Technical Expertise Portfolio

The projects below represent hands-on, practical experience with enterprise-grade technologies. Each undertaking was driven by a specific challenge, engineered to a production-ready standard, and solved a real-world problem. They demonstrate a proven ability to design, implement, and manage the core infrastructure and security solutions that modern businesses rely on.

Home Portfolio
01

Enterprise Virtualization & Private Cloud Platform

Timeline: 2025
Private cloud infrastructure Virtualization servers Infrastructure monitoring

Objective & Challenge

Eliminate hardware dependency and increase agility by consolidating multiple physical servers into a centralized, highly available virtual environment for complex testing, isolated dev environments, and safe deployment practice.

Solution & Implementation

Deployed a high-availability Proxmox VE cluster. Configured ZFS pools for integrity and snapshots, engineered VLAN segmentation, and created golden image templates for rapid VM/LXC provisioning.

Technologies & Skills

Proxmox VE KVM/QEMU LXC ZFS VLAN Tagging Backup & Restore
Outcomes
  • Virtualized 10+ server-equivalents, reducing hardware footprint and power costs.
  • Reduced provisioning time to under 5 minutes using templates.
  • Used snapshots/clones to enable zero-risk testing and fast recovery states.
02

Secure Hybrid Cloud Infrastructure Bridge

Timeline: 2025
Cloud infrastructure Secure site-to-site VPN Infrastructure as code

Objective & Challenge

Integrate on-prem infrastructure with public cloud services to create a secure hybrid environment for scaling, DR practice, and workload separation while maintaining control over sensitive local data.

Solution & Implementation

Architected a hybrid model using Microsoft Azure with a site-to-site VPN to an Azure VNet, deployed Azure VMs for specific workloads, used Azure File Sync, and defined the environment using Terraform for repeatability.

Technologies & Skills

Microsoft Azure VNet VPN Gateway Terraform NSGs Cost Management
Outcomes
  • Built a functional hybrid cloud bridge used for scaling and DR scenarios.
  • Codified infrastructure as code for consistent rebuilds and safe changes.
  • Implemented right-sizing and monitoring to keep cloud spend predictable.
03

High-Performance Computing & Custom Workstation Builds

Timeline: 2025
Custom workstation build Hardware tuning Performance testing

Objective & Challenge

Maximize performance-per-dollar for compute-intensive workloads while guaranteeing stability under sustained load.

Solution & Implementation

Researched, sourced, and assembled custom systems; tuned BIOS/UEFI settings; implemented high-airflow and AIO cooling; benchmarked and stress-tested for long-duration reliability.

Technologies & Skills

Component Analysis Thermal Design BIOS/UEFI Cinebench/3DMark Stress Testing Driver Optimization
Outcomes
  • Achieved 30–40% performance uplift vs similarly priced pre-built systems.
  • Maintained safe CPU/GPU thermals during 24+ hour validation runs.
  • Delivered high compute capability with lower total cost of ownership.
04

Private Cloud Storage & Data Management System with TrueNAS

Timeline: 2025
Network storage ZFS snapshots Cross-platform file sharing

Objective & Challenge

Create a centralized, reliable storage platform with enterprise protection (snapshots, bit-rot detection) accessible from Windows, macOS, and Linux.

Solution & Implementation

Built a TrueNAS system on ZFS, configured redundant pools and automated snapshots, exposed SMB/NFS/AFP services, and deployed complementary apps in isolated environments.

Technologies & Skills

TrueNAS ZFS SMB/CIFS NFS Snapshots Replication
Outcomes
  • Enabled detection/correction of silent data corruption via ZFS checksums.
  • Used snapshots as an instant recovery layer against deletion/ransomware.
  • Provided a unified high-speed storage target for multiple OS clients.
05

Advanced Network Security & Segmentation with pfSense

Timeline: 2025
Network security Firewall policy VLAN segmentation

Objective & Challenge

Upgrade a flat network into a segmented, professionally managed design isolating IoT, guest, and lab traffic from trusted devices to reduce breach blast radius.

Solution & Implementation

Deployed pfSense on dedicated hardware, configured VLANs with a managed switch, enforced stateful firewall rules between segments, and established WireGuard VPN access for secure administration.

Technologies & Skills

pfSense VLANs Stateful Firewall WireGuard DHCP QoS
Outcomes
  • Isolated vulnerable IoT devices to prevent pivot attacks into trusted networks.
  • Created a separate guest segment with controlled access and bandwidth limits.
  • Enabled secure remote administration without exposing RDP/SSH publicly.
06

Comprehensive Web Application Security Hardening

Timeline: 2025
Web application security TLS hardening WAF protection

Objective & Challenge

Defend self-hosted web apps against common OWASP Top 10 threats and automated scanning by building a hardened baseline beyond basic SSL.

Solution & Implementation

Hardened Nginx (TLS 1.3), integrated ModSecurity WAF with OWASP CRS, deployed security headers (HSTS/CSP/X-Frame-Options), and automated certificate renewals via Let's Encrypt and Certbot.

Technologies & Skills

Nginx ModSecurity OWASP CRS TLS Security Headers Let's Encrypt
Outcomes
  • Blocked hundreds of automated probes with WAF and rule-based mitigation.
  • Achieved A+ SSL Labs ratings through modern TLS configuration.
  • Created reusable hardened templates so new services are secure by default.
07

Network-Wide Ad Blocking & DNS Security with Pi-hole

Timeline: 2025
DNS security Raspberry Pi services DNS filtering logs

Objective & Challenge

Improve privacy, performance, and security by blocking ads, trackers, and known-malicious domains at the network DNS layer for all devices without per-device software.

Solution & Implementation

Deployed Pi-hole as primary DNS, curated blocklists, enabled encrypted upstream DNS-over-TLS, and used query logs to tune policies and identify anomalous traffic.

Technologies & Skills

Pi-hole DNS Blocklists DNS-over-TLS DHCP Query Logging
Outcomes
  • Blocked ~30% of DNS requests, improving privacy and load times.
  • Added a simple but effective security layer against malware/phishing domains.
  • Used logs to identify noisy devices and potential misconfigurations.
08

Automated 3-2-1 Backup & Disaster Recovery System

Timeline: 2025
Backup strategy Encrypted backups Automation scripts

Objective & Challenge

Implement a robust, automated 3-2-1 backup lifecycle to guarantee recoverability from failures, ransomware, and accidental deletion.

Solution & Implementation

Designed multi-tier backups using rsync, encrypted versioned archives, and encrypted offsite sync to cloud storage, fully automated with scheduling and integrity checks.

Technologies & Skills

Rsync BorgBackup Rclone Object Storage Cron Encryption
Outcomes
  • Verified full restores and file-level restores; reduced RTO to under 2 hours.
  • Automated the backup lifecycle to remove human error and ensure consistency.
  • Implemented cost-effective offsite redundancy with encrypted cloud sync.
09

Cross-Platform Endpoint Security Hardening

Timeline: 2025
Endpoint security Security baseline Security monitoring

Objective & Challenge

Build a consistent security baseline across Windows, macOS, and Linux devices by enforcing encryption, patching, and firewall policies.

Solution & Implementation

Configured BitLocker/Defender and policy settings for Windows, FileVault for macOS, and LUKS plus firewall and automated security updates for Linux, with centralized log review.

Technologies & Skills

BitLocker Microsoft Defender FileVault LUKS CIS Baselines Logging
Outcomes
  • Achieved 100% full-disk encryption coverage for data-at-rest protection.
  • Reduced attack surface through consistent baselines and timely patching.
  • Demonstrated readiness for common compliance/security frameworks.
10

Containerized Application Deployment & Orchestration

Timeline: 2025
Docker containers Kubernetes orchestration Declarative configuration

Objective & Challenge

Master modern deployments by packaging services as portable containers and managing stacks declaratively instead of manual installs.

Solution & Implementation

Dockerized multiple applications with custom Dockerfiles, composed stacks with docker-compose, and explored K3s Kubernetes for service discovery, scaling, and declarative operations.

Technologies & Skills

Docker Docker Compose Kubernetes (K3s) YAML CI/CD Concepts Image Build
Outcomes
  • Achieved reproducible deployments and eliminated environment drift.
  • Defined application stacks in code for version control and rollback.
  • Built solid foundations in cloud-native deployment tooling.
11

PC & Mac Performance Optimization

Timeline: 2025
System diagnostics System tuning Performance improvements

Overview

Performed diagnostics, malware removal, and tuning on Windows and macOS devices to improve speed and stability, including cleanup, optimization, and targeted hardware upgrades.

Technologies & Skills

Windows Troubleshooting macOS Troubleshooting Antimalware Tools Disk Cleanup System Optimization Hardware Upgrades
Results
  • Restored multiple PCs and Macs to optimal performance.
  • Resolved malware and software conflicts and improved reliability.
  • Reduced boot/load times by up to 50% on affected systems.
12

Hardware Repair & Diagnostics

Timeline: 2025
Hardware diagnostics Repair workflow Thermal management

Overview

Diagnosed and repaired hardware failures (drives, RAM, GPU/CPU, thermals), ensuring stable operation with correct handling and BIOS/UEFI troubleshooting where required.

Technologies & Skills

Hardware Diagnostics Component Replacement BIOS/UEFI Thermal Management Anti-Static Handling Downtime Reduction
Results
  • Repaired multiple desktops and laptops and restored stable operation.
  • Performed upgrades to improve performance and longevity.
  • Minimized downtime for critical personal systems.

Ready to Discuss Your IT Project?

Our team is ready to apply our expertise to solve your technology challenges and help your business thrive.

Schedule Consultation Call: 0451 331 921