About
VAPT Engineer with hands-on experience in Web, API, and Network penetration testing. Skilled in identifying OWASP Top 10 vulnerabilities using Burp Suite, Metasploit, Nmap, and Scapy. Developed 20+ Python security tools. MSc Cybersecurity — First Class Honours, University of Hertfordshire. CEH exam scheduled next month.
Skills & Expertise (32)
Work Experience
GRC Specialist | Founding Team Member
EyrieQ
Oct 2025 - Present
Built GRC framework, risk registers, and security policies for an LMS SaaS platform from scratch. Conducted risk assessments, internal security audits, and R&D on Post-Quantum Cryptography (PQC).
Embedded System Engineer
ECIL
May 2017 - Jun 2017
Developed firmware and low-level drivers (UART, SPI, I2C) for real-time microcontroller systems.
Cyber Security Intern
Praana Consulting
Jan 2023 - Jun 2023
Assisted in penetration testing engagements, vulnerability assessments, and security report documentation.
Cyber Security Intern
SECURE8 Technology Services
Feb 2025 - Oct 2025
Performed web and API penetration tests identifying XSS, SQLi, IDOR, CSRF, and broken authentication vulnerabilities. Executed VAPT using Burp Suite, OWASP ZAP, Nmap, and Metasploit; delivered CVSS-scored pentest reports. Supported IAM operations including access reviews and Active Directory user provisioning.
Technical Operations Associate
Cash Converters
Aug 2023 - Jan 2024
Verified device authenticity via MAC address checks; identified counterfeit electronics to prevent fraud.
Education
MSc Cybersecurity — First Class Honours - University of Hertfordshire
2020 - 2023 · Afghanistan
BTech — Electronics & CS with IoT - KL University
2015 - 2019 · Afghanistan
