AboutExpertise
Experience
EducationProjectsCertifications
Aftab Khan
Bridging technical security and human stories..
About
I’m a Security Analyst and WMG Excellence Scholar, currently completing my MSc in Cyber Security Management at the University of Warwick. With a background in computer engineering, I bring technical depth and critical thinking to every project. I’ve worked across VAPT, risk management and security awareness.
Along the way, I’ve:
Delivered assessments for global clients.
Contributed to an Amazon best-seller on web application security.
Led workshops to make cybersecurity more accessible.
At Warwick, I’ve represented my cohort, co-created curriculum improvements, and helped shape university-wide initiatives like Cyber Safe.
I care about making security practical, not just theoretical. Whether I’m presenting to a CISO, mentoring students, or refining a policy, I focus on impact, clarity, and communication.
I’m especially drawn to roles that blend consulting, GRC, and advisory work where people and purpose are as important as technical skill.
Expertise
Cyber Security
From VAPT to secure architecture, I focus on practical impact. I’ve run penetration tests for global clients, contributed to a best-selling web security book and helped design systems that do more than just patch vulnerabilities.
Governance, Risk & Compliance (GRC)
I bridge security with business and regulatory goals. I have hands-on experience with risk assessments, control frameworks and standards like ISO 27001, NIST CSF and GDPR. I help organisations weave security into their day-to-day decisions.
Human-Centred Security
I make security relatable and behaviour-driven. At Warwick, I co-created the Cyber Safe programme and built scenario-based content to help people understand real threats. I use behavioural models like COM-B and PMT to improve cyber hygiene and reduce human risk.
Work Experience
Course Respresentative
WMG, University of Warwick(Part-time)
October 2024-Present
Represented MSc Cyber Security Management students at the departmental level.
Advocated for academic improvements through structured feedback and open discussions.
Contributed to the Cyber Safe programme and supported Warwick Award initiatives.
Helped shape teaching quality, resources, and student engagement.
Guest Instructor
Agnel CyberCell
August 2020-Present
Organised workshops and Capture the Flag (CTF) events for 80+ participants.
Led sessions on ethical hacking and cyber defence strategy.
Received positive feedback for combining technical depth with clarity.
Security Analyst
Hacktify Cyber Security(Full-time)
September 2022-September 2024
Delivered end-to-end VAPT for global clients in finance, education and SaaS.
Conducted manual testing, logic flaw exploitation and API analysis.
Contributed to the best-selling book Ultimate Pentesting for Web Applications.
Led security workshops for universities and government institutions.
Security Engineer
Tech Mahindra(Internship)
September 2022-March 2023
Built a mobile biometric authentication app with secure 2FA integration.
Implemented advanced security protocols for financial transactions.
Collaborated in a 3-member team to prototype a working MVP.
Cyber Security Analyst
BillDesk(Internship)
December 2021-February 2022
Assessed and integrated the DepScan tool into secure CI workflows.
Conducted a case study to show its impact on software security.
Improved dependency-level security visibility across dev teams.
Cyber Security Engineer
Mindgate Solutions(Internship)
June 2021-September 2021
Supported secure deployment of financial applications.
Worked on code analysis and risk mitigation for backend services.
Took part in system hardening and audit readiness reviews.
Security Conferences
Educational Excellence Symposium — March 2025
University of Warwick,March 2025
Presented Cyber Safe training content that I co-created with my MSc peers, focusing on practical ways to improve student cybersecurity habits.
Showcased scenario-based modules on phishing, social engineering, and password safety to an audience of educators and student leaders.
Discussed how using a co-creation approach and focusing on human factors can make cybersecurity more relatable and effective on campus.
Cyber Safe Audiobook Project (Warwick-wide) — June 2025
University of Warwick,June 2025
Co-led the voiceover and content for a student-focused audiobook series on scam awareness and digital safety.
Helped take Cyber Safe beyond classrooms, making security advice easy to understand and more accessible to students.
Aimed to empower listeners with stories they could relate to, showing that security is as much about people as it is about technology.
Cyber@Warwick Cybersecurity Awareness Workshop — October 2024
University of Warwick,October 2024
Hosted a university-wide online workshop for Warwick students as part of the Cyber@Warwick community.
Talked about everyday cyber hygiene, social engineering tricks, and simple ways to stay safe online.
Brought together alumni and industry experts to make cybersecurity feel approachable and connect students to real-world insights.
CTF & Cybersecurity Challenges
Sheffield Siege CTF
April 2025
Competed as part of the Warwick team at Sheffield Hallam University’s flagship CTF event.
Solved challenges in reverse engineering, OSINT, cryptography, web security, and AI, alongside 17 university teams.
Sharpened teamwork, quick problem-solving, and practical hacking skills in a high-pressure environment.
Connected with students and industry mentors from Hack The Box, HSBC, and BCS, gaining insight into real-world security careers.
Hacktify Cyber Security CTF
2023–2024
Designed and delivered advanced CTF challenges for workshops and events, including CYBERNOVA 2024.
Built multi-layered scenarios blending web, network, and OSINT tasks to mirror real attacker methods.
Helped over 500 participants grow their problem-solving and technical skills through hands-on learning.
Received strong feedback for making challenges clear, creative, and grounded in real-world attacker-defender thinking.
Agnel CyberCell
2020–Present
Led CTF training sessions for engineering students, introducing ethical hacking and red teaming basics.
Mentored hackathon teams on challenge strategy, technical approach, and post-event analysis.
Encouraged a strong cybersecurity learning culture through community-driven events and beginner-friendly challenges.
Training
Cybersecurity in the Age of AI | Fr. C. Rodrigues Institute of Technology
April 2025
Delivered a guest session on AI-driven cyber threats, adversarial attacks, and defensive strategies.
Shared real-world case studies on prompt injections and adaptive malware.
Guided students on career paths in AI security and ethical AI practices.
Computer Networks Guest Lecture | FCRIT Vashi
March 2024
Returned as an alumnus to deliver an expert lecture on computer networks.
Simplified complex concepts and shared industry-ready insights.
Inspired students by turning past challenges into learning opportunities.
IBM Computer Networks Training | Yenepoya Institute
July 2024
Conducted a week-long, hands-on network security course as an IBM instructor.
Trained 120+ learners in core networking principles and secure design.
Combined theory with practical lab sessions for stronger understanding.
Cyber Essentials Faculty Workshop | Vidyalankar Polytechnic
January 2025
Delivered a targeted workshop on foundational cybersecurity for educators.
Helped 15+ faculty members strengthen their cyber hygiene and awareness.
Focused on real-world scenarios to improve classroom engagement.
CYBERFLARE Workshop & CTF | RGIT & Hacktify
October 2024
Led a multi-day ethical hacking and CTF workshop for engineering students.
Delivered live sessions on attack simulations and defensive mindsets.
Fostered collaboration and hands-on problem-solving.
CYBER PRISM | Viva College & Hacktify
August 2024
Directed a 3-day event featuring ethical hacking and CTF strategy sessions.
Mentored students on practical tools and attacker techniques.
Strengthened community learning through interactive tasks.
CYBER SAGE Workshop | Xavier Institute & Hacktify
July 2024
Conducted a workshop on ethical hacking fundamentals.
Engaged an enthusiastic audience with real-world use cases.
Highlighted career opportunities and skill development.
CYBERNOVA 2024 | Agnel CyberCell & Hacktify
March 2024
Served as speaker and CTF challenge co-lead during this 3-day event.
Empowered students with hands-on gamified cybersecurity learning.
Promoted inclusive learning regardless of career focus.
AGNETHON Hackathon | FCRIT Vashi
January 2024
Mentored teams at a national hackathon, guiding strategy and execution.
Strengthened problem-solving and presentation skills.
Contributed to a collaborative and innovative environment.
W3-CS Mumbai Meetup | Hacktify & BSides Bangalore
December 2023
Part of the organizing and facilitation team for a knowledge-sharing meetup.
Hosted 5+ expert talks covering IR, AI risks, IT audit, GRC, and frameworks.
Connected students with industry leaders and mentors.
Mentorship
Education
MSc. Cyber Security Management
University of Warwick
September 2024-Present
WMG Excellence Scholar, currently completing postgraduate studies in cyber risk, GRC, incident management, and secure system design.
Modules include: Applied Cryptography, Network Security, Digital Forensics, Human Factors, and Cybersecurity Consultancy.
Course ranked #1 globally by Eduniversal (2024) for Cybersecurity, Systems Security, and Data Protection.
Actively contributing to the university’s Cyber Safe programme and curriculum enhancement initiatives.
BE. Computer Engineering
Fr. Conceicao Rodrigues Institute of Technology
August 2019-May 2023
Graduated with Distinction (CGPA: 9.09/10), UK First-Class Honours equivalent.
Core coursework: Cybersecurity & Laws, Cryptography, Cloud Computing, NLP, Blockchain, and Data Science.
Served as a mentor and committee member in Agnel CyberCell and CSI Computer FCRIT.
Delivered lectures and Linux workshops, supporting tech education and peer learning.
Projects
Cyber Security Research Methods | IoMT Risk Framework
University of Warwick,March 2025 - April 2025
Developed a risk-based framework for securing IoMT in UK hospitals.
Applied mixed-methods research: case studies, expert interviews, and policy analysis.
Mapped vulnerabilities across 10 real-world medical devices using CVE data.
Proposed policy-aligned mitigation strategies for NHS-scale implementation.
Skills:
Qualitative Risk Analysis
CVE Mapping
Policy Review
Research Design
Human Factors | Cyber Safe Awareness & Interventions
University of Warwick,March 2025 - April 2025
Co-created scenario-based social engineering training adopted university-wide.
Applied COM-B, PMT, and Fogg models to influence password hygiene and safe behaviour.
Conducted analysis of real cyber incidents across UK universities.
Designed secure UX interventions and authored student-facing blog content.
Skills:
HCI
Behavioural Modelling
Secure UX Design
Moodle
Awareness Training
Applied Cryptography | Secure Online Banking Cryptosystem
University of Warwick,February 2025 - March 2025
Built a Python-based online banking simulator using AES-256 GCM and RSA
Implemented Argon2 hashing, MFA, and role-based access control
Designed a key management system and secured communication via certificates
Aligned with ISO/IEC 27001, NIST, and PCI-DSS standards
Skills:
Python
AES-256
RSA
Argon2
Key Management
RBAC
MFA
Network Security | Enterprise Architecture Simulation
University of Warwick,January 2025 - February 2025
Co-created scenario-based social engineering training adopted university-wide.
Applied COM-B, PMT, and Fogg models to influence password hygiene and safe behaviour.
Conducted analysis of real cyber incidents across UK universities.
Designed secure UX interventions and authored student-facing blog content.
Skills:
Cisco CLI
VLANs
OSPF
ACLs
IPsec VPN
TACACS+
ZPF
Cyber Risk Audit | IIoT Security in UK Airport
University of Warwick,November 2024 - December 2024
Conducted a detailed IIoT risk assessment simulating a UK airport audit
Aligned with UK NIS Regulations, ISO/IEC 27001, and IEC 62443
Created a STRIDE-mapped risk register and control strategy
Delivered recommendations with technical and governance alignment
Skills:
NIST CSF
STRIDE
IIoT Risk Assessment
Vulnerability Mapping
Compliance
Digital Forensic Investigation | Expert Witness Case
University of Warwick,October 2024 - November 2024
Performed a full forensic investigation on suspect laptop and dashcam data
Used GPS metadata, registry artefacts, and comms history for timeline reconstruction
Structured evidence for court, following UK ACPO principles
Analysed user behaviour and identified location trails
Skills:
Autopsy
FTK Imager
Registry Explorer
Timeline Analysis
ACPO Reporting
Emotion-Based Music Player (Octro)
Fr. Conceicao Rodrigues Institute of Technology,July 2022 - April 2023
Developed a web app that recommends songs based on facial emotion detection
Integrated Spotify API for real-time playlist generation
Delivered with a team of four; led frontend UX design
Won a national-level project competition and featured in Zephyr magazine
Skills:
JavaScript
Spotify API
Emotion Detection
Web Development
UI/UX
Certifications
Certified in Cybersecurity (CC)
ISC2,July 2025
Google Cybersecurity Specialization
Google,May 2025
Microsoft Certified: Azure AI Fundamental
Microsoft,May 2025
ISO 27001:2022 Compliant Cybersecurity Training
Project Management Institute,June 2024
Strategic Cyber Risk Management Bootcamp
CyberFrat,June 2024
Cybersecurity Analyst Specialization
IBM,March 2023
A portfolio built by Aftab Khan.