Building Secure
Infrastructure
at Scale

Cybersecurity student • Security Engineering • Cloud Security • Security Analysis

Download CV Get in Touch

About Me

about_me.sh
Nazariy Buryak
Focus
  • Open-source security tools development
  • Security engineering & system hardening
  • Security analytics & log analysis
  • AWS infrastructure security
  • GCP security
  • Networking security & troubleshooting
  • Threat modeling & cloud hardening
$ whoami Nazariy Buryak
$ age 19 Years Old
$ role Cybersecurity Student > Security Engineering / Cloud Security / Security Analysis
$ location Portlaoise, Ireland
$ studying_at South East Technological University, Carlow
$ ecsc_2026 Training with Irish National Team as candidate for ECSC 2026 (Bochum) — ecsc2026.de

Relevant Experience

LATEST

ZeroDays CTF 2026

Dublin, Ireland · March 2026

Team Captain · Seasonal Competition

  • Competed in ZeroDays CTF 2026 at Croke Park, Dublin
  • Served as Team Captain, leading challenge strategy and coordination
  • Solved Web, Crypto, and Pwn challenges
  • Finished 5th of 71 college teams, 18th of 141 overall
  • Applied skills in vulnerability analysis, reverse engineering, and exploit development

Cohort

Carlow: September 2025 - February 2026

Cloud Infrastructure & DevOps Engineer

  • Designing and building an AWS cloud environment for an ambitious project, setting up networks, databases, certificates, caching, routing, and containerization.
  • Making the infrastructure secure and scalable to support future application growth.
  • Working on building a secure CI/CD pipeline with GitHub Actions.
  • Implementing DevSecOps analysis practices using SonarQube and supporting Dockerfile-based deployments.

Amazon Web Services

Zurich: September 2025

Summit Participant

  • Learned how to secure systems and use safety protocols for autonomous agents.
  • Studied identity security and how it connects with Kubernetes and CI/CD pipelines.
  • Helped design global network setups using AWS services.
  • Took part in CTF challenges and card games to improve cybersecurity skills and explore new attack and defense methods.

John Sisk & Sons Ltd - CP Naughton

Portlaoise: June 2025 - August 2025

General Operative

  • Worked efficiently as part of a team to meet daily targets in a fast-paced environment.
  • Managed time effectively to complete tasks under pressure and tight deadlines.
  • Maintained high productivity while handling physically demanding and repetitive work.
  • Followed instructions accurately and adapted quickly to changing priorities.
  • Supported team members to ensure smooth workflow and consistent output.
  • Maintained a strong focus on safety, quality, and attention to detail.

Technical Skills

Cloud Security

Securing cloud infrastructure across AWS, GCP and Azure at scale.

Tools & Technologies

Platforms
AWS GCP Azure Azure
Infrastructure
Terraform Docker Kubernetes
CI/CD
Jenkins Git SonarQube SonarQube
Languages
Python Go HCL

Key Focus Areas

  • AWS infrastructure security (VPC, IAM, S3, Lambda)
  • GCP security configuration & hardening
  • Container security & orchestration
  • Infrastructure as Code security scanning
  • Cloud-native CI/CD pipeline security

Security Engineering

Building, hardening and automating security tooling across systems.

Tools & Technologies

Languages
Python Go Java C JavaScript PHP Assembly 68k Assembly 68k
Operating Systems
Linux Windows macOS macOS
Databases
PostgreSQL MongoDB MySQL
Networking
Cisco Cisco Nginx

Key Focus Areas

  • Security tooling development (CLI & TUI)
  • System hardening & configuration
  • Security automation & scripting
  • Secure coding practices & code review
  • Network security & troubleshooting

SOC Analysis

Monitoring, detecting and responding to threats in real time.

Tools & Technologies

SIEM & Monitoring
Splunk Splunk Grafana Prometheus
Network Analysis & Forensics
Wireshark Wireshark Ettercap Ettercap Nmap Nmap
Defence & Response
Fail2Ban Fail2Ban Snort Snort Nessus Nessus
Scripting
Python Bash

Key Focus Areas

  • Log analysis & correlation
  • Threat detection & incident triage
  • Network traffic analysis & packet inspection
  • Intrusion detection & prevention
  • Vulnerability assessment & reporting
  • Security event monitoring & dashboarding

Penetration Testing

Offensive security — finding and exploiting vulnerabilities before attackers do.

Tools & Technologies

Exploitation
Metasploit Metasploit Hydra Hydra SQLmap SQLmap
Web App Testing
Burp Suite Burp Suite OWASP ZAP OWASP ZAP Gobuster Gobuster
Recon, Network & Forensics
Nmap Nmap Wireshark Wireshark Ettercap Ettercap Nikto Nikto
PWN & Reversing
Ghidra Ghidra radare2 radare2 Python C Assembly Assembly

Key Focus Areas

  • Vulnerability analysis & exploit development
  • Web application security testing
  • WAF/CDN fingerprinting & bypass
  • Buffer overflow & ROP chain exploitation
  • Binary reverse engineering
  • CTF competitions & challenge solving

DevSecOps & Automation

Embedding security into every stage of the development pipeline.

Tools & Technologies

CI/CD & Pipeline
Jenkins Git GitHub Actions SonarQube SonarQube
Containers
Docker Kubernetes
IaC & Scripting
Terraform Bash Python
Web & Serverless
HTML5 CSS3 JavaScript AWS Lambda Nginx

Key Focus Areas

  • Secure CI/CD pipeline design & hardening
  • Container image scanning & runtime security
  • Infrastructure as Code security linting
  • Serverless architecture & deployment automation
  • Automated security testing integration
  • GitOps workflows & secrets management

Soft Skills

💬

Effective Communication

Clear and concise communication when collaborating on security projects, writing documentation, and presenting technical findings

🎯

Problem Solving

Analytical and structured approach to troubleshooting system issues and resolving security challenges in dynamic environments

🎓

Event Participation

Active involvement in technical events and security communities to strengthen teamwork, knowledge sharing, and professional growth

🔍

Analytical Thinking

Data-driven mindset for identifying root causes, optimizing scripts, and improving system reliability through precise testing

🧘‍♂️

Calm Under Pressure

Maintains focus and composure when diagnosing complex issues or working under tight deadlines in security-critical scenarios

Leadership

Experienced in leading teams through competitive CTF events, coordinating task delegation, and driving collaborative problem-solving under pressure

Projects

WAFPierce

Web & Cloud Pentesting

CLI & GUI WAF/CDN fingerprinting and bypass validation tool. Detects 17+ WAFs and 12+ CDNs, runs 35+ bypass techniques with baseline heuristics, outputs Markdown reports. Co-developed with Marwan Fayad.

Python
View Repo

GhostState

Cloud Security

TUI-based security and governance tool for AWS. Scans cloud infrastructure in real-time to identify "Ghost" resources (unused/shadow IT) and "Risk" assets (critical vulnerabilities), featuring a hexagonal architecture for multi-provider extensibility.

Go AWS SDK v2 Bubble Tea
View Repo

GhostWeights

Cloud Security

Specialized cloud security tool that hunts for "Shadow AI" — unauthorized AI/ML workloads running in your AWS environment.

Go AWS SDK v2
View Repo

Log_Analyzer

Security Analysis

Reads security logs to detect brute-force attempts, SQLmap-style scans, and attack patterns by IP, time, and frequency, generating statistical reports and charts.

Python JSON
View Repo

TCP_Recon_Tool

Security Analysis

CLI reconnaissance tool that probes targets, enumerates services and HTTP apps, inspects TLS, fingerprints web stacks, and emits machine-readable reports.

Python JSON
View Repo

Image-Detector-AWS

Cloud AI

Serverless image analysis system that automatically detects and labels objects in uploaded images using AWS AI services.

Lambda S3 Rekognition DynamoDB
View Repo

Apollo68KMission

Low-Level / Game Dev

Graphical moon landing simulation written entirely in Motorola 68000 Assembly, demonstrating low-level hardware control, custom rendering, and real-time physics.

Assembly 68k EASy68K
View Repo

IAM Access Control

Cloud Security

Restricts intern access so they can manage only development EC2 instances while keeping production locked down, using custom JSON policies and tag-based permissions.

AWS EC2 IAM JSON
View Repo

S3_Storage

Cloud

Async file upload tool for any S3-compatible storage using aiobotocore for high-performance parallel transfers.

Python aiobotocore
View Repo

StudyNotes2Audio

Serverless

Serverless text-to-speech conversion system that transforms study notes into portable audio files.

Lambda Polly S3 JavaScript
View Repo

Education

Ordinary BCs Cybercrime & IT Security

September 2024 – Present • South East Technological University, Carlow

  • Graduating in August 2027.
  • Learning security scripting, networking and web security.
  • Developing skills in security automation, security analytics and hardening.

Leaving Certificate

September 2019 – May 2024 • Portlaoise College

  • Strong foundation in STEM subjects supporting cybersecurity and IT studies.
  • Active participation in technology-focused classes.

Certifications

Certified Cloud Security Practitioner – AWS

The SecOps Group

Issued Apr 2026  ·  ID: 11259385

Show Credential

Certificate of Achievement – ZeroDaysCTF2026

ZeroDays CTF

Issued Mar 2026

Show Credential

AWS Certified Solutions Architect Associate (SAA-C03) Course

Digital Cloud Training

Issued Aug 2025  ·  ID: UC-602ac19c-f37e-43a9-8183-a84867259aa2

Show Credential

DevSecOps Certificate

TryHackMe

Issued May 2025  ·  ID: THM-7HI3DE8FL3

Show Credential

Security Engineer Certificate

TryHackMe

Issued May 2025  ·  ID: THM-7GOQ6DGTCF

Show Credential

Cyber Security 101 Certificate

TryHackMe

Issued Mar 2025  ·  ID: THM-IBB6FON8LC

Show Credential

Get In Touch

$ ssh nazariy@portfolio

Interested in collaboration, internships, or have a question? My inbox is always open.

Available for opportunities

GitHub LinkedIn TryHackMe