My public projects
- A Complete OpenSSL Certificate Authority - two-layer CA (Root, DV TLS, Personal), private keys on HSM (PKCS#11), OCSP, encrypted key backup
- rtsp-timelapse - Shell script-based routine that takes full-resolution snapshots from IP cam RTSP stream and periodically creates a HEVC timelapse video using FFmpeg.
- webcam-snapshot - Shell script-based routine that takes unique snapshots from live JPEG images published on the Web.
- [CZ] Školní Burza / Online Book Swap - projekt z gymnázia / a grammar school project
- [CZ] Společenská hra Aktivity pro počítač / Aktivity board game for a computer
Miscellaneous
Skills & experience
- Programming & scripting:
- C / C++ - POSIX, STM32, Microchip PIC16,18
- C# - .NET Core, .NET Framework (services & Windows Forms)
- Go - gorm, Fiber (Web API backend)
- Python - scripting, numpy, scikit-learn, Tensorflow (basic anomaly detection, image classification), Django (basic experience)
- JavaScript - basic frontend scripting (fetch API)
- Shell - bash, ksh, PowerShell
- Rust - Actix, Diesel (Web API backend)
- R language, RStudio (basic experience)
- PHP - low complexity projects
- HTML, CSS - basic responsive web design
- LaTeX - writing software documentation
- Operating systems: OpenBSD, FreeBSD, Linux (Debian-like, Alpine, RHEL, Armbian, Gentoo)
- Server technologies: Proxmox, VMware ESXi, Synology, Nakivo
- Services:
- VPN: Wireguard, OpenVPN
- Database: PostgreSQL, MariaDB, Redis, InfluxDB, Prometheus
- Nginx, OpenBSD's httpd / relayd
- FreeRADIUS (complex setup of EAP-TLS, TTLS, PEAP-MSCHAPv2 and RADIUS assigned VLAN)
- DNS: NSD, Unbound, BIND
- Mailserver: OpenSMTPD + Dovecot + Rspamd + Roundcube
- Monitoring & alerting: Prometheus + Grafana
- Gitea, Authelia, Jitsi, CUPS, Asterisk (basic knowledge)
- Firewall: pf, nftables, iptables, MikroTik
- Cybersecurity: tcpdump, Wireshark, nmap, Cowrie, OpenSSL - encrypting, decrypting arbitrary data symmetrically / asymmetrically, X.509
- Software testing: designing test scenarios (pairwise input, unit, path-based, integration), GitLab CI/CD, Playwright (basic school experience)
- ILP, optimization: Gurobi (basic school experience)
-
Miscellaneous:
- ffmpeg - reencode, split, concat, H.264, H.265, rtsp stream processing
-
Work experience:
- 2024: Responsible for complete ISO 27001 implementation from both technical and administrative scope, namely IT security measures design & implementation, documentation development, employee training, internal & external audit in a small company.
- 2023-24: implementing custom .NET Core high-level language & compiler for automated label graphics generation
- 2023-current: designed & maintaining multifunctional, multi-WAN OpenBSD gateway, firewall & proxy
- 2023-current: designed, established, and maintaining complex private Certification authority (ECC) in a small company
- 2023: Cybersecurity manager course (provided by Seminaria.cz)
- 2022: implemented custom async IP printer driver in .NET Core
- 2022: implemented custom .NET TCP/IP dynamic library + IP peripheral driver for AVEVA System Platform
- 2019-current: IT administrator (BSD, Linux, MSAD), security architect in small indrustry IT company
- 2019-current: maintaining .NET Windows Forms application for output quality assurance, interacting with multiple peripherals
- 2019-20: introduced UNIX-like & open source technologies to small Industry IT company
- 2016-current: developed (PHP) & running an online book swap for my grammar school
- 2016-18: guided programming course at a grammar school
Languages
- Czech (native speaker)
- English (B2)
- French (B1)