operational · manchester, uk

SARIB AFTAB

> Cyber Security Analyst_

Building, breaking and defending modern systems. Background in digital forensics, threat intelligence and secure backend engineering — currently reading for an MSc in Cyber Security at Sheffield Hallam University.

view operations secure channel
#threat-intel #dfir #pentesting #siem #ai-eng
sarib@saribaftab:~$ session_init secure · TLS 1.3
located Manchester · UK
degree MSc Cyber Security
status open to work
scroll
01

> about_me

I'm a cyber-security analyst working across the offensive and defensive stack — from red-team reconnaissance and exploitation to building SIEM pipelines, hardening backend services and analysing malware behaviour with machine learning.

I'm currently completing an MSc in Cyber Security at Sheffield Hallam University, after a BS in Cyber Security at FAST in Islamabad. Along the way I've interned with National CERT, ITSOLERA and CFSS, and most recently worked as an Associate Software Engineer at Kaye Mckenzie in Manchester — architecting databases, shipping MERN / Next.js stacks and automating CI/CD on Vercel.

When I'm not at the terminal I'm running CTFs, reverse-engineering things I probably shouldn't, and writing about what I find.

0 internships
completed
0 production
projects
0+ technical
domains
0 certifications
& trainings
02

> experience.log

Associate Software Engineer

Kaye Mckenzie
Nov 2025 — Apr 2026 Manchester, UK
  • Architected relational and non-relational database solutions across MongoDB and Supabase (PostgreSQL) — implementing row-level security and efficient indexing.
  • Engineered and deployed scalable web applications on the MERN stack and Next.js, hosting frontends and serverless functions on Vercel for optimised global delivery.
  • Automated deployment and testing with robust GitHub Actions CI/CD workflows — reliable, zero-downtime updates to dev and prod servers.
  • Developed secure, high-performance RESTful APIs and serverless backends, integrating third-party services with seamless state management across the stack.
  • Implemented robust CI/CD deployment pipelines via Vercel and GitHub — managing environment configurations across staging and production.
MERN Next.js MongoDB Supabase · PostgreSQL Vercel GitHub Actions REST APIs RLS

Data Analyst Intern

Victoria Solutions
Oct 2025 — Nov 2025 Remote · London
  • Fundamentals of data analysis and business intelligence.
  • Cleaned, processed and transformed data with SQL and Python.
  • Dashboards in Power BI and Tableau; statistical and predictive modelling for business decisions.
SQL Python Power BI Tableau

Software Security Testing Intern

National CERT — National Cyber Security Emergency Response Team
Jul 2025 — Aug 2025 Islamabad, PK
  • System hacking and reconnaissance — info gathering, scanning, vuln analysis on Linux + Windows.
  • Exploitation and privilege escalation across Linux and Windows environments.
  • Client-side attacks targeting Windows 10 and 11 endpoints.
  • Web app security testing aligned with OWASP Top 10.
  • Designed and built a custom Web Application Vulnerability Scanner.
Recon Exploitation OWASP Top 10 Tool Dev

Cyber Security Intern

ITSOLERA Pvt Ltd
Jun 2024 — Sep 2024 Islamabad, PK
  • Installed and configured Wazuh for security monitoring and management.
  • Integrated pfSense firewall with Suricata for log processing — a working SIEM solution.
  • Maintained log management and analysis to detect and respond to threats.
  • In-depth malware analysis and incident response for proactive threat management.
Wazuh pfSense Suricata SIEM Malware

SOC Analyst Intern

CFSS — Cyber & Forensics Security Solutions
Mar 2024 — Apr 2024 Remote
  • Hands-on cyber-security labs across penetration testing, vulnerability assessment and networking.
  • Identified and analysed system vulnerabilities, simulated cyberattacks, investigated digital artefacts.
  • Compiled a comprehensive final report — analysis, mitigations, incident-response strategies.
Pen-Test VA DFIR
03

> education

[ ACTIVE ] Sep 2025 — Present

Sheffield Hallam University

MSc — Cyber Security

Sheffield, UK

  • Cyber Threat Intelligence & Digital Forensics
  • Hacking Techniques & Countermeasures
  • Network & Information Security
  • Standard-Based Security Audit & Assessment
  • Dissertation
[ COMPLETED ] Sep 2020 — Jun 2025

FAST — NUCES

BS — Cyber Security

Islamabad, Pakistan

  • Information Security · Cyber Security & Networks
  • Ethical Hacking · Digital Forensics
  • Vulnerability Assessment · Reverse Engineering
  • AI · Machine Learning · DevOps
  • Web Programming · Software Engineering
[ COMPLETED ] 2017 — 2020

Supernova College

O & A-Levels

Islamabad, Pakistan

  • Sciences pathway
  • Foundations in mathematics & computing
04

> projects

// 001

Q-Sec · Quantum-Secured Chat

Secure chat platform integrating Quantum Key Distribution (BB84), AES-256 encryption and Quantum Secret Sharing for hardened group communication.

QKD · BB84AES-256QSSPython
// 002

Recello · Marketplace App

Cross-platform mobile marketplace built and shipped end-to-end — full implementation, validation, testing and secure-coding practices.

React NativeTypeScriptSupabaseExpo
// 003 tool

IDS · Intrusion Detection

Machine-learning intrusion detection system — trained on network traffic to identify anomalous behaviour and surface attack indicators in near real time.

Pythonscikit-learnNetwork DataML
// 004

Malware Analysis Tool

Behavioural analysis tool for inspecting malware artefacts and predicting likely threat class using ML — built for triage and SOC enrichment.

PythonMLSandboxingYARA
// 005

Resume Generator

Full-stack web app that generates resumes from structured input — Node, Express, MongoDB on the back, clean UI on the front.

Node.jsExpressMongoDB
// 006

Event Booking Platform

Microservices event-booking platform with a secure backend architecture across PostgreSQL and MongoDB, deployed as composable services.

MERNPostgreSQLMongoDBMicroservices
// 007 archive

Pac-Man · x86 Assembly

Classic Pac-Man — built ground up in x86 Assembly with multiple levels. Low-level systems work for fun and instinct.

x86 ASMGame LogicLow-level
05

> capabilities

defensive

SIEM Wazuh pfSense Suricata IDS / IPS Firewall Config Log Analysis Incident Response Network Security

offensive

Penetration Testing Ethical Hacking OWASP Top 10 Metasploit Vuln Assessment Privilege Escalation Reconnaissance Web Enumeration

forensics & intel

Digital Forensics Android Forensics Malware Analysis Reverse Engineering Threat Intelligence Belkasoft Autopsy FTK Imager

engineering

Python C++ SQL Node.js React Native MERN GitHub Actions Linux LiveKit / Twilio Secure SDLC

governance

Risk Assessment Compliance ISO 27001 Security Audit Standards-Based Assessment

human

Leadership Team Coordination Communication Stakeholder Mgmt Technical Writing
06

> credentials

cert

Implementing ISO 27001

British Assessment Bureau

cert

Advanced Digital Forensics

Belkasoft

cert

Android Forensics

Belkasoft

training

Ethical Hacking — Metasploit & Web Enumeration

Hands-on training

competition

CTF — NASCON

Capture The Flag participant

language

EF SET English · 81 / 100 (C2 Proficient)

EF Standard English Test

honor

Great Future Talent Olympiad III · 95%

Scholarship awardee

honor

IELTS Academic · Band 8.0

High-performance overall

07

> open_channel

let's talk.

I'm open to roles in cyber security, security engineering, DFIR, threat intelligence and secure software. Reach out — I respond fast.

@
email [email protected]
phone +44 7449 923 491
in
linkedin linkedin.com/in/saribaftab
location Manchester, England, UK
~/contact $ send_message
$ echo "ready to collaborate"
ready to collaborate
$ curl -X POST saribaftab.com/contact
200 OK — channel open
$ echo "let's build something good"
let's build something good _