Available — roles · research · consulting · United Kingdom

Yulan Galagoda

Cyber Security Engineer & AI Researcher

Defending everything from enterprise networks to intelligent machines.

Degree
First Class HonoursBSc (Hons) Computer Security
Now
MSc AIUniversity of Plymouth
Industry
Executive gradeSecurity engineer · insurance & finance
Focus
SOC → ResearchOperations · IDS · Adversarial ML
What I do

Three things, one discipline.

01

Security operations

SOC work, SIEM tuning, incident response and vulnerability management on real production estates.

ISO 27001 · SIEM · IR · VAPT
02

Intrusion detection

Network defence and IDS/IDPS — from Suricata gateways to deep-learning detectors.

Suricata · Nmap · UFW · Flask
03

AI security & research

Adversarial machine learning — hardening detection models against attacks designed to fool them.

PyTorch · ART · CAN bus
Yulan Galagoda
About

About

I work at the intersection of cyber security and machine learning. My MSc dissertation explores adversarial training for deep-learning intrusion detection on the Controller Area Network (CAN bus), the nervous system of every modern car, using the CICIoV2024 dataset and techniques from the Adversarial Robustness Toolbox.

Before Plymouth, I built NetEAGLE, a Raspberry Pi-based network gateway combining a Flask API, mobile app, Nmap, UFW and Suricata IDPS into a single home-network defender. Earlier still, I served as a Cyber Security Engineer Executive at Union Assurance PLC and an Associate Engineer at Lanka Communications.

When I'm not reading papers I'm cataloguing antiques in The Meridian, documenting Sri Lankan and global recipes in Rampe, and refining the database that powers this site.

Experience

Where I’ve worked.

Nov 2024 – May 2025

Cyber Security Engineer Executive

Union Assurance PLC · Sri Lanka

Hands-on security engineering for a leading Sri Lankan insurer, covering policy, vulnerability management, SOC operations, and cloud security under ISO/IEC 27001:2022.

  • Designed and led ISO/IEC 27001:2022 information security policies and procedures across a leading Sri Lankan insurer, supporting the Bureau Veritas transition audit by helping resolve 11 of 12 audit findings (including both critical findings), with one finding formally accepted by management prior to certification
  • Led VAPT operations and triaged 20–25 monthly production SOC alerts, maintaining initial incident response times under 10 minutes and resolving the majority of incidents within 30 minutes
  • Represented the security team at bi-weekly cybersecurity forums across the John Keells Group, collaborating with security leaders on emerging threats, industry trends, and practical security improvements under the guidance of Sujit Christy, Founder & President of Circulo de CISO
  • Performed penetration testing that uncovered a significant Microsoft Sentinel configuration weakness involving prolonged remote-access sessions, leading to remediation and supporting successful commercial negotiations with Microsoft that reduced SIEM licensing costs
Aug 2024 – Nov 2024

Associate Engineer

Lanka Communication Services (LankaCom) · Sri Lanka

Promoted into the Associate Engineer role at LankaCom — Sri Lanka's first ISP and former SingTel subsidiary — supporting the islandwide ISP backbone and secure VPN services that keep banks, enterprises, and industrial customers connected.

  • Conducted internal ISO/IEC 27001:2022 audits and helped resolve more than half of the identified audit findings, contributing to the organisation's successful certification shortly afterwards
  • Diagnosed and restored 5–10 enterprise VPN services daily for banking and enterprise customers, consistently meeting ISP SLA response targets through rapid fault resolution and provision of redundant communication paths where required
  • Operated in a 24/7 NOC environment, monitoring backbone infrastructure, coordinating incident response, and maintaining SLA compliance across enterprise connectivity services
  • Expanded DCIM asset coverage from approximately 20% to 100% by accurately mapping data-centre infrastructure, leaving a fully documented and up-to-date monitoring environment for operational teams
Feb 2024 – Jul 2024

Trainee Associate Engineer

Lanka Communication Services (LankaCom) · Sri Lanka

Entry-level engineering role at LankaCom — Sri Lanka's first ISP and former SingTel subsidiary — the first step into full-time work, supporting the islandwide ISP backbone and secure VPN services delivered to banks, enterprises, and industrial customers.

  • Supported ISO/IEC 27001:2022 ISMS implementation and documentation
  • Diagnosed ISP backbone and VPN issues to ensure continuous uptime for enterprise customers
  • Enhanced DCIM monitoring systems for improved data centre performance and visibility
  • Operated in a 24/7 NOC, maintaining SLA compliance and service reliability across the customer base
Jul 2022 – Oct 2022

Technology Intern

AXYYA Digital · Sri Lanka

First industry exposure — technical research and documentation supporting software and infrastructure projects.

  • Conducted technical research and documentation to support software and infrastructure projects
  • Served as intern group leader from September 2022, coordinating tasks and timelines across the team
Jul 2022 – Oct 2022

Technology Intern

AXYYA Digital · Sri Lanka

Early-career internship at AXYYA Digital, focused on technical research and documentation, with a step up to coordinating the intern group from September 2022.

  • Conducted technical research and documentation activities across assigned projects
  • From September 2022, served as the intern group leader, coordinating tasks across the team
Credentials

Education, certifications & skills.

Education

  • MSc Artificial Intelligence
    University of Plymouth · In progress
    2025 - Present
  • BSc (Hons) Computer Security
    University of Plymouth · First Class Honours
    2021 - 2024

Research

  • Adversarial Training to Improve Deep Learning Intrusion Detection in the Internet of Vehicles
    University of Plymouth · In Progress
    Supervised by Dr. Shaymaa Al-Juboori

Certifications

  • AI Security Fundamentals
    Microsoft · 2026
  • AI Security & Governance
    Securiti · 2026
  • Certified in Cybersecurity (CC)
    ISC² · 2024
  • Introduction to Cybersecurity
    Cisco Networking Academy · 2021
  • ISO/IEC 27001:2022 Information Security Associate
    SkillFront · 2024
  • Diploma in English
    ESOFT Metro Campus / Pearson · 2021
  • Professional Certificate in Marketing (Distinction)
    Sri Lanka Institute of Marketing (SLIM) · 2020

Featured Skills

Network SecurityIntrusion Detection (IDS/IPS)Vulnerability ManagementIncident ResponseUFW / Linux FirewallsISO/IEC 27001Deep LearningAdversarial Machine LearningAdversarial Robustness Toolbox (ART)Neural Networks (CNN, RNN, LSTM)PythonLinux AdministrationSuricataNmapPyTorchTensorFlow / Kerasscikit-learnBash / ShellRaspberry Pi / Embedded LinuxCloudflare (Pages, DNS, Analytics)Notion (API & DB design)WiresharkTechnical Writing & Documentation
Contact

Get in touch.

Whether you need an engineer on your team, a collaborator on research, or a consultant on a hard security problem — my inbox is open.

Location: United Kingdom

Download CV (PDF) ↓