Tanzim Hossain Romel
I'm a software engineer at IQVIA and a software engineering researcher. I build tools for coding agents, healthcare backend systems, and research software for AI/ML security, LLM systems, and empirical software engineering.
I completed my B.Sc. in Computer Science and Engineering at BUET. I will start an M.Sc. in Computing Science at the University of Alberta in September 2026.
Right now I am working on The Choice Can Be the Attack, ctxpack, VeriSchema, RefactoringMiner, and reading Designing Data-Intensive Applications.
I have also been contributing to RefactoringMiner, EF Core, GenHTTP, deepagents, and TypeScript.
Feb 2026: Paper submitted to TOSEM 2026. Resubmitted 'An Empirical Study on Remote Code Execution in ML Model Hosting Ecosystems' to ACM Transactions on Softw...
Oct 2025: Paper submitted to MSR 2026. Submitted 'An Empirical Study on Remote Code Execution in ML Model Hosting Ecosystems' to the Mining Software Reposit...
May 2025: Received IQVIA Impact Program Silver Award. Honored with the IQVIA Impact Program Silver Award for outstanding performance and contributions to the KPI Library t...
Selected work I want visitors to notice first. The full research profile and publication archive are linked below.
Large-scale study of roughly 45,000 repositories across major ML model hosting ecosystems, measuring unsafe deserialization, eval injection, malware signals, and recurring developer security misconceptions.
Endpoint-black-box auditing framework for aligned backdoors in LLM agents using counterfactual environments and discrete-choice estimation.
Multi-agent framework for generating relational database schemas and ER diagrams from requirements, with auto-repair and formal verification.
Patient-centric blockchain framework for electronic health records using encrypted off-chain IPFS storage and Ethereum-based access control.
Starting the M.Sc in Computing Science program in September 2026, with interests in software engineering research, trustworthy AI, distributed systems, and LLM systems. I will be joining the U-A-Goose software engineering group at the...
Dean's List Award - Level 2 (outstanding academic performance) Notable Courses: Machine Learning, High Performance Database Systems, Fault Tolerant Systems, Data Structure and Algorithms, Operating Systems, Computer Security
Placed 15th in Rajshahi Board, received Talentpool Scholarship, A+ in all subjects with 96.5% marks in Physics, Chemistry, and Higher Mathematics
Backend engineer on the KPI Library team, building microservices-based healthcare applications that handle millions of patient records using .NET Core and C#. IQVIA (NYSE: IQV) provides analytics, technology solutions, and clinical research services to the life sciences industry, with 74,000+ employees across 100+ countries.
Built an e-commerce aggregator platform that let brands promote products by pulling listings from multiple e-commerce sites across Bangladesh.
Ongoing Rust project for packing useful repository context for coding agents. The current version can inventory a repo, retrieve lexical and symbol matches, include dependency and git-history signals, build Markdown...
Freelance learning project where I am building a small Docker-like runtime in Go. It covers process isolation, namespaces, filesystem setup, container networking, and command-line behavior.
Freelance learning project where I am rebuilding the basic parts of PyTorch: scalar values, tensors, autodiff, neural-network layers, convolutional operators, and simple training loops.
Finalist in Blockchain Olympiad Bangladesh (BCOLBD) 2021 with team "Recursively Enumerable". Designed NFT-based ticketing system using ERC-1155 standard. Implemented smart contracts for anti-scalping, dynamic QR codes, and decentralized identity management...
Languages & Systems: Rust, C#/.NET Core, C++, Go, Java, Shell
AI & Agents: Python, LangGraph, MCP, RAG, PyTorch, LLM Evaluation
Web & Backend: TypeScript, Node.js/Express, React/Next.js, Microservices, REST APIs, EF Core
Data & Storage: PostgreSQL, MongoDB, SQL Server, Oracle/PLSQL, DynamoDB, SQLAlchemy
Cloud & DevOps: AWS, Docker, Kubernetes, Terraform, GitHub Actions
Security & Research Tooling: CodeQL, Semgrep, Bandit, YARA, Z3, Solidity/Web3