About / Mahadi Hasan Tusher

Not a generalist who dabbles. A specialist who won't stop.

I started in network closets and ended up teaching SOC analysts how to defend production environments. The throughline: I find systems I don't understand, I take them apart, and I build them back better. Then I write down what I learned so the next person doesn't have to relearn it.

Today I run a small studio that pairs security engineering with product engineering. Same operator hardens your stack, ships your site, and trains your team. No handoffs, no diluted accountability.

Work with me See courses
Name
Mahadi Hasan Tusher
Title
Cybersecurity Pro · Instructor · Web Engineer
Based
Dhaka, Bangladesh · Remote-first
Languages
English · Bengali · Hindi (conversational)
Stack
Splunk · Wazuh · Burp · Nmap · Next.js · TypeScript · Tailwind · WordPress
Currently
Building the v2 cybersecurity curriculum + 2 client engagements
Available
Q3 ’26 — 2 of 4 slots open
Career / The long road

From wiring closets to SOC dashboards to shipping curriculum.

The arc, year by year. No filler. Each step taught me something I still use.

2018
Started in IT support & network admin
Wiring offices, fixing routers, learning the stack from cable up. The unglamorous beginning every security person should have.
2019
First freelance web projects
Built WordPress sites for local businesses. Discovered that what I really cared about was who could break them.
2020
Cybersecurity deep dive
CompTIA Security+, Network+, then into hands-on Hack The Box. Discovered I learn fastest by breaking things and writing it up.
2021
SOC Analyst — Tier 1
Joined a managed-security provider. Lived in Splunk dashboards. Sharpened detection engineering and IR muscle in production environments.
2022
Tier 2 + first instructor gig
Promoted to SOC Tier-2. Started teaching weekend workshops. Realized teaching is the fastest way to compress your own knowledge.
2023
Launched cybersecurity course platform
First cohort: 47 students. Today: 4,200+ students across SOC, ethical hacking and web tracks.
2024
Built the full-stack practice
Folded web engineering and digital marketing back in. Security + product + growth under one roof.
2026
Where we are now
120+ projects shipped, GCIH + OSCP-track, building an education brand that ships engineers, not certificate-collectors.
Mission

Train operators, not certificate-collectors.

Most cyber courses teach you to pass exams. Mine train you to walk into a SOC at 03:00 and triage an alert. Lab-heavy. Scenario-driven. Honest about how messy real production is.

Beliefs
  • Security without product context is theatre.
  • You learn faster by writing it up than by watching it.
  • Every "hacker" is mostly a careful reader.
  • Ship under pressure. Reflect with a calm mind.
Skill mesh

Where I'm sharp.

Self-rated. Calibrated by shipped projects, not certificate count.

SOC / Blue Team Ops95%
Threat Hunting & Incident Response90%
Ethical Hacking / Penetration Testing86%
Next.js / React / TypeScript92%
WordPress / E-commerce88%
SEO & Content Strategy84%
Curriculum Design & Instruction90%
Credentials

Certs & training.

Selective. I take certs that change how I work, not ones that decorate a LinkedIn.

CompTIA Security+
CompTIA
2020
Network+
CompTIA
2020
Certified Ethical Hacker (CEH)
EC-Council
2021
Splunk Core Certified User
Splunk
2022
GIAC Certified Incident Handler (GCIH)
GIAC / SANS
2023
AWS Cloud Practitioner
AWS
2023
OSCP — Offensive Security Certified Professional
Offensive Security
2025 (track)
Roadmap

The cybersecurity path I'd retake if I started today.

If you're starting out, this is the order I'd march in. It's also how my curriculum is structured.

Stage 00

Foundations

  • Networking, TCP/IP
  • Linux & shell scripting
  • Python for sec
  • OWASP Top 10
Stage 01

Defensive

  • SIEM (Splunk, Wazuh)
  • EDR (CrowdStrike)
  • Detection engineering
  • Threat hunting
Stage 02

Offensive

  • Recon & enumeration
  • Web app pentesting
  • Privilege escalation
  • Active Directory
Stage 03

Specialist

  • Cloud security (AWS/GCP)
  • Malware analysis
  • Incident response
  • Threat intelligence
Initiate / Engagement

Ready to level up your security & brand?

30-minute free strategy session. We'll audit your stack, identify the biggest leverage points, and map a 90-day roadmap.

Book free consultation Browse courses
2 / 4 slots open this month