Building Secure
Infrastructure
at Scale

Cybersecurity student • Security Engineering • Cloud Security • Security Analysis

Download CV Get in Touch

About Me

about_me.sh
Nazariy Buryak 
$ whoami
Nazariy Buryak

$ age
18 Years Old

$ role
Cybersecurity Student > Security Engineering / Cloud Security / Security Analysis

$ location
Portlaoise, Ireland

$ studying_at
South East Technological University, Carlow

$ focus
- Working on open-source security tools development
- Security engineering & system hardening
- Security analytics & log analysis
- AWS infrastructure security
- GCP Security
- Networking security & troubleshooting
- Threat modeling & cloud hardening

Relevant Experience

LATEST

ZeroDays CTF 2026

Dublin, Ireland · March 2026

Team Captain · Seasonal Competition

  • Competed in ZeroDays CTF 2026 at Croke Park, Dublin
  • Served as Team Captain, leading challenge strategy and coordination
  • Solved Web, Crypto, and Pwn challenges
  • Finished 5th of 71 college teams, 18th of 141 overall
  • Applied skills in vulnerability analysis, reverse engineering, and exploit development

Cohort

Carlow: September 2025 - February 2026

Cloud Infrastructure & DevOps Engineer

  • Designing and building an AWS cloud environment for an ambitious project, setting up networks, databases, certificates, caching, routing, and containerization.
  • Making the infrastructure secure and scalable to support future application growth.
  • Working on building a secure CI/CD pipeline with GitHub Actions.
  • Implementing DevSecOps analysis practices using SonarQube and supporting Dockerfile-based deployments.

Amazon Web Services

Zurich: September 2025

Summit Participant

  • Learned how to secure systems and use safety protocols for autonomous agents.
  • Studied identity security and how it connects with Kubernetes and CI/CD pipelines.
  • Helped design global network setups using AWS services.
  • Took part in CTF challenges and card games to improve cybersecurity skills and explore new attack and defense methods.

John Sisk & Sons Ltd - CP Naughton

Portlaoise: June 2025 - August 2025

General Operative

  • Worked efficiently as part of a team to meet daily targets in a fast-paced environment.
  • Managed time effectively to complete tasks under pressure and tight deadlines.
  • Maintained high productivity while handling physically demanding and repetitive work.
  • Followed instructions accurately and adapted quickly to changing priorities.
  • Supported team members to ensure smooth workflow and consistent output.
  • Maintained a strong focus on safety, quality, and attention to detail.

Technical Skills

Select a specialisation to explore my tools, technologies, and competencies in that domain.

Cloud Platforms

AWS GCP Azure Azure

Infrastructure & Containers

Terraform Docker Kubernetes

CI/CD & DevSecOps

Jenkins Git SonarQube SonarQube

Languages

Python Go HCL

Key Areas

  • AWS infrastructure security (VPC, IAM, S3, Lambda)
  • GCP security configuration & hardening
  • Container security & orchestration
  • Infrastructure as Code security scanning
  • Cloud-native CI/CD pipeline security

Languages

Python Go Java C JavaScript PHP Assembly 68k Assembly 68k

Operating Systems

Linux Windows macOS macOS

Databases

PostgreSQL MongoDB MySQL

Networking

Cisco Cisco Nginx

Key Areas

  • Security tooling development (CLI & TUI)
  • System hardening & configuration
  • Security automation & scripting
  • Secure coding practices & code review
  • Network security & troubleshooting

SIEM & Monitoring

Splunk Splunk Grafana

Network Analysis

Wireshark Wireshark Ettercap Ettercap Nmap Nmap

Vulnerability Scanning

Nessus Nessus Nikto Nikto

Scripting

Python Bash

Key Areas

  • Log analysis & correlation
  • Threat detection & incident triage
  • Network traffic analysis & packet inspection
  • Vulnerability assessment & reporting
  • Security event monitoring & dashboarding

Exploitation Frameworks

Metasploit Metasploit Hydra Hydra

Web Application Testing

Burp Suite Burp Suite OWASP ZAP OWASP ZAP

Reconnaissance & Scanning

Nmap Nmap Nikto Nikto Nessus Nessus

Languages

Python Assembly 68k Assembly 68k

Key Areas

  • Vulnerability analysis & exploit development
  • Web application security testing
  • WAF/CDN fingerprinting & bypass
  • Reverse engineering
  • CTF competitions & challenge solving

CI/CD & Pipeline Security

Jenkins Git GitHub Actions SonarQube SonarQube

Containerisation & Orchestration

Docker Kubernetes

Infrastructure as Code

Terraform Bash Python

Web & Serverless

HTML5 CSS3 JavaScript AWS Lambda Nginx

Key Areas

  • Secure CI/CD pipeline design & hardening
  • Container image scanning & runtime security
  • Infrastructure as Code security linting
  • Serverless architecture & deployment automation
  • Automated security testing integration
  • GitOps workflows & secrets management

Soft Skills

💬

Effective Communication

Clear and concise communication when collaborating on security projects, writing documentation, and presenting technical findings

🎯

Problem Solving

Analytical and structured approach to troubleshooting system issues and resolving security challenges in dynamic environments

🎓

Event Participation

Active involvement in technical events and security communities to strengthen teamwork, knowledge sharing, and professional growth

🔍

Analytical Thinking

Data-driven mindset for identifying root causes, optimizing scripts, and improving system reliability through precise testing

🧘‍♂️

Calm Under Pressure

Maintains focus and composure when diagnosing complex issues or working under tight deadlines in security-critical scenarios

Projects

WAFPierce

Web & Cloud Pentesting

CLI & GUI WAF/CDN fingerprinting and bypass validation tool. Detects 17+ WAFs and 12+ CDNs, runs 35+ bypass techniques with baseline heuristics, outputs Markdown reports. Co-developed with Marwan Fayad.

Python
View Repo

GhostState

Cloud Security

TUI-based security and governance tool for AWS. Scans cloud infrastructure in real-time to identify "Ghost" resources (unused/shadow IT) and "Risk" assets (critical vulnerabilities), featuring a hexagonal architecture for multi-provider extensibility.

Go AWS SDK v2 Bubble Tea
View Repo

GhostWeights

Cloud Security

Specialized cloud security tool that hunts for "Shadow AI" — unauthorized AI/ML workloads running in your AWS environment.

Go AWS SDK v2
View Repo

Log_Analyzer

Security Analysis

Reads security logs to detect brute-force attempts, SQLmap-style scans, and attack patterns by IP, time, and frequency, generating statistical reports and charts.

Python JSON
View Repo

TCP_Recon_Tool

Security Analysis

CLI reconnaissance tool that probes targets, enumerates services and HTTP apps, inspects TLS, fingerprints web stacks, and emits machine-readable reports.

Python JSON
View Repo

Image-Detector-AWS

Cloud AI

Serverless image analysis system that automatically detects and labels objects in uploaded images using AWS AI services.

Lambda S3 Rekognition DynamoDB
View Repo

Apollo68KMission

Low-Level / Game Dev

Graphical moon landing simulation written entirely in Motorola 68000 Assembly, demonstrating low-level hardware control, custom rendering, and real-time physics.

Assembly 68k EASy68K
View Repo

IAM Access Control

Cloud Security

Restricts intern access so they can manage only development EC2 instances while keeping production locked down, using custom JSON policies and tag-based permissions.

AWS EC2 IAM JSON
View Repo

S3_Storage

Cloud

Async file upload tool for any S3-compatible storage using aiobotocore for high-performance parallel transfers.

Python aiobotocore
View Repo
In Progress

StudyNotes2Audio

Serverless

Serverless text-to-speech conversion system that transforms study notes into portable audio files.

Lambda Polly S3 JavaScript
View Repo

Education

Ordinary BCs Cybercrime & IT Security

September 2024 – Present • South East Technological University, Carlow

  • Graduating in August 2027.
  • Learning security scripting, networking and web security.
  • Developing skills in security automation, security analytics and hardening.

Leaving Certificate

September 2019 – May 2024 • Portlaoise College

  • Strong foundation in STEM subjects supporting cybersecurity and IT studies.
  • Active participation in technology-focused classes.

Certifications

TryHackMe

  • DevSecOps Certificate — issued May 2025.
  • Security Engineer Certificate — issued May 2025.

Digital Cloud Training

  • AWS Certified Solutions Architect – Associate Course — issued August 2025.

My learning paths, and certifications can be found on my My TryHackMe Profile .

Get In Touch

Interested in collaboration, internships, or any question? Feel free to reach out!

GitHub LinkedIn