Mahaz Ahmed Malik
EXPERTISE
BIO
I’m Mahaz Ahmed Malik, a cybersecurity professional from Pakistan with strong expertise in penetration testing, malware analysis, OSINT, and Python-based automation. With hands-on experience in both government labs and tech-driven environments, I’ve conducted vulnerability assessments, reverse engineering, and tool development for secure systems. I hold a BS in Cyber Security and certifications including CEH and (ISC)² CC, and I’m passionate about leveraging my skills to solve real-world security challenges in freelance and contract-based roles.
WORK EXPERIENCE
Development Fellow (IT Network & Network Security)
Common Criteria Pakistan Lab
July 2024 - March 2025
As a Development Fellow (IT Network & Network Security) at Common Criteria Pakistan, I specialize in penetration testing for software and mobile applications, cryptographic evaluations, and the testing and deployment of suites like NIST STS, Dieharder and AIS31. Additionally, I am involved in the evaluation of IT and network security products to ensure compliance with cybersecurity standards and contribute to the development of secure and reliable systems. Below are the some key roles, • Penetration testing for software, web and mobile applications. • Cryptographic evaluations for security compliance. • Testing and Deployment of randomness testing suites (NIST STS, Dieharder, AIS31). • Evaluation of IT and network security products
Intern
Cyber Command
July 2023 - September 2023
During my duration, I significantly contributed to operational efficiency by developing and deploying automation scripts. My role involved crafting Python scripts to automate tasks, integrating various APIs for streamlined workflows, and employing social engineering tools to simulate and mitigate cybersecurity threats. Additionally, I engaged in OSINT analysis, leveraging public data to generate actionable insights. This diverse experience sharpened my technical and analytical skills, making me an effective contributor in tech-driven settings. Below are key roles I've embraced, reflecting my dedication to innovation, efficiency, and cybersecurity excellence: • Python Developer • Automation Script Writing • Working on APIs • Utilizing Social Engineering Tools • Conducting OSINT Analysis
Intern
Pakistan Aeronautical Complex, Kamra
July 2022 - August 2022
During my duration, I was part of the Networking Team, focusing on maintaining computers to keep them running smoothly and developing Python scripts to improve network performance and automate tasks. My work helped enhance system reliability and efficiency. This experience boosted my skills in IT maintenance and Python programming, preparing me for a wide range of IT challenges. Below are key roles I've embraced, reflecting my dedication to innovation, efficiency, and cybersecurity excellence: • Networking Team • Maintenance of computers • Python Development
EDUCATION
Bachelor of Science in Cyber Security
Air University Aerospace and Aviation Campus, February 2024
Cyber Security
FSC
Federal College of Science and Commerce, Attock Cantt, August 2019
Computer Science
Matric
Army Public School and College System, Attock Cantt, July 2016
Biology
CERTIFICATIONS
Certified Ethical Hacker (CEH)
EC-COUNCIL
Issued: 1/1/1970
Credential ID: ECC5061489372
Certified in Cybersecurity (CC)
ISC2
Issued: 1/1/1970
Credential ID: b19c9c19-925c-4cdc-b6a4-8761f74e7dd4
Cybersecurity Foundations: Governance, Risk, and Compliance (GRC)
Issued: 1/1/1970
Credential ID: b6b7ebcf02ce999097e15f4fb217721bbda35f3a0c0debe0df73da2a13055066
Security Operations And Defense Analyst
Splunk
Issued: 1/1/1970
PORTFOLIO PROJECTS
Secure Responsive Patient Monitoring System
Designed and implemented a secure and responsive patient monitoring system, enabling remote communication between doctors and patients. The system utilizes a custom-designed node authentication algorithm integrated within specialized hardware kits. This robust security protocol safeguards patient data and mitigates potential threats like man-in-the-middle attacks and distributed denial-of-service (DDoS) attempts.
PhishCraft Pro: Advanced Social Engineering Toolkit
Developed a cutting-edge social engineering tool for cybersecurity testing, capable of multimedia uploads, website cloning, and realistic phishing simulations. It features automatic Target-ID generation, detailed target engagement data capture (IP, geo-location, ISP, system details, timestamps in PST, camera, and microphone access).
Network Traffic Log Analysis and Incident Mitigation Using Splunk
Utilized Splunk to analyze network traffic logs for identifying security incidents. Successfully detected unauthorized access attempts, significant changes in traffic volume, and unusual user agents. Proposed effective mitigation strategies based on the log analysis, including IP blocking, traffic filtering, and updating firewall rules to enhance the organization's security posture.
Penetration Testing of Mobile Applications Using MobSF & APKTool
Conducted in-depth penetration testing of Android applications using tools like MobSF and APKTool. Identified vulnerabilities related to insecure data storage, component exposure, and unprotected APIs. Generated detailed technical reports for developers and senior security evaluators.
Cryptographic Randomness Evaluation Using NIST STS-2.1.2
Executed statistical testing of cryptographic algorithms using the NIST STS-2.1.2 suite. Analyzed random number generators used in secure communication systems for compliance with standard randomness criteria. Delivered comprehensive evaluation reports to support certification efforts.
Verified Security Engineer
0-2 years of experience
Preferred commitment: Full Time
Languages
Skills
Impressed by Mahaz Ahmed Malik's profile?
Take the next step and bring this top talent to your team
Hire Mahaz for your team