Om Shah

Cybersecurity student & automation engineer

om@uts:~

$ whoami

om_shah

$ cat skills.txt

[+] Network Scanning

[+] Python Automation

[+] Web App Testing

[+] Vulnerability Assessment

Scroll Down

01. About Me

My background

description: |

I'm a cybersecurity student at UTS with industry experience across immigration casework, QA, and automation. I build automations that reduce manual handling and shrink attack surface: fewer copy-paste workflows, less room for human error in checks, and clearer visibility into what's exposed when systems are left misconfigured or outdated.

The roles and shipped tools at Migrate Zone and ITonKey are summarised in Experience below. For project detail, including Sentinel, my final-year capstone, see Featured Projects. For something hands-on, open the live SMS classifier demo.

35% Faster Case Handling

3+ Years at Migrate Zone

2026 UTS Graduation

02. Experience

Automation Engineer

Dec 2024 to present

Migrate Zone · Jul 2023 to present · Part-time

description: |

Expanded the internal automation toolkit to streamline visa processing workflows and support higher case volumes after the company's UAE expansion.
Consolidated financial audit checks into a single workflow, reducing duplicate checks and manual cross-referencing.
Co-led the redesign and rollout of modular automations for file naming, risk flagging, and routing, reducing average case handling time from about 8.0 hours to 5.3 hours per case, a roughly 35% improvement.
Developed a prefill tool that mapped validated case data into Excel lodgement templates, reducing repetitive data checks and speeding up preparation.
Built a lightweight scraping tool to monitor policy update pages, removing the need for repeated manual website checks.

Junior Automation Engineer

Jul 2023 to Nov 2024

Migrate Zone · Jul 2023 to present · Part-time

description: |

Built Python scripts to automate case data entry and reduce repetitive manual processing across visa workflows.
Co-developed a PDF collation and OCR-based document validation workflow that reduced manual review time and detected missed, outdated, or lapsed documents before lodgement, catching dozens of issues each month.
Produced internal documentation that enabled staff to use the toolkit without ongoing developer support.

Python Backend Developer Intern

Aug 2024 to Oct 2024

ITonKey · Part-time

description: |

Built a Python invoicing tool that converted structured business data into branded, multi-page PDF invoices using templated layouts aligned with internal workflows.
Contributed to custom software development for small business clients, including inventory management features for stock tracking and basic reporting.

03. Featured Projects

Capstone

Sentinel: Automated Network Security Scanner

My final-year capstone project at UTS. A Python tool that automatically scans a computer network, identifies every connected device and service running on it, and checks each one against a public database of known security flaws. It cleans up the raw scan output, maps services to CPE-style software identifiers, and queries the NVD so each finding is tied to known CVEs with severity metadata. The report groups results by asset and priority so teams can patch or verify the riskiest items first, with steps to confirm each issue.

Python
Nmap / NSE
NVD CVE
JSON

Watch demo Capstone journal

Production

Immigration Case Workflow Automation Toolkit

A team-built automation toolkit used at Migrate Zone to process immigration case files. Staff upload documents and the tool merges them into a single PDF, reads and extracts the text automatically (using OCR, text recognition technology), and checks that every required document is present based on the specific visa type. Missing or outdated items are flagged, and the results are bundled into summary reports and review-ready PDF packages for the team.

Python
Adobe PDF Services
OCR
JSON

Production

Document Completeness Check & Form Pre-fill Tool

A Migrate Zone automation tool that reads uploaded case documents, flags anything missing or out of date, and automatically pre-fills the relevant Excel forms with verified data, cutting out the manual checking that previously had to be done before each visa application was submitted.

Python
OCR
Excel

Coursework API status: checking

SMS bulk-style detector (machine learning)

Coursework: a neural network on SMS text that outputs P(bulk-style) (dataset spam/not-spam labels): how much the wording resembles bulk or automated messaging, not whether a message is dangerous. Deployed as a backend API with a live demo.

Python
TensorFlow
GloVe

Try Live Demo

Production

PDF Invoicing & Document Tools

ITonKey internship project. Python-based invoicing tool that turns structured data into branded, multi-page PDF invoices with templated layouts. Also developed inventory management systems with stock tracking and reporting.

Python
PDF Generation
Excel

Red teaming

TLS Interception Lab with mitmproxy

Lab demonstration: a man-in-the-middle attack using mitmproxy in a controlled environment. I installed a rogue certificate authority on a Windows 10 VM to intercept and decrypt HTTPS in real time, including form submissions and login flows, when trust in the certificate chain is exploited. Shown only in an isolated lab, not for use outside authorized settings.

Kali Linux
mitmproxy
OpenSSL
Windows 10 VM

Watch on YouTube

Coming soon

Write-ups and deployment notes for these builds are in progress.

Coming soon

Real-World 3-Tier Web App Deployment on AWS

End-to-end deployment walkthrough: networking, compute, and data tiers with production-style constraints.

Coming soon

Serverless Lead Capture on AWS

Serverless pipeline for capturing and storing leads with minimal operational overhead.

AWS
Serverless

04. Papers & reports

Academic writing from my degree: assessments, lab reports, and research-style submissions.

Ethics of data and AI UTS · 2024

Ethical and technical challenges of lethal autonomous weapons systems (LAWS)

description: |

Research paper on weaponised AI that can select and engage targets with reduced human oversight. Uses open-source case studies (e.g. SGR-A1, Super aEgis II, Guardium-LS) to discuss accountability, international law, sensor and recognition limits, dataset bias, and options for oversight and regulation. Written for educational and research purposes only.

View paper GitHub

Cloud security UTS · 2025

Cloud Governance and Threat Assessment

description: |

Written assessment on cloud governance practices and structured threat analysis for cloud workloads, including control trade-offs and risk framing relevant to organisational security posture.

View paper

Capstone UTS · 2025

Sentinel capstone: project development journal

description: |

Same UTS capstone as Sentinel: a full project development journal covering the virtual lab (Kali, Ubuntu, Windows Server on VMware/VirtualBox), recon and spoofing labs, early Python work on Sentinel, and weekly reflection on what worked, what failed, and what was learned.

View paper

Data analytics UTS · 2026

SMS spam classification: model comparison report

description: |

Compares Naive Bayes, SVM, and a deep learning 1D CNN for spam detection, with tokenisation, padding, embeddings, training behaviour, and evaluation through precision, recall, F1, confusion matrices, and ROC-AUC. The CNN delivered the strongest overall performance while balancing detection with false positives.

View paper

Ethics & practice UTS · 2025

Project ethics: Guest Hospitality System

description: |

Ethics and professional practice analysis for a resort guest hospitality system: data collection and retention, RFID location tracking, and childcare safety checks, grounded in ACS, PMI, and IEEE codes of ethics, with practical recommendations to protect privacy, safety, and public trust.

View paper

05. Education & coursework

Degree and subject areas from my UTS transcript (not separate industry certifications).

Cybersecurity

description: |

Built STRIDE-style threat models for sample applications and documented mitigations for each threat class in written assessments.

UTS coursework

System security

description: |

Hardened Linux VMs (services, permissions, updates) and compared access-control models in practical lab submissions.

UTS coursework

Cloud security (AWS)

description: |

Deployed small workloads using IAM roles, security groups, and least-privilege reviews in AWS console lab exercises.

UTS coursework

Digital forensics

description: |

Imaged virtual disks, extracted timelines and artefacts with forensic tools, and wrote short reports with documented handling steps.

UTS coursework

Formal qualification

description: |

Bachelor of Cybersecurity

University of Technology Sydney

2023 to present. Expected graduation: June 2026

06. Skills & Tools

Security Testing

description: |

Network scanning (Nmap / NSE)
Vulnerability assessment
Web application testing
Known vulnerability research
Offensive security labs (coursework)

Defensive Security

description: |

Digital forensics
Cryptography
Cloud security (AWS)
Routing & switching
Information security management

Tools & technologies

description: |

Metasploit
Wireshark
Nmap / NSE scripts
Postman / Chrome DevTools / Jira
VMware / VirtualBox / Cisco Packet Tracer

Programming & Scripting

description: |

Python
Selenium
JSON / CSV / Excel
Git / GitHub
HTML / CSS

07. Get In Touch

Open to opportunities

availability: |

Open to cybersecurity and automation roles. Summary of experience, roles, and projects: resume (PDF). Based in Sydney, Australia.

Say Hello