Isaac Shin

Cloud Infra. & Security Engineer

Cybersecurity student @ DePaul University with a passion for security solutions.

Projects

Mock Penetration Test / Capture the Flag

Nov 2025

• Conducted a penetration test with a black-box approach against 4 target hosts, identifying 7 critical vulnerabilities including remote code execution, weak authentication, unpatched services, and Docker containerization escape
• Performed reconnaissance and enumeration using Nmap, Dirb, and web analysis tools to identify vulnerable services, exposed directories, and permission misconfigurations, mapping attack-surface accuracy to 92%
• Executed exploitation workflows using Metasploit and privilege escalation techniques, achieving SYSTEM/root access on all targets and demonstrating 100% full-scope compromise across the environment
• Authored a comprehensive penetration testing report, documenting procedures, MITRE ATT&CK IDs, risk ratings, and remediation steps, improving threat visibility of high-risk vulnerabilities by 95%

Linux Windows Metasploit

Network Security Design

Nov 2025

• Designed a secure enterprise network architecture, applying OSI and TCP/IP models to segment traffic using a dual-path dual-layer firewall design, reducing attack surface exposure while supporting 200+ internal endpoints
• Engineered IP addressing and subnetting schemes using CIDR, mapping Layer-3 routing paths with static routes across routers, firewalls, and switches, ensuring 100% accessibility across all network segments
• Configured inbound and outbound NAT/PAT workflows through static port-forwarding and dynamic PAT, translating private addresses to public IPs and enabling secure Internet access with only 2 ISP-assigned addresses
• Developed least-privilege firewall rule sets for TCP services including HTTPS, RDP, LDAP, and PostgreSQL, blocking 100% of unauthorized traffic via implicit deny rules and preventing lateral movement between subnets

Cisco Packet Tracer DPDL Architecture Network Segmentation

AWS Cloud Resume

Aug 2025 - Oct 2025

• Configured IAM roles to enforce least-privilege access and controlled execution of AWS services, enhancing security posture and reducing risk of unauthorized access by 40%
• Developed a static portfolio website using S3, CloudFront, and Route 53, providing HTTPS encrypted access through global distribution, achieving 70% lower latency for global users
• Implemented a serverless backend using DynamoDB, REST API Gateway, and Lambda with Python and JavaScript, enabling real-time site analytics with low-latency application
• Automated infrastructure provisioning and full-stack deployments using Terraform and GitHub Actions CI/CD pipelines, reducing deployment time from ~60 minutes to under 1 minute (≈98% improvement)

Terraform Python JavaScript

Experience

2019 — 2025

Security Engineer

West Corner

• Performed OSINT while seeding decoy scripts on exploit forums that routed directly to honeypots, logging 100+ non-PII user data instances for ban waves and attacker profiling
• Conducted ethical hacking and white-hat security testing using custom scripts, DLL injection analysis, and popular exploit frameworks, reducing exploit recurrence by 95%
• Reviewed 3,000+ automated detection events via Webhook integrations through Python scripts while prioritizing critical incidents for human review, improving threat visibility by 98%
• Led a 7-member development team to patch 8+ high-severity zero-day exploits within 10-30 minutes of discovery, preventing financial loss while maintaining functional gameplay/economy

Skills

Programming Languages

Python Java JavaScript SQL Lua HTML/CSS

Developer Tools & Platforms

Linux Git/GitHub AWS Terraform Metasploit Wireshark VMWare Packet Tracer Microsoft Office

Core Competencies

IaC IAM CI/CD GRC SecOps/DevOps Network Security Information Security Cloud Infrastructure Security Testing & Assessment

Soft Skills

Leadership Technical Communication Team Collaboration Problem Solving Attention to Detail Time Management