Available for roles · Sydney, AU

Jihun Baek

Cyber Security Analyst

AWS Certified Solutions Architect – Professional with hands-on experience in cloud infrastructure hardening, penetration testing, and CTF challenge engineering. I combine an offensive security mindset with practical systems administration.

Certifications
AWS Solutions Architect – Professional
Feb 2025
AWS Solutions Architect – Associate
Jan 2025
Jihun Baek
01

Core Competencies

Offensive Security
Burp Suite Metasploit OWASP Top 10 Pentest Reporting
Defensive / Monitoring
Splunk Wireshark AWS GuardDuty AWS WAF SIEM & Log Analysis
Cloud & Infrastructure
AWS (SAP-level) Docker Active Directory SPF/DKIM/DMARC Railway Vercel Jira
Development
Python FastAPI Supabase PostgreSQL scikit-learn SQL Bash
02

Work Experience

Nov 2025 – Present
Gomaps Trading
Junior IT Systems Administrator
  • Manage network and cloud infrastructure; enforce access control via Active Directory Group Policies, monitor B2B site traffic and audit access patterns via OCI Logging, and handle L1/L2 Jira ticket support.
  • Architected cloud email delivery infrastructure (cut costs 15%) and hardened domains with SPF/DKIM/DMARC; contributed to secure development of company's B2B commercial web platform.
Feb – Oct 2025
KnockOn
Challenge Developer & Technical Mentor
  • Engineered 10+ CTF challenges on real-world CVEs (OWASP Top 10, privilege escalation, SSRF) for 3 cohorts — 73% avg solve rate.
  • Mentored trainees weekly on web exploitation, network traffic analysis, and vulnerability remediation.
03

Projects

CyberShield — Web Security SaaS Platform
Jan – Jun 2026

Production SaaS that scans websites for ~60 security vulnerabilities across SSL/TLS, HTTP headers, email auth (SPF/DKIM/DMARC), open ports, malware reputation, and source code flaws. Built with FastAPI on Railway, Supabase PostgreSQL + Auth, and Vercel. Parallel async scan engine returns results in 5–15 seconds; real-time dashboard via Supabase WebSocket; 3 subscription tiers (Free / Plus $19 / Max $49).

Python FastAPI Supabase Railway Vercel SSL/TLS DMARC Port Scanning Code Analysis
Hack MAC 2025 — CTF Challenge Development & Infrastructure
Jul – Oct 2025

Co-engineered 38 CTF challenges (web, crypto, forensics, OSINT, rev eng) for a Macquarie University competition across 3 academic levels. Containerised web challenges with Docker; wrote Python tooling to auto-generate JSON/Markdown inventories tracking paths, categories, difficulty, and deployment status.

Python Docker Web Security OSINT Rev Eng Cryptography
Penetration Test — LAMP Bulletin Board System
Jan – Feb 2025

Black-box pentest of a self-built LAMP web app. Identified 11 vulnerabilities including critical RCE via file upload, SQLi auth bypass, stored XSS, IDOR, and session fixation. Delivered a structured report with CVSS-style ratings, PoC steps, and patched code for each finding.

Critical: RCE · SQLi Bypass High: XSS · IDOR · Session Fixation
Burp Suite OWASP Top 10 SQLi XSS RCE IDOR
AI-Based Network Attack Classifier
Nov – Dec 2024

Multi-class ML classifier on 220,000 network payloads — detects Brute Force, SQL Injection, XSS, and System Command Execution. Engineered 9 features via attack-tool signature analysis (hydra → Brute Force, sqlmap → SQLi). Random Forest achieved 92.6% accuracy; Brute Force F1: 0.99, SQL Injection F1: 0.93.

Python scikit-learn XGBoost Pandas Network Log Analysis Feature Engineering
04

Education

2024 – 2025
Macquarie University
Major in Cyber Security
2021 – 2022
Handong Global University
Major in Computer Science