Software engineering research · coding-agent tooling · healthcare systems
Tanzim Hossain Romel
I'm a software engineer at IQVIA and a software engineering researcher. I build tools for coding agents, healthcare backend systems, and research software for AI/ML security, LLM systems, and empirical software engineering.
I completed my B.Sc. in Computer Science and Engineering at BUET. I will start an M.Sc. in Computing Science at the University of Alberta in September 2026.
Current Focus
Right now I am working as a remote research intern at UIUC through UIUC++ SRSE 2026, The Choice Can Be the Attack, ctxhelm, VeriSchema, RefactoringMiner, and reading Designing Data-Intensive Applications.
I have also been contributing to RefactoringMiner, EF Core, GenHTTP, deepagents, and TypeScript.
GitHub activity: Loading recent merged pull requests...
News
Jun 2026: Started remote UIUC research internship. Started a remote summer research internship at the University of Illinois Urbana-Champaign through UIUC++ Summer Rese...
Feb 2026: Paper submitted to TOSEM 2026. Resubmitted 'An Empirical Study on Remote Code Execution in ML Model Hosting Ecosystems' to ACM Transactions on Softw...
Oct 2025: Paper submitted to MSR 2026. Submitted 'An Empirical Study on Remote Code Execution in ML Model Hosting Ecosystems' to the Mining Software Reposit...
Research & Publications
Selected work I want visitors to notice first. The full research profile and publication archive are linked below.
An Empirical Study on Remote Code Execution in ML Model Hosting Ecosystems
Large-scale study of roughly 45,000 repositories across major ML model hosting ecosystems, measuring unsafe deserialization, eval injection, malware signals, and recurring developer security misconceptions.
The Choice Can Be the Attack: Auditing Aligned Backdoors in LLM Agents
Endpoint-black-box auditing framework for aligned backdoors in LLM agents using counterfactual environments and discrete-choice estimation.
VeriSchema: Multi-Agent Framework for Generating Relational DB Schema & ERD
Multi-agent framework for generating relational database schemas and ER diagrams from requirements, with auto-repair and formal verification.
Patient-Centric Blockchain Framework for EHR Management
Patient-centric blockchain framework for electronic health records using encrypted off-chain IPFS storage and Ethereum-based access control.
Education
University of Alberta
Starting the M.Sc in Computing Science program in September 2026, with interests in software engineering research, trustworthy AI, distributed systems, and LLM systems. I will be joining the U-A-Goose software engineering group at the...
Bangladesh University of Engineering and Technology
Dean's List Award - Level 2 (outstanding academic performance) Notable Courses: Machine Learning, High Performance Database Systems, Fault Tolerant Systems, Data Structure and Algorithms, Operating Systems, Computer Security
Rajshahi College
Placed 15th in Rajshahi Board, received Talentpool Scholarship, A+ in all subjects with 96.5% marks in Physics, Chemistry, and Higher Mathematics
Work
Remote Research Intern, UIUC
Remote summer research internship at the University of Illinois Urbana-Champaign through UIUC++ Summer Research in Software Engineering (SRSE) 2026 with Professor Tianyin Xu's group, focused on software and systems reliability research.
Software Development Engineer 1, IQVIA
Backend engineer on the KPI Library team, building microservices-based healthcare applications that handle millions of patient records using .NET Core and C#. IQVIA (NYSE: IQV) provides analytics, technology solutions, and clinical research services to the life sciences industry, with 74,000+ employees across 100+ countries.
Full Stack Engineer, Mindshare Bangladesh (Part-time)
Built an e-commerce aggregator platform that let brands promote products by pulling listings from multiple e-commerce sites across Bangladesh.
Projects
ctxhelm: agent-native context compiler
Ongoing Rust project for compiling useful repository context for coding agents. The v1.1.11 public release can inventory a repo, retrieve lexical and symbol matches, include dependency, graph, semantic-provider, memory, and...
Go Container Runtime: Docker from Scratch
Freelance learning project where I am building a small Docker-like runtime in Go. It covers process isolation, namespaces, filesystem setup, container networking, and command-line behavior.
Mini Deep Learning Framework: PyTorch from Scratch
Freelance learning project where I am rebuilding the basic parts of PyTorch: scalar values, tensors, autodiff, neural-network layers, convolutional operators, and simple training loops.
Blockchain-Based Ticketing Platform
Finalist in Blockchain Olympiad Bangladesh (BCOLBD) 2021 with team "Recursively Enumerable". Designed NFT-based ticketing system using ERC-1155 standard. Implemented smart contracts for anti-scalping, dynamic QR codes, and decentralized identity management...
Skills
Languages & Systems: Rust, C#/.NET Core, C++, Go, Java, Shell
AI & Agents: Python, LangGraph, MCP, RAG, PyTorch, LLM Evaluation
Web & Backend: TypeScript, Node.js/Express, React/Next.js, Microservices, REST APIs, EF Core
Data & Storage: PostgreSQL, MongoDB, SQL Server, Oracle/PLSQL, DynamoDB, SQLAlchemy
Cloud & DevOps: AWS, Docker, Kubernetes, Terraform, GitHub Actions
Security & Research Tooling: CodeQL, Semgrep, Bandit, YARA, Z3, Solidity/Web3