Dreaming of Margaritas in Hawaii 🍹

Faizan Zahid Full Stack Security Engineer

They said I needed a website, so here it is.

I navigate the chaos between "it works on my machine" and "why is production on fire?" Currently dealing with EASM, DMARC, and pipelines that don't crash (often).

What I Tolerate The Trauma

Core Competencies

Things I'm good at because I've broken them enough times to know how to fix them.

EASM & Discovery

I build scanners to find things you forgot you put on the internet. Yes, I found that dev server you left open in 2019.

  • • Asset Discovery (Hide & Seek Champion)
  • • Cloud Integrations
  • • Vulnerability Mapping

DMARC & Threat Intel

Optimized report pipelines so we can ignore spam faster. Built a threat map because executives love shiny moving dots.

  • • Email Security (Making Outlook behave)
  • • Real-time Analytics
  • • Threat Visualization

High-Performance Systems

Writing Python scripts that run for weeks without leaking memory. Building microservices because monoliths are "so 2015".

  • • ETL Pipelines
  • • Microservices (Distributed Monoliths)
  • • System Optimization

Professional Journey (Survival Guide)

Full Stack Software/Security Engineer (Professional Fire Fighter)

Jun 2024 – Present
CTM360 • Manama, Bahrain
  • DMARC Pipeline Optimization: Made it fast enough that nobody notices when it breaks for 5 minutes.
  • Threat Intelligence: Built a map to show people where the bad guys are (spoiler: they're everywhere).
  • Internet-Scale Scanning: Scanning the entire internet because asking nicely doesn't work.
  • Cloud Integrations: Wrote connectors for every cloud provider because standards are a myth.
  • Infrastructure as Code: AWS CDK, because clicking buttons in the console is for amateurs.
  • Data Analytics: Elasticsearch queries that look like ancient hieroglyphs.
  • Microservices: Created an "Event Tracker" so we know who to blame when things go wrong.

Backend Software Engineer (Cat Herder in Chief)

Jan 2023 – May 2024
Devex IT • Lahore, Pakistan
  • Team Leadership: Herded 6 cats (developers) and translated PM requests into actual code.
  • Security Implementation: Added OAuth 2.0 so users can forget their passwords securely.
  • Vulnerability Testing: Hacked my own code before someone else did.
  • Payment Integration: Integrated Stripe/PayPal so the company could actually make money.
  • Performance Tuning: Optimized queries until the database stopped screaming.
  • Mobile Dev: Touched Angular Ionic once. Never again.

Junior Full Stack Software Developer (Professional Googler)

Dec 2020 – Dec 2022
Devex IT • Lahore, Pakistan
  • API Development: Built APIs. They returned 200 OK most of the time.
  • Frontend: Centered divs in Angular and Vue.js. It was harder than the backend work.
  • Performance: Used Redis because databases are slow.
  • Prototyping: Built MVPs that were supposed to be throwaway but are probably still in production.

The Tool Graveyard

JavaScript Fatigue

Node.js Express (Classic) Nest.js (Angular for Backend) Socket.io MikroORM Mongoose Passport PM2

Python (Slow but Readable)

Python FastAPI (As fast as python can be) Asyncio Aiohttp Pydantic Pytest Uvicorn SQLAlchemy

Golang (if err != nil)

Go Fiber Gin Chi GORM Bun ORM

Frontend Chaos

React (Hooks Nightmare) Angular (Enterprise™) Vue.js Nuxt.js SvelteKit Ionic Tailwind CSS

Where Data Goes to Die

PostgreSQL SQLite MongoDB (Web Scale) Redis Elasticsearch DynamoDB

YAML Engineering

Docker AWS CDK Terraform Ansible GitHub Actions ECS Linux

Send Me a Ticket

If you have a project that doesn't involve crypto, NFTs, or "the next Facebook", I might reply. Jk, I don't really read my emails.

goodbye@fznzhd.com LinkedIn (Corporate Mask)