm around.

Email

Hasanfirnas242@gmail.com

Built by Hasan Firnas I · Chennai · 2025