Om Shah

Cybersecurity student & automation engineer

om@uts:~

$ whoami

om_shah

$ cat skills.txt

[+] Network Scanning

[+] Python Automation

[+] Web App Testing

[+] Vulnerability Assessment

Scroll Down

01. About Me

At a glance

UTS cybersecurity student with 3+ years in quality assurance, automation, and scripting.

I build Python and API-driven tooling for security checks and workflow automation.

Delivered 35% faster case handling by replacing manual steps with repeatable systems.

Focused on misconfigurations, attack surface reduction, and practical security tooling.

Python, APIs, Automation, Security Tooling

35% 35% faster case handling

3+ years quality assurance + automation

2026 UTS graduation

My professional journey

02. Experience

Automation Engineer

Migrate Zone

Jul 2023 to present · Part-time · Dec 2024 to present in current role

Merged financial audit checks into one workflow, cutting duplicate checks and manual cross-referencing.
Co-led modular automations for file naming, risk flagging, and routing; cut average case time from ~8h to ~5.3h (~35%).
Built a prefill tool mapping validated case data into Excel lodgement templates, speeding prep and reducing repeat checks.
Built a lightweight scraper for policy update pages, replacing repeated manual checks.

03. Featured Projects

Major project

Sentinel: Automated Network Security Scanner

Sentinel is a Python-based network security tool developed as a major independent project at UTS. It scans networks, identifies devices and services, and checks them against the NVD vulnerability database. It maps results to software identifiers and known CVEs, then groups findings by asset and priority to highlight the highest-risk issues and how to verify them.

Python
Nmap / NSE
NVD CVE
JSON

Production

Immigration Case Workflow Automation Toolkit

A team-built automation toolkit used at Migrate Zone to process immigration case files. Staff upload documents and the tool merges them into a single PDF, reads and extracts the text automatically (using OCR, text recognition technology), and checks that every required document is present based on the specific visa type. Missing or outdated items are flagged, and the results are bundled into summary reports and review-ready PDF packages for the team.

Python
Adobe PDF Services
OCR
JSON

Production

Document Completeness Check & Form Pre-fill Tool

A Migrate Zone automation tool that reads uploaded case documents, flags anything missing or out of date, and automatically pre-fills the relevant Excel forms with verified data, cutting out the manual checking that previously had to be done before each visa application was submitted.

Python
OCR
Excel

Applied ML API status: checking

SMS bulk-style detector (machine learning)

An applied ML build: a neural network on SMS text that outputs P(bulk-style) (dataset spam/not-spam labels): how much the wording resembles bulk or automated messaging, not whether a message is dangerous. Deployed as a backend API with a live demo.

Python
TensorFlow
GloVe

IDS

Intrusion Detection System (IDS)

Built a multi-class intrusion detection workflow on CIC-style network flow data in Python: train and test splits, label cleanup, then Random Forest and MLP models with proper scaling for the neural net. Measured accuracy, macro-F1, per-class reports, confusion matrices, and optional feature importance for the forest. Outputs are saved as clear figures and tables, with honest scope (benchmark data, not a live NIDS deployment).

Python
Pandas
Network traffic analysis

Production

PDF Invoicing & Document Tools

ITonKey internship project. Python-based invoicing tool that turns structured data into branded, multi-page PDF invoices with templated layouts. Also developed inventory management systems with stock tracking and reporting.

Python
PDF Generation
Excel

Red teaming

TLS Interception Lab with mitmproxy

Lab demonstration: a man-in-the-middle attack using mitmproxy in a controlled environment. I installed a rogue certificate authority on a Windows 10 VM to intercept and decrypt HTTPS in real time, including form submissions and login flows, when trust in the certificate chain is exploited. Shown only in an isolated lab, not for use outside authorized settings.

Kali Linux
mitmproxy
OpenSSL
Windows 10 VM

Education

Notification listener - Android demo (Wellness Pulse)

Android demo using a fake wellness-style UI to teach notification listener risk: what permission really means, what notification-derived data can look like on-device, and why “tap allow” matters. Personal portfolio project; demo run only on my own device/emulator.

Android
Kotlin
Privacy
Notification listener

Coming soon

Write-ups and deployment notes for these builds are in progress.

Coming soon

Real-World 3-Tier Web App Deployment on AWS

End-to-end deployment walkthrough: networking, compute, and data tiers with production-style constraints.

Coming soon

Serverless Lead Capture on AWS

Serverless pipeline for capturing and storing leads with minimal operational overhead.

AWS
Serverless

04. Papers & reports

Technical writing: assessments, lab reports, and research-style submissions from my degree.

Ethics of data and AI UTS · 2024

Ethical and technical challenges of lethal autonomous weapons systems (LAWS)

description: |

Research paper on weaponised AI that can select and engage targets with reduced human oversight. Uses open-source case studies (e.g. SGR-A1, Super aEgis II, Guardium-LS) to discuss accountability, international law, sensor and recognition limits, dataset bias, and options for oversight and regulation. Written for educational and research purposes only.

View paper GitHub

Cloud security UTS · 2025

Cloud Governance and Threat Assessment

description: |

Written assessment on cloud governance practices and structured threat analysis for cloud workloads, including control trade-offs and risk framing relevant to organisational security posture.

View paper

Major project UTS · 2025

Sentinel: technical development journal

description: |

Companion documentation for Sentinel: a full development journal covering the virtual lab (Kali, Ubuntu, Windows Server on VMware/VirtualBox), recon and spoofing exercises, early Python implementation work, and structured reflection on trade-offs, failures, and lessons learned.

View paper

Data analytics UTS · 2026

SMS spam classification: model comparison report

description: |

Compares Naive Bayes, SVM, and a deep learning 1D CNN for spam detection, with tokenisation, padding, embeddings, training behaviour, and evaluation through precision, recall, F1, confusion matrices, and ROC-AUC. The CNN delivered the strongest overall performance while balancing detection with false positives.

View paper

Ethics & practice UTS · 2025

Project ethics: Guest Hospitality System

description: |

Ethics and professional practice analysis for a resort guest hospitality system: data collection and retention, RFID location tracking, and childcare safety checks, grounded in ACS, PMI, and IEEE codes of ethics, with practical recommendations to protect privacy, safety, and public trust.

View paper

05. Education & technical foundations

Formal study and subject depth from my UTS transcript: these are degree topics, not separate industry certifications.

Cybersecurity

description: |

Built STRIDE-style threat models for sample applications and documented mitigations for each threat class in written assessments.

UTS program

System security

description: |

Hardened Linux VMs (services, permissions, updates) and compared access-control models in practical lab submissions.

UTS program

Cloud security (AWS)

description: |

Deployed small workloads using IAM roles, security groups, and least-privilege reviews in AWS console lab exercises.

UTS program

Digital forensics

description: |

Imaged virtual disks, extracted timelines and artefacts with forensic tools, and wrote short reports with documented handling steps.

UTS program

Formal qualification

description: |

Bachelor of Cybersecurity

University of Technology Sydney

2023 to present. Expected graduation: June 2026

06. Skills & Tools

Security Testing

description: |

Network scanning (Nmap / NSE)
Vulnerability assessment
Web application testing
Known vulnerability research
Offensive security labs (university)

Defensive Security

description: |

Digital forensics
Cryptography
Cloud security (AWS)
Routing & switching
Information security management

Tools & technologies

description: |

Metasploit
Wireshark
Nmap / NSE scripts
Postman / Chrome DevTools / Jira
VMware / VirtualBox / Cisco Packet Tracer

Programming & Scripting

description: |

Python
Selenium
JSON / CSV / Excel
Git / GitHub
HTML / CSS

07. Get In Touch

Open to opportunities

availability: |

Open to cybersecurity and automation roles. Summary of experience, roles, and projects: resume. Based in Sydney, Australia.

Say Hello

Om Shah

01. About Me

At a glance

02. Experience

Automation Engineer

Junior Automation Engineer

Python Backend Developer Intern

03. Featured Projects

Sentinel: Automated Network Security Scanner

Immigration Case Workflow Automation Toolkit

Document Completeness Check & Form Pre-fill Tool

SMS bulk-style detector (machine learning)

Intrusion Detection System (IDS)

PDF Invoicing & Document Tools

TLS Interception Lab with mitmproxy

Notification listener - Android demo (Wellness Pulse)

Coming soon

Real-World 3-Tier Web App Deployment on AWS

Serverless Lead Capture on AWS

04. Papers & reports

Ethical and technical challenges of lethal autonomous weapons systems (LAWS)

Cloud Governance and Threat Assessment

Sentinel: technical development journal

SMS spam classification: model comparison report

Project ethics: Guest Hospitality System

05. Education & technical foundations

Cybersecurity

System security

Cloud security (AWS)

Digital forensics

Formal qualification

06. Skills & Tools

Security Testing

Defensive Security

Tools & technologies

Programming & Scripting

07. Get In Touch

Open to opportunities