's Portfolio

Cyber Security Specialist | Network Engineer | penetration tester| Django Developer.

Highly skilled Senior Cybersecurity Engineer and IT Systems Administrator with over 6 years of hands-on experience across cybersecurity operations, IT infrastructure management, incident response, and network security. Expertise in leading security operations, penetration testing, vulnerability assessments, threat intelligence, and compliance audits.

Proficient in managing SIEM tools such as Splunk, Azure Sentinel, and ELK Stack, and utilizing network security solutions like Cisco Firewalls, IDS/IPS, and VPNs. Experienced in securing cloud environments (AWS, Azure, GCP) and implementing security controls across corporate networks. Demonstrated ability to reduce security risks, manage incidents effectively, and mentor junior engineers.

In addition to cybersecurity and systems administration, I have solid experience in web development, specializing in building secure, scalable applications using the Django framework. I leverage my background in security to ensure robust application architecture, secure coding practices, and effective deployment strategies.

Certified in CompTIA Security+, Cyber security and CCNA, with a strong background in ITIL and a comprehensive understanding of Windows, Linux, and VMware administration.

johnusiabulu@cipherknights.com +44 7459 107834 Website

Skills & Expertise

Cybersecurity & Threat Mitigation Expert

Proficient in implementing and managing robust cybersecurity measures across IT environments. Skilled in identifying vulnerabilities, enforcing access controls, and applying security best practices to protect systems and data. Experienced in aligning cybersecurity strategies with frameworks such as ISO 27001 and NIST, ensuring resilience against evolving threats.

Networking & Infrastructure Management Advanced

Strong background in configuring, maintaining, and troubleshooting network infrastructures including LAN, WAN, and wireless networks. Adept at managing firewalls, VPNs, and network monitoring tools to ensure optimal performance, security, and reliability of enterprise networks.

Cloud Security & Administration Advanced

Skilled in managing and securing cloud-based environments, including AWS and Microsoft Azure. Experienced in configuring cloud resources, implementing identity and access management (IAM), and applying security policies to protect data and applications hosted in the cloud.

Web Application Development & Secure Hosting Expert

Proficient in full-stack web application development using Django and MySQL. Skilled in deploying secure web applications with an emphasis on backend security, server hardening, and secure hosting practices. Experienced in managing web servers and applying SSL, firewall, and access controls to safeguard digital assets.

IT Support & Technical Troubleshooting Advanced

Versatile in delivering comprehensive IT support across hardware, software, and network systems. Capable of resolving issues from 1st to 3rd line support levels in both Windows and macOS environments. Focused on minimizing downtime and enhancing user satisfaction through prompt and effective solutions.

Communication & Collaboration Expert

Strong interpersonal and communication skills with the ability to convey complex technical concepts to non-technical stakeholders. Experienced in working collaboratively within cross-functional teams, leading meetings, and providing clear documentation to support project goals and business objectives.

Work Experience

Software Testing and Penetration Testing Consultant

Free UK Genealogy • Astley, Manchester

Jul 2024 - Present

• Application Security Testing: Conducted black-box and white-box penetration tests on web applications and APIs, identifying critical vulnerabilities including SQL injection, XSS, and insecure authentication mechanisms. Delivered detailed remediation plans that reduced high-risk vulnerabilities by over 85%.

• Secure Software Development Lifecycle (SSDLC): Collaborated with development teams to integrate security best practices within the CI/CD pipeline using tools like OWASP ZAP, Burp Suite, and SonarQube. Automated testing processes led to a 40% decrease in security bugs found in staging environments.

• Vulnerability Assessment & Management: Led bi-weekly vulnerability scans using Nessus and OpenVAS, triaged and documented over 120 findings, and ensured timely remediation through JIRA ticketing and agile sprint planning. Maintained a 98% SLA compliance rate for critical vulnerabilities.

• Source Code Review: Performed static and dynamic code analysis across multiple repositories written in Python, JavaScript, and PHP. Identified insecure coding patterns, reducing the surface area for exploits in production code.

• Penetration Testing Reports & Stakeholder Communication: Created executive-level and technical penetration test reports aligned with NIST and OWASP methodologies. Conducted walkthroughs with cross-functional stakeholders, improving understanding of security gaps and prioritization strategies.

• Threat Modeling & Risk Assessment: Facilitated STRIDE-based threat modeling sessions with product owners and developers. Contributed to the organization's threat landscape analysis, influencing key architectural decisions for upcoming releases.

• Cloud Security Testing: Assessed security configurations of AWS-hosted environments, including S3 bucket permissions, IAM role policies, and EC2 security group rules. Delivered hardening recommendations that enhanced the cloud posture score by 30%.

• Automation & Scripting: Developed custom Python scripts for test case automation, log analysis, and simulated attack scenarios. This improved test efficiency and reduced manual testing overhead by 50%.

• Tooling & Frameworks: Proficient in using security and QA tools including Metasploit, Kali Linux, Burp Suite Pro, OWASP ZAP, Nikto, Postman, JUnit, Selenium, and GitHub Actions for automated testing workflows.

• Cross-Functional Collaboration: Actively engaged with development, operations, and compliance teams to align security findings with business impact. Supported training sessions on secure coding and test-driven development, improving developer participation in secure SDLC initiatives.

Web Developer

UVC Legal • UVC Legal

Jun 2024 - Dec 2024

• Full-Stack Web Development: Designed, developed, and maintained secure and scalable web applications using Django (Python) for backend and HTML, CSS, and JavaScript for frontend. Delivered feature-rich, data-driven portals supporting internal legal workflows and document automation.

• Backend Architecture & API Development: Built RESTful APIs using Django REST Framework to enable seamless communication between front-end interfaces and backend services. Employed model-driven architecture with PostgreSQL for data persistence, enabling efficient querying and robust schema design.

• Cloud Hosting & Deployment: Deployed and maintained production-ready applications on AWS EC2 and Heroku, implementing CI/CD pipelines to streamline updates. Configured EC2 instances with Nginx and Gunicorn for optimized performance and scalability, while leveraging Heroku’s add-ons for rapid prototyping and staging environments.

• Security Best Practices: Integrated security best practices across the development lifecycle including secure authentication (OAuth2, JWT), CSRF protection, input sanitization, and rate limiting. Performed periodic code audits and incorporated tools like Bandit and Django Security Middleware to prevent OWASP Top 10 vulnerabilities.

• Database Management & Optimization: Managed PostgreSQL databases, implemented indexing strategies, and wrote optimized queries to ensure high performance and data integrity. Used Django’s ORM and raw SQL where necessary for complex query logic and reporting features.

• Testing & QA Automation: Created unit and integration tests using Pytest and Django’s built-in testing tools. Maintained 90%+ code coverage, ensuring application stability and reducing production bugs by over 40%.

• User Interface Development: Developed responsive and accessible UI components using Bootstrap and vanilla JavaScript. Collaborated with UX designers to ensure alignment with branding and usability guidelines for legal professionals.

• DevOps & Monitoring: Monitored app performance and availability using tools like AWS CloudWatch and Heroku Metrics. Automated backups, log rotation, and error alerting systems to maintain service continuity and facilitate incident response.

• Version Control & Collaboration: Utilized GitHub for version control and code review, contributing to a clean, modular, and well-documented codebase. Participated in Agile sprint planning and feature estimation using tools like Trello and GitHub Projects.

• Client-Facing Communication: Worked closely with legal consultants and administrative staff to gather requirements, conduct user acceptance testing (UAT), and deliver user-focused solutions. Provided technical training and post-deployment support to non-technical stakeholders.

3rd Line Support Engineer

Centre for Policy and Development Advocacy • Nottingham, UK

Oct 2022 - Jun 2024

• Advanced Technical Support & Troubleshooting: Provided 3rd line technical support for end-users and internal teams, resolving complex hardware, software, and networking issues. Reduced average ticket resolution time by 35% through root cause analysis and proactive issue management.

• Infrastructure Maintenance & Upgrades: Administered and maintained Windows Server environments, Active Directory, and group policies. Led successful migration projects including server upgrades and domain restructuring, improving system performance and reliability.

• Security & Compliance Support: Assisted in endpoint security hardening and compliance monitoring by configuring antivirus, firewalls, and patch management across user devices. Collaborated with IT and compliance teams to enforce data protection policies and GDPR requirements.

• Cloud Services & Virtualization: Managed cloud-based infrastructure including Microsoft 365, Azure AD, and remote desktop services. Supported virtualization efforts using Hyper-V and VMware, ensuring high availability and disaster recovery readiness.

• Monitoring & Incident Response: Implemented system monitoring tools such as Nagios and SolarWinds to detect and respond to incidents in real time. Authored incident reports and post-mortem analyses to enhance IT resilience and service uptime.

• User Access & Identity Management: Oversaw user provisioning, access control, and role-based permissions across internal systems. Streamlined onboarding/offboarding processes, reducing provisioning time by 40%.

• Scripting & Automation: Wrote and maintained PowerShell scripts to automate repetitive tasks including user management, system backups, and log collection, increasing operational efficiency and minimizing human error.

• Documentation & Knowledge Sharing: Maintained technical documentation, knowledge base articles, and standard operating procedures. Conducted training sessions for helpdesk and junior IT staff, fostering knowledge transfer and improved ticket escalation handling.

• Project Support & Cross-Team Collaboration: Contributed to IT infrastructure improvement projects, liaising with cross-functional teams including operations, policy research, and data analysis. Ensured technical alignment with organizational goals.

• Tooling & Environments: Proficient in using tools and technologies such as Windows Server, Active Directory, Office 365, Exchange, Azure, PowerShell, Hyper-V, VMware, SCCM, and ServiceNow for enterprise IT support and administration.

Education

BSc

De Montfort University

Cyber Security

Oct 2021 - Jun 2024

• Design and implement cybersecurity strategies, including incident response plans, network security configurations, and vulnerability management systems.

HND

Auchi Polytechnic Auchi

Polymer Technology

Dec 2012 - Nov 2016

• Develop automated security scripts (Python, PowerShell) for regular vulnerability scans and reporting.

Certifications

Comptia S+

Comptia

Issued: Jan 2025

ID: 736812987

Details about your certification will appear here.

Verify Credential

CCNA

Cisco

Issued: Mar 2024

ID: 736812987

Include the full official name of the certification Provide a verification URL if available Mention any relevant skills or technologies

Verify Credential

References

Esther

Uwa at cipher knights

cipherknights.test@gmail.com

09876544432

"He is a good Person, I have known him for over 10 years, I will like to recommend him for the job."

Friend

Featured Projects

DDOS attack detection and mitigation

OpenFlow SDN with Ryu Controller Integrated with Snort (Using GNS3 Environment)

Ryu Controller GNS3 Snort OPenflow Wireshark

View Details

About the Project

Objective

This project demonstrates the integration of OpenFlow SDN using the Ryu controller with Snort, a network intrusion detection system (NIDS), for mitigating Distributed Denial of Service (DDoS) attacks in a network environment. The project uses GNS3 to simulate the network topology and Ubuntu Server to host the Ryu controller and Snort NIDS. The goal is to showcase how SDN can dynamically detect and mitigate various types of network attacks, including ICMP, TCP, and UDP floods, using Ryu’s flow management and Snort’s attack detection capabilities.

Skills Learned

Understanding of OpenFlow and SDN architecture.
Configuring Ryu controller and integrating it with OpenFlow-enabled devices.
Installing and configuring Snort as an Intrusion Detection System.
Using GNS3 for creating and managing network simulations.
Implementing dynamic network traffic control for DDoS mitigation.
Working with network mirroring and monitoring traffic for attack detection.

Tools Used

GNS3: For simulating the network topology with Cisco switches, routers, and virtual machines.
Ryu Controller: For managing SDN flow tables and traffic routing.
OpenvSwitch (OVS): For creating virtual switches and mirroring traffic to Snort.
Snort: Network Intrusion Detection System (NIDS) used for detecting and alerting on DDoS attacks.
Ubuntu Server: Hosting the Ryu controller, Snort, and other necessary components.
Hping3: For simulating DDoS attacks in the network.

Steps

1. GNS3 Topology Setup

The GNS3 workspace was populated with the following devices:

Four Cisco switches for the core network switches.
One Cisco router for routing between networks.
Ten host PCs connected to the switches for testing traffic generation.
One OpenvSwitch (OVS) integrated into the topology to work with the Ryu controller.
Ryu Controller running on an Ubuntu server, responsible for managing traffic and flows.
Snort IDS installed on the Ubuntu server to monitor and analyze network traffic.

2. Configuring OpenvSwitch (OVS)

OpenvSwitch (OVS) was installed on the Ubuntu server and configured to act as the central switch in the SDN network. To enable OVS and establish communication with the Ryu controller, the following commands were used:

# Install OVS sudo apt install openvswitch-switch

# Start OVS service sudo service openvswitch-switch start

# Create a bridge and add the interface sudo ovs-vsctl add-br br0 sudo ovs-vsctl add-port br0 eth0

# Set up traffic mirroring for Snort ovs-vsctl -- --id=@p get port br0 -- --id=@mirror create mirror name=snort-mirror select-all=true output-port=@p -- -- set Bridge br0 mirrors=@mirror

# Link OVS to the Ryu controller sudo ovs-vsctl set-controller br0 tcp:192.168.234.236:6633

3. Ryu Controller Setup

Ryu was installed on the Ubuntu server using the following commands:

# Install necessary packages sudo apt update sudo apt install python3 python3-pip xterm iperf hping3 net-tools wireshark apache2-utils curl

# Install Ryu sudo pip3 install ryu

# Verify installation ryu-manager --version

# Run Ryu application ryu-manager ryu-app.py

4. Snort Installation and Configuration

Snort was installed and configured as follows:

# Install Snort sudo apt-get update sudo apt-get install snort

# Configure Snort to monitor traffic sudo snort -A console -c /etc/snort/snort.conf -i eth0

5. DDoS Attack Simulation with Hping3

To simulate DDoS attacks, the following commands were used:

ICMP Flood

hping3 --icmp --flood --rand-source <destination_ip>

TCP Flood

hping3 --flood -S --rand-source -p 80 <destination_ip>

UDP Flood

hping3 --udp --flood --rand-source -p 161 <destination_ip>

6. Integration of Ryu and Snort for DDoS Mitigation

Network Setup: Ryu controller and Snort are configured to work together on the same server.
Traffic Mirroring: OVS mirrors all network traffic to Snort for inspection.
Attack Detection: Snort analyzes the incoming traffic for known attack patterns (ICMP, TCP, UDP floods).
Alert Generation: Upon detection, Snort generates an alert and sends it to the Ryu controller.
Dynamic Flow Modification: Ryu receives the alert and modifies the network flow table to mitigate the attack by blocking or rerouting malicious packets.

7. Experiment Results

Various types of DDoS attacks were simulated. The integration of Snort and Ryu provided an effective mitigation strategy. Dynamic flow control enabled the SDN network to detect and block malicious traffic in real-time, ensuring the availability and security of the network.

Conclusion

This project showcases how OpenFlow SDN and Ryu controller, when integrated with Snort IDS, can effectively mitigate DDoS attacks. By dynamically adjusting traffic flows based on attack detection, the system can prevent network disruptions and maintain service continuity.

For any questions or further assistance for the python code, please contact me - 📧 Email: johnusiabulu@cipherknights.com .

Wireshark analysis in the network during DDOS attacks.

Wireshark analysis in the network after DDOS attacks mitigated.

Technologies Used

Ryu Controller GNS3 Snort OPenflow Wireshark

Computer-Forensic-Investigation-Project.

This project is a fictional case created for demonstration purposes. It is not related to any real-life events or inves…

FTK Tool FTK Imager Autopsy Write Blocker John The Ripper

View Details

About the Project

Objective

The objective of this forensic investigation was to thoroughly examine digital evidence related to a criminal activity involving arson and fraud. The investigation focused on acquiring and analyzing data from multiple sources, including mobile phones, solid-state drives (SSDs), and USB sticks. This case aimed to uncover evidence that could help establish the involvement of individuals in planning and executing a fire at a storage facility, resulting in a fatality and an insurance fraud scheme.

This investigation was conducted in strict compliance with the Association of Chief Police Officers (ACPO) guidelines, ensuring proper evidence handling and integrity throughout the process.

Skills Learned

Forensic Data Acquisition: Gained hands-on experience in acquiring data from various digital devices using industry-standard forensic tools.
Digital Evidence Analysis: Developed proficiency in using forensic tools like FTK Imager and Autopsy to analyze file structures, recover deleted files, and identify crucial digital evidence.
Password Cracking: Enhanced skills in password recovery techniques using tools like John the Ripper to decrypt encrypted files.
Cryptographic Analysis: Applied knowledge of encryption and hashing algorithms to validate the integrity of evidence and uncover hidden data.
Chain of Custody Management: Gained experience in maintaining the integrity of evidence by following strict procedures for data acquisition and handling.

Tools Used

FTK Imager: A tool used for creating bit-for-bit forensic images of storage devices.
Autopsy: Open-source software for analyzing forensic images, recovering deleted files, and examining file metadata.
John the Ripper: A password cracking tool used to decrypt encrypted Word documents.
Write Blocker: A hardware tool used to prevent accidental modification of evidence during the acquisition process.
Kali Linux: A Linux distribution used for forensic investigations, particularly for running John the Ripper.

Steps

1. Crime Scene Visit

Objective: To secure the crime scene, identify potential evidence, and document the environment for analysis while adhering to ACPO guidelines.

Documenting the Scene:
- Photographed and recorded the layout of the crime scene, focusing on areas of interest, including the storage facility, suspect's workstation, and any devices or storage media found.
- Collected physical evidence, including mobile phones, an SSD, a USB stick, and handwritten notes, following strict evidence handling protocols.
Tagging Evidence:
- Each piece of evidence was assigned a unique identifier and placed in evidence bags with tamper-proof seals.
- A detailed log was created, noting the date, time, location, and description of each item collected.
Transporting Evidence:
- The collected evidence was securely transported to the forensic lab while maintaining a proper chain of custody to prevent contamination or tampering.

2. Data Acquisition

Objective: To acquire data from the SSD and USB stick while ensuring data integrity using FTK Imager and write blockers.

Acquiring Data from the SSD:
- Attached the SSD to the write blocker to prevent data modification during the acquisition.
- Connected the SSD to the computer and used FTK Imager to create a bit-for-bit image of the drive.
- The forensic image was saved in the E01 format and hash values (MD5, SHA-1) were generated to verify data integrity.
Acquiring Data from the USB Stick:
- Similar procedure was followed for the USB stick using FTK Imager.
- A forensic image of the USB drive was created and stored in a separate folder with appropriate hash values to verify its integrity.

3. Data Analysis

Objective: To analyze the forensic images from the SSD and USB stick using Autopsy and recover relevant evidence.

Loading Forensic Images into Autopsy:
- Opened Autopsy on the analysis workstation and created a new case for the investigation.
- Added the forensic image files (E01) of the SSD and USB stick as data sources in Autopsy.
Examination of SSD Files:
- After ingestion, Autopsy was used to browse the file system on the SSD. I found several relevant files in the "Bad Items" folder.
- Notably, Word documents named Skype.exe, Order.docx, Task.docx, and Rob.docx were discovered, all of which were encrypted with passwords.
Examination of USB Stick Files:
- Similar analysis was conducted on the USB stick, where encrypted documents were found in the "Bad Items" folder.
- These documents contained valuable evidence linking the suspects to the crime, including plans to carry out the arson.

4. Decrypting Encrypted Files

Objective: To decrypt the encrypted Word documents found on the SSD and USB drive.

Using John the Ripper for Password Cracking:
- The encrypted Word documents (Skype.exe, Order.docx, Task.docx, Rob.docx) were extracted and stored in a folder on Kali Linux.
- John the Ripper was set up on a Kali Linux virtual machine to perform brute-force password cracking on the documents.
Cracking the Passwords:
- Using a wordlist (rockyou.txt), John the Ripper attempted to brute-force the passwords for the encrypted documents.
- The process revealed the passwords, allowing access to the content of the documents, which contained critical communications and instructions for executing the crime.

5. Investigating Evidence

Objective: To analyze the decrypted documents and identify key evidence linking the suspects to the crime.

Content Analysis of Rob.docx:
- The document revealed instructions to turn off safety measures and spill fuel in the storage facility, which was part of the plan to set it on fire.
Corroborating Evidence from the SSD:
- The analysis of the SSD's email folder revealed communication between the suspects, confirming the planning of the arson and fraud.

6. Reporting and Chain of Custody

Objective: To compile findings into a forensic report while ensuring the integrity of the evidence.

Creating the Final Report:
- A detailed forensic report was generated, summarizing the findings from the SSD, USB stick, and decrypted documents.
- All evidence was securely stored, and the chain of custody was meticulously documented to ensure the integrity of the evidence.

Conclusion

This forensic investigation successfully uncovered crucial evidence linking the suspects to the arson and fraud scheme. The skills and tools learned during this project can be applied to similar investigations and are valuable for anyone pursuing a career in digital forensics.

Technologies Used

FTK Tool FTK Imager Autopsy Write Blocker John The Ripper

Prousse Fashion

E-Commerce Website for African Traditional Clothing

Django JS CSS HTML

View Details

About the Project

Client: Prousse Fashion
Location: United Kingdom
Industry: Fashion / E-Commerce

Prousse Fashion is a UK-based company specializing in African traditional clothing. They needed a modern, user-friendly e-commerce platform to connect with a global audience and showcase their vibrant, culturally rich fashion line.

I designed and developed a fully responsive e-commerce website tailored to their brand, offering a seamless and intuitive shopping experience. The site includes dynamic product listings, secure payment integration, and mobile optimization to ensure accessibility for all users.

In addition to development, I implemented SEO best practices to optimize the site for niche keywords related to African fashion. This resulted in increased search visibility, more organic traffic, and a stronger presence in a highly competitive market.

Key Highlights:

Custom-built e-commerce platform with an easy-to-manage product inventory
Mobile-friendly design, ensuring accessibility across all devices
SEO optimization targeting African fashion keywords
Improved organic search rankings and increased online visibility
Ongoing maintenance and updates for security and inventory management

This project helped elevate Prousse Fashion’s online presence, drive sales, and build brand recognition on a global scale.

Technologies Used

Django JS CSS HTML

View All Projects

Latest Blog Posts

The Secret to a High-Converting Website? Strategy + Design + Performance

April 21, 2025

A website isn’t just about looking good—it needs to convert. At Cipher Pixel, we approach web development from a strategic angle. Every line of code and pixel on screen is …

0 1

Top 5 Cybersecurity Practices Every Business Should Implement Today

April 21, 2025

Cybersecurity isn’t just an IT issue—it’s a business imperative. Here are five best practices every organization should implement immediately to reduce risk:

0 89

View All Blog Posts

Get In Touch

Contact Information

Send a Message

Leave this field blank

Your Name

Your Email

Subject

Message