Hamrah Security

Security for your org through
Partnership
Hamrah Security is the practice of Qasim Ijaz, a security leader who taught offensive security at Black Hat and now runs cybersecurity team for a multi-billion-dollar healthcare organization. Strategy, testing, or incident response: Hamrah stands with you.
15+ Years in the field
Trusted where it counts
Hamrah is the distillation of a career spent leading security where the stakes are highest. A sample of the roles behind it:
Director of Cyber Security at a multi-billion-dollar healthcare org: Cut incident response time; advises the SLT on risk and AI governance.
Director of Offensive Security at a security services firm: Built the offensive security, vCSO advisory, and vulnerability management practices.
Senior Manager, Attack Simulation at a Fortune-scale health insurer: ran a global bug bounty program and set the attack-simulation strategy.
Director, Penetration Testing for a national cybersecurity consultancy: Led the offensive service lines and doubled training conversion.
Assistant CISO at a healthcare security & compliance firm: Drove SOC 2 alignment and led the offensive security team.
WHAT WE DO
Three ways we stand with you
Advise
Cybersecurity Advisory
vCISO / vCSO advisory & program development
Board- & C-suite risk communication
Security as a business enabler (incl. AI / shadow-AI governance)
Guidance through cloud migration, M&A
Secure Software Development Lifecycle
A security strategy leadership understands and funds.
Prepare
Incident Response Preparedness
IR planning & tabletop exercises
Detection engineering & automation
Continuous purple teaming
Respond in minutes, not days, with a pre-built runbook and detection tuned before the incident
Validate
Penetration Testing
Network, cloud & web app pen testing
EntraID/Azure, AWS, GCP & on-prem
Red team & attack simulation
Bug bounty program design & management
Attacker's instincts. Executive's judgment.
Qasim Ijaz
Qasim Ijaz has spent his career on both sides of the firewall. As a penetration tester and red teamer, he attacked some of the world's largest cloud providers, banks, and healthcare enterprises to find what real adversaries would. As a security leader, he's built and scaled the programs that defend them. Today he directs cybersecurity for a multi-billion-dollar healthcare organization, through detection engineering, automation, and continuous purple teaming.
That dual fluency is what Hamrah is built on. Qasim is known for turning technical risk into decisions a board can act on, across vCSO advisory, vulnerability management, and cloud migrations during mergers.
He's a teacher at heart, mentoring emerging professionals because the best way to secure the industry is to grow the people in it.

Mentorship & community
Securing the industry means growing its people
Taught the "Adaptive Penetration Testing" course at Black Hat US & EU
Lead Instructor, OSCP Bootcamp (Evolve Academy)
Instructor, Cybersecurity Bootcamp at the Georgia Institute of Technology
Speaker across the BSides circuit (Atlanta, Augusta, Charleston, Denver, Pittsburgh, San Antonio, San Diego), plus NOLACON, BrrCon, HackRedCon, and Pacific Hackers Conference
A 4,000-strong following in the security community

Let's connect
Security through Partnership
Scoping a pen test, standing up a program, or staring down an incident? Start with a conversation.
Drop us a note.
Please fill out the form below to connect with Hamrah Security.By providing a telephone number and submitting this form you are consenting to be contacted by SMS text message. Message & data rates may apply.
© 2026 Harmah Security | Committed to protecting organizations with expert cybersecurity solutions.