Network Security Engineering • Operations • Cloud Architecture • Automation & AI
Hi, I'm Caio! Building secure, reliable and automated hybrid infrastructure.
Network & Security engineer with hands-on experience in NOC operations, security labs, and cloud infrastructure. This portfolio presents practical projects and documented learning, not just certifications.
Current Focus
- Private Cloud Platform: Proxmox + pfSense segmentation (live build)
- AWS SAA-C03: architecture design (IAM, VPC, HA/DR, secure patterns)
- Network segmentation & multi-vendor routing (Cisco, Juniper)
- Automation & AI-assisted infrastructure engineering
About me
I’m an IT professional with 10+ years of experience across network operations, infrastructure delivery, and enterprise support, working in large-scale, mission-critical environments where reliability and operational discipline are essential. Now advancing toward a cloud/hybrid security engineering focus, combining strong network fundamentals with defensive security skills and automation to build and support systems that are secure, resilient, and designed for modern operational demands.
Highlights
- Designing & documenting a Private Cloud Platform (Proxmox + pfSense)
- VLAN segmentation & firewall zone architecture
- AWS Solutions Architect – Associate (SAA-C03) track
- CompTIA Security+ certified
- Multi-vendor routing labs (Cisco, Juniper)
- Automation & AI-driven security workflows
Focus areas
Private Cloud Platform
Building a security-first private cloud on Proxmox with pfSense segmentation, VLAN zones, firewall policy design, and phased expansion toward core services and observability.
View platform build →Cloud & Infrastructure
AWS architecture labs focused on IAM design, secure compute baselines, storage decisions, and understanding cloud security boundaries.
View cloud projects →Networking
Multi-vendor routing labs including BGP simulations, network design, protocol analysis, and troubleshooting across Cisco and Juniper platforms.
View networking labs →Cybersecurity
Hands-on defensive security labs covering SIEM use cases, Suricata detection rules, traffic analysis, and vulnerability management concepts.
View cybersecurity projects →AI & Automation
Exploration of Python-based tooling and AI-assisted workflows to improve operational efficiency, log analysis, and infrastructure troubleshooting.
View AI & automation →Featured projects
A selection of projects that represent how I think about infrastructure security, reliability and automation.
UM790 Private Cloud Platform
Security-first private cloud engineered on Proxmox VE with pfSense edge firewall, VLAN-based segmentation, and phased expansion toward observability, automation, AI workloads, and disaster recovery.
Network Threat Detection with Suricata
Built and tuned Suricata rules to detect malicious traffic, analysed alerts and documented incident response steps.
Multi-vendor BGP Lab on EVE-NG
Designed a service-provider style topology with Cisco & Juniper routers to explore routing policies and resilience.
AI-Assisted Log Analysis Prototype
Prototype pipeline where Python and an LLM help triage noisy logs, surface anomalies and support SOC investigations.
Private Cloud Platform | UM790 Build
A security-first, AI-ready home server platform built on Proxmox + pfSense. Documented end-to-end with network-as-code, phased milestones, and operational runbooks — engineered like a real production environment.
AWS SAA-C03 | Architecture in Progress
I’m building AWS architecture fundamentals as part of the SAA-C03 learning path. The focus is on understanding how core AWS services work together, how security boundaries are designed, and how to make sound architectural decisions, not on producing fully polished production systems.
Current learning focus
- IAM design with users, groups, roles, and least-privilege access
- Using IAM roles for workloads instead of long-lived access keys
- Secure EC2 setups and basic access control patterns
- Storage choices and trade-offs between EBS, EFS, and instance store
- Security-first thinking and common AWS design mistakes
EC2 Storage Decision Lab
Hands-on lab exploring EC2 storage options and architectural trade-offs. Covers EBS, EFS, and instance store behavior, including persistence, snapshotting, AMI creation, and immutable infrastructure patterns. Focuses on choosing the right storage model based on cost, performance, and durability requirements.
View repository on GitHub →EC2 Secure Compute Baseline
Design and implementation of a secure EC2 baseline architecture demonstrating practical understanding of compute, networking, and access control. The lab covers instance provisioning with user data, security group design and behavior, SSH access models, and IAM role usage to enable secure service access without static credentials.
View repository on GitHub →AWS IAM Foundations
Hands-on exploration of AWS IAM concepts, including users, roles, policies, permission boundaries, and service role usage. The repository documents learning notes, practical examples, and security pitfalls encountered while building least-privilege access models.
View repository on GitHub →Contact
The best way to reach me is via email or LinkedIn. I'm happy to walk through any of the labs or projects you see here.