Avatar

Bob

IT Graduate specialising in Networking, Security and Troubleshooting
Location: Perth, WA
Mobile: 0435 298 926
Email: bob@matebob.com
LinkedIn: https://linkedin.com/in/bob-cao-355227215
TryHackMe: https://tryhackme.com/p/Bhappy
Work Rights: 485 Graduate Visa (Full-time)
Driver Licence: WA C-class Manual Licence
Availability: Fully flexible. Able to support overtime, on-call, and night shifts if required

Summary

I completed my Bachelor of IT at Kaplan Business School in Perth and graduated in November this year. I am now actively looking for an IT-related job during my Graduate 485 visa period. I have always loved working with computers. I spend a lot of my free time building my home lab, fixing hardware, practising networking, and completing more than 350 TryHackMe rooms. Because of this, I have used many Linux, networking, security and automation tools. Even if your company uses different systems, I can learn them very quickly. I am open to entry-level roles such as IT Helpdesk, Desktop Support, Networking Assistant or Junior Security Analyst. I am motivated, hard-working, and ready to grow my skills and build a long-term career in the IT field.

Core Skills Overview

Networking & Firewalls

OPNsense FortiGate Wireshark ACL OSPF Captive Portal IPSec Cisco VPN Traffic Shaping NGFW Web Filtering EVE-NG VLAN BGP

Hardware & IoT

PC building NAS systems Raspberry Pi sensor projects (BMP280, flame sensor, raindrop sensor) GPIO interfaces Clonezilla Macrium Reflect RAID ZFS

Cybersecurity & Penetration Testing

Nmap Metasploit Hydra Burp Suite SQLmap John the Ripper Hashcat Volatility capa Sysinternals Snort Suricata Nessus OpenVAS

Software & Automation Development

PowerShell Bash R SQL Python scripting supervised / unsupervised ML HTML/CSS/JS scikit-learn matplotlib numpy pandas Regex Flask

System Administration

Ubuntu Server Windows Server Active Directory RADIUS LDAP Zabbix Sysmon Osquery Proxmox VE VMware ESXi TrueNAS Docker Group Policy (GPO) Cron Jobs FirewallD / UFW

Security Monitoring & Incident Handling

Log analysis TheHive Shuffle Atomic Red Team CALDERA Splunk OpenCTI Elastic Stack Phishing Analysis Sysmon Sigma rules MITRE ATT&CK DFIR

EDUCATION

Kaplan Business School, Perth-------Bachelor of Information Technology-------Graduated November 2025

Completed IT Subjects

  • CITS1003 — Introduction to Cybersecurity
  • CITS1401 — Computational Thinking with Python
  • CSG1105 — Applied Communications
  • CSG3309 — IT Security Management
  • CSI2450 — IoT and OT Security
  • CSI3208 — Ethical Hacking and Defence
  • CSP2101 — Scripting Languages
  • TEC100 — Introduction to Information Technology
  • TEC101 — Professional Practice and Communication in IT
  • TEC102 — Fundamentals of Programming
  • TEC103 — Information Systems in Business
  • TEC104 — Database Design and Management

.

  • TEC105 — Introduction to Information Networks
  • TEC106 — IT Project Management
  • TEC108 — Introduction to Cyber Security
  • TEC207 — Service and Operations Management in IT
  • TEC201 — Data Visualisation in R
  • TEC202 — Artificial Intelligence and Machine Learning in IT
  • TEC301 — Machine Learning Applications
  • TEC302 — Website Development
  • TEC304 — Advanced Programming
  • TEC305 — Algorithms and Data Structures
  • TEC308 — Penetration Testing
  • TEC307 — IT Capstone

HANDS-ON PROJECTS

PC Hardware & IT Support Operations

  • Built and repaired many desktop PCs, small servers and NAS systems. Upgraded RAM, SSD/HDD, power supply units and cooling components.
  • Fixed hardware issues such as overheating, blue screens, boot failure and unstable performance using tools like AIDA64, HD Tune, CPU-Z, GPU-Z, Cinebench and 3DMark.
  • Used WinPE tools (Acronis, Macrium Reflect, DiskGenius, Clonezilla) to clone, back up and restore Windows systems.
  • Recovered deleted files with R-Studio and performed disk partitioning and troubleshooting.
  • Set up printers (USB / Wi-Fi / network) and solved driver issues, spooler errors and offline problems.
  • Provided remote support using TeamViewer, AnyDesk and VNC for common IT support tasks.
  • Experienced with macOS tools such as Homebrew, Rosetta and virtualisation for ARM-based systems.

Windows & Linux Server Administration

  • Built a Windows Server lab to practise Active Directory, DNS, DHCP, Group Policy and organisational structure.
  • Created user accounts, login rules, password policies and access control for small-business scenarios.
  • Used GPO for USB control, software restrictions, RDP hardening and desktop standardisation.
  • Managed Linux servers using key tools such as systemctl, cron, find, tmux, mount, dpkg, htop and free -h.
  • Deployed Nginx web servers, Samba shares and SSH-hardening settings for security practice.
  • Collected logs from both Windows and Linux for troubleshooting and security monitoring.

Storage, Backup & NAS Engineering

  • Skilled in using TrueNAS SCALE to build and manage home and lab storage systems.
  • Created and expanded storage pools using different vdev layouts, understanding redundancy and fault recovery.
  • Managed datasets, user permissions, and SMB/NFS shares for both Windows and Linux clients.
  • Troubleshot disk issues, performed pool rebuilds and monitored system health.
  • Set up backups with snapshots, replication and off-device storage workflows.
  • Hosted virtual machines and Docker applications on TrueNAS for lab testing.
  • Integrated TrueNAS storage with Proxmox and ESXi using NFS or SMB for VM datastores.

SOC Automation, Detection Engineering & Blue Team Operations

  • Built a full SIEM platform using Wazuh and collected logs from Windows, Linux, Sysmon and Osquery.
  • Integrated TheHive for incident management and Shuffle SOAR for automated enrichment workflows.
  • Created MITRE ATT&CK-aligned detection rules and tested them with simulated attacks.
  • Investigated events such as brute-force attempts, PowerShell activity, persistence techniques and lateral movement.
  • Reviewed firewall, server and endpoint logs to understand multi-step attack chains.

AI-Assisted Resume Website Project

  • Built the dynamic resume website you are currently viewing, using Python, Flask, Jinja2 and SQLite.
  • Developed a full backend system that allows adding/editing sections, blocks and bullet points through an admin interface.
  • Implemented features such as template rendering, favicon upload, database updates and automatic content formatting.
  • Used ChatGPT to accelerate coding, debugging and improving the project structure.
  • Deployed the site on a Linux host with proper routing, file handling and application management.

Networking & Firewall Implementation

  • Built my home network using OPNsense, including VLANs, NAT, routing, DHCP, DNS forwarding and VPN.
  • Practised routing technologies (VLAN, STP, RIP, OSPF, BGP, PPP, IPv6, DNS, DHCP relay, ACL, NAPT) using Cisco Packet Tracer and EVE-NG.
  • Used OPNsense and FortiGate VM to learn next-generation firewall features such as web filtering, threat detection, application control and IDS/IPS.
  • Analysed traffic with Wireshark to verify routing paths, packet drops and firewall rule behaviour.
  • Practised RADIUS/LDAP authentication, captive portal configuration, failover routing and multi-router LAN designs.

Virtualisation & Infrastructure Deployment

  • Skilled with VMware ESXi, Proxmox VE (PVE) and VirtualBox.
  • Created and managed virtual machines, virtual networks, snapshots, templates and storage.
  • Built multi-VLAN environments for firewalls, Windows/Linux servers and security-testing labs.
  • Connected virtual hosts to TrueNAS storage and performed backup/restore workflows.
  • Confident in setting up full home-lab infrastructure for networking, SOC practice and penetration-testing experiments.

Docker & Application Deployment

  • Deployed more than 20 Docker applications (Jellyfin, Nextcloud, Vaultwarden, Kometa and others).
  • Designed clean docker-compose templates for fast and repeatable deployments.
  • Set up Traefik/Caddy reverse proxy with HTTPS and automatic certificate renewal.
  • Used TrueNAS NFS shares for persistent volumes and data protection.
  • Built scripts to automate updates, backups and container health checks.
  • Created a self-hosted environment for learning, productivity and SOC testing.

Honeypots, Threat Monitoring & Red Team Simulation

  • Deployed T-Pot honeypot with sensors such as Cowrie, Suricata, Dionaea and p0f to collect attacker behaviour.
  • Captured real-world attacks including SSH brute-force, network scanning, botnet activity and malware payload attempts.
  • Performed controlled red-team tests using Kali Linux, Metasploit, Atomic Red Team and CALDERA.
  • Verified that Wazuh, Suricata and T-Pot correctly logged every attack step.
  • Extracted IOCs from telemetry and improved detection rules based on findings.

Raspberry Pi & IoT Projects

  • Built more than 30 Raspberry Pi sensor projects using Python, GPIO, I2C and SPI.
  • Created monitoring tools such as flame detectors, rain-sensor alerts and BMP280 temperature/pressure loggers.
  • Wrote Python scripts to collect and store sensor data in logs or simple dashboards.
  • Connected modules such as LEDs, buzzers, relays and cameras to learn hardware control and automation.
  • Used Raspberry Pi as a small Linux server for SSH, cron jobs, file sharing and basic networking.
  • Tested home-lab ideas such as Pi-hole DNS, small firewalls and light Docker services.

TryHackMe Training & Skills

Completed 350+ cybersecurity rooms Covered Red Team, Blue Team, SOC, SIEM, Forensics, Malware, Privilege Escalation, Web Security, Network Security Gained practical experience on realistic attack chains, detection engineering, and incident response workflows

SOC & Blue Team Skills

  • SIEM log analysis (Wazuh, Splunk, Elastic, Sentinel-style tasks)
  • Alert investigation and triage
  • MITRE ATT&CK mapping and detection logic
  • Network traffic analysis (Wireshark, Zeek, Suricata)
  • Windows event log analysis
  • Linux log analysis & audit trails
  • Threat intelligence basics: IOC types, enrichment, OSINT
  • Identify brute-force, phishing, C2, lateral movement patterns

Digital Forensics & Incident Response (DFIR)

  • Memory forensics using Volatility
  • Timeline analysis
  • Registry, process, network artifact investigation
  • Email phishing forensics
  • Identifying malware persistence
  • File system forensics (deleted files, artefacts, logs)
  • Understanding attacker behavior through OS artefacts

Red Team & Penetration Testing

  • Network scanning (Nmap, advanced NSE usage)
  • Web vulnerabilities: XSS, SQLi, SSTI, LFI/RFI, Auth bypass
  • Password attacks (Hydra, hash cracking, spray & brute-force)
  • Shell gaining & reverse shell techniques
  • Privilege escalation on Windows & Linux
  • Exploit development basics (buffer overflow labs)
  • C2 basics (msfvenom payloads, handling sessions)

Malware Analysis Skills

  • Static analysis using:
  • strings, capa, pefile, static PE header review
  • Dynamic analysis concepts (sandboxing, execution flow)
  • Identifying malware families by behavior
  • Understanding persistence, packing, obfuscation
  • Malware classification exercises
  • Extracting IOCs from malicious samples