Network Security Engineering • Operations • Cloud Architecture • Automation & AI
Hi, I'm Caio! Building secure, reliable and automated hybrid infrastructure.
Network & Security engineer with hands-on experience in operations, enterprise networking labs, cloud architecture, and automation. This portfolio presents practical projects, validation-driven labs, and documented learning, not just certifications.
Current Focus
- Enterprise network lab in EVE-NG: OSPF, HSRP, LACP, failover testing, and Netmiko validation
- Private Cloud Platform: Proxmox + pfSense segmentation (live build)
- AWS SAA-C03: architecture design (IAM, VPC, HA/DR, secure patterns)
- Automation & AI-assisted infrastructure engineering
About me
I’m an IT professional with 10+ years of experience across network operations, infrastructure delivery, and enterprise support, working in large-scale, mission-critical environments where reliability and operational discipline are essential. I currently operate within hyperscale network environments, supporting backbone, edge, and data center infrastructure, and contributing to network stability, scaling, and migration activities. My focus is on strengthening network engineering capabilities across routing, redundancy, and data center operations, while incorporating automation to improve operational efficiency. I approach infrastructure with a production mindset, aiming to build and support systems that are scalable, resilient, and aligned with real-world deployment practices.
Highlights
- Private Cloud Platform: Proxmox + pfSense VLAN segmentation + PKI + Traefik ingress
- VLAN segmentation & firewall zone architecture
- AWS Solutions Architect – Associate (SAA-C03) track
- CompTIA Security+ certified
- Multi-vendor routing labs (Cisco, Juniper)
- Automation & AI-driven security workflows
Focus areas
Networking
Enterprise network lab built in EVE-NG featuring Core, Distribution, and Access layers, OSPF routing, HSRP gateway redundancy, LACP uplinks, failure testing, and Python-based validation with Netmiko.
View networking lab →Private Cloud Platform
Building a security-first private cloud on Proxmox with pfSense segmentation, VLAN zones, firewall policy design, and phased expansion toward core services and observability.
View platform build →Cloud & Infrastructure
AWS architecture labs focused on IAM design, secure compute baselines, storage decisions, and understanding cloud security boundaries.
View cloud projects →Cybersecurity
Hands-on defensive security labs covering SIEM use cases, Suricata detection rules, traffic analysis, and vulnerability management concepts.
View cybersecurity projects →AI & Automation
Exploration of Python-based tooling and AI-assisted workflows to improve operational efficiency, log analysis, and infrastructure troubleshooting.
View AI & automation →Featured projects
A selection of projects that represent how I think about infrastructure security, reliability and automation.
UM790 Private Cloud Platform
Security-first private cloud engineered on Proxmox VE with pfSense edge firewall, VLAN-based segmentation, and phased expansion toward observability, automation, AI workloads, and disaster recovery.
Network Threat Detection with Suricata
Built and tuned Suricata rules to detect malicious traffic, analysed alerts and documented incident response steps.
Enterprise Network Lab on EVE-NG
Designed and documented a multi-layer enterprise network with Core, Distribution, and Access topology, including OSPF, HSRP, VLAN segmentation, LACP redundancy, failure testing, and Python Netmiko-based validation for operational health checks.
AI-Assisted Log Analysis Prototype
Prototype pipeline where Python and an LLM help triage noisy logs, surface anomalies and support SOC investigations.
Private Cloud Platform | UM790 Build
A security-first, AI-ready home server platform built on Proxmox + pfSense. Documented end-to-end with network-as-code, phased milestones, and operational runbooks — engineered like a real production environment.
AWS SAA-C03 | Architecture in Progress
I’m building AWS architecture fundamentals as part of the SAA-C03 learning path. The focus is on understanding how core AWS services work together, how security boundaries are designed, and how to make sound architectural decisions, not on producing fully polished production systems.
Current learning focus
- IAM design with users, groups, roles, and least-privilege access
- Using IAM roles for workloads instead of long-lived access keys
- Secure EC2 setups and basic access control patterns
- Storage choices and trade-offs between EBS, EFS, and instance store
- Security-first thinking and common AWS design mistakes
EC2 Storage Decision Lab
Hands-on lab exploring EC2 storage options and architectural trade-offs. Covers EBS, EFS, and instance store behavior, including persistence, snapshotting, AMI creation, and immutable infrastructure patterns. Focuses on choosing the right storage model based on cost, performance, and durability requirements.
View repository on GitHub →EC2 Secure Compute Baseline
Design and implementation of a secure EC2 baseline architecture demonstrating practical understanding of compute, networking, and access control. The lab covers instance provisioning with user data, security group design and behavior, SSH access models, and IAM role usage to enable secure service access without static credentials.
View repository on GitHub →AWS IAM Foundations
Hands-on exploration of AWS IAM concepts, including users, roles, policies, permission boundaries, and service role usage. The repository documents learning notes, practical examples, and security pitfalls encountered while building least-privilege access models.
View repository on GitHub →Contact
The best way to reach me is via email or LinkedIn. I'm happy to walk through any of the labs or projects you see here.