Available for opportunities

DevOps &
Cybersecurity
Engineer

I build secure, observable, and resilient infrastructure. Specialized in the intersection of DevOps and Cybersecurity — hardening systems proactively by understanding them at their core.

▶ View Projects ✉ Get in Touch
Linux Docker Ansible AWS Wazuh llama.cpp ZFS FreeBSD Python Bash Pentesting ModSecurity Linux Docker Ansible AWS Wazuh llama.cpp ZFS FreeBSD Python Bash Pentesting ModSecurity
Featured Work

Selected Projects

A showcase of cybersecurity, infrastructure, and AI research projects.

🛡️

Global SSH Brute-Force Observer

Honeypot infrastructure on AWS with Wazuh SIEM integration for real-time attack visualization and geographic tracking.

AWS Wazuh Cowrie
In Progress
🤖

Llama.cpp Optimization

Research into local LLM deployment and optimization, maximizing inference performance with quantization techniques.

llama.cpp Quantization AI
In Progress
📡

WiFi Positioning System

Cart tracking system using ESP32 with a Django web application for real-time monitoring and management.

C++ Python Django
Completed
View All Projects →
5+
Years Experience
6+
Projects Shipped
Curiosity Level
About Me

Jordi Paeshuijse

Jordi Paeshuijse

Passionate about the core of complex systems

Driven IT professional with a deep passion for understanding the core of complex systems. Specialized at the intersection of DevOps and Cybersecurity, with a focus on building secure, observable, and resilient infrastructures.

I don't just solve problems — I seek to understand the underlying causes at the system level to proactively harden infrastructures. My approach combines hands-on engineering with a relentless curiosity for how things work under the hood.

Currently working as a DevOps/Security Engineer at GOdevelop, where I manage and harden infrastructure, automate processes with Ansible, and implement security monitoring with Wazuh.

Linux
Expert Level
Wazuh
SIEM Expert
AWS
Cloud Native
Technical Skills

My Toolkit

Technologies and tools I use to build, secure, and automate infrastructure.

🐧

Operating Systems

Linux (Expert) FreeBSD (Jails/iocage) Arch Linux ZFS
🛡️

Cybersecurity

Wazuh ModSecurity auditd Pentesting SQLi WAF Bypass PrivEsc OpenVPN Honeypots
☁️

Cloud & DevOps

AWS (EC2) Docker Ansible Bash Python
🌐

Web & Servers

Apache php-fpm Django FTP SFTP Plex Media Server
🔧

Tools & Methodologies

Oracle VirtualBox openZFS (raidZ2) UC Diagrams ERD Schemas
Portfolio

All Projects

A comprehensive list of my technical projects and research.

🛡️

Global SSH Brute-Force Observer

Cybersecurity honeypot on AWS analyzing global brute-force attacks with real-time visualization and Wazuh SIEM integration.

AWS EC2 Wazuh Cowrie Python
WIP
🤖

Llama.cpp Optimization

Local LLM deployment and optimization research, maximizing inference performance with quantization and hardware acceleration.

llama.cpp Quantization AI/ML
WIP
📡

WiFi Positioning System

Cart tracking system using ESP32 sensors with a Django web application for real-time monitoring and architecture design.

C++ Python Django ESP32
Done
🔷

DIY FreeBSD Server

Robust server environment with openZFS (raidZ2) and Jails, running FTP, SFTP, OpenVPN, and Plex Media Server.

FreeBSD openZFS Jails OpenVPN
Done
🏹

Arch Linux Setup

Complete manual installation and configuration of Arch Linux for an optimized and productive development workflow.

Arch Linux Bash Workflow
Done

🛡️ Global SSH Brute-Force Observer

A real-time cybersecurity honeypot infrastructure that captures, analyzes, and visualizes global SSH brute-force attack patterns.

⚡ Work in Progress AWS EC2 Wazuh SIEM Cowrie Python

📋 Overview

This project is a cybersecurity honeypot deployed on AWS EC2 designed to attract, capture, and analyze SSH brute-force attacks from around the world. By deploying Cowrie — a medium-interaction SSH honeypot — the system simulates a realistic Linux environment, logging attacker credentials, connection patterns, and post-compromise behavior.

All captured data is fed into a Wazuh SIEM (Security Information and Event Management) system for centralized log collection, correlation, and analysis. The result is a comprehensive Global Attack Map — an interactive dashboard that visualizes attack origins, frequencies, and patterns in real-time.

🏗️ System Architecture

// ────────────────────────────────────────── // Global SSH Brute-Force Observer // Architecture Diagram // ────────────────────────────────────────── [Global Internet] │ │ SSH Brute-Force Attempts ▼ ┌─────────────────────────┐ │ AWS EC2 Instance │ │ (Ubuntu Server) │ │ │ │ ┌───────────────────┐ │ │ │ Cowrie Honeypot │──┼──► Logs (auth.log) │ │ Port: 2222 │ │ │ └───────────────────┘ │ │ │ │ ┌───────────────────┐ │ │ │ Wazuh Agent │◄─┼──► Ingest Logs │ │ (Filebeat) │ │ │ └───────────────────┘ │ └─────────────────────────┘ │ │ API / Webhook ▼ ┌─────────────────────────┐ │ Wazuh Manager (SIEM) │ │ - Log Correlation │ │ - Rule Matching │ │ - Alert Generation │ │ - Dashboard │ └─────────────────────────┘ │ │ Visualization ▼ ┌─────────────────────────┐ │ Global Attack Map │ │ - GeoIP Mapping │ │ - Attack Frequency │ │ - Credential Analysis │ │ - Real-time Feed │ └─────────────────────────┘ // ────────────────────────────────────────── // Key: [External] → Services → Data Flow // ──────────────────────────────────────────

Key Features

  • Cowrie Honeypot — Medium-interaction SSH/Telnet honeypot simulating a realistic Linux environment for attacker engagement
  • Wazuh SIEM Integration — Automated log collection, rule-based alerting, and security event correlation
  • Global Attack Map — Interactive dashboard visualizing attack origins via GeoIP data and attack frequency patterns
  • Credential Analysis — Captures and catalogs attempted username/password combinations for threat intelligence
  • Real-time Monitoring — Live feed of incoming attacks with geographic mapping and statistical analysis
  • Post-Compromise Tracking — Cowrie captures commands executed by attackers, providing insight into common attack methodologies

🔧 Technology Stack

☁️
AWS EC2
Cloud hosting & networking
🛡️
Wazuh
SIEM & log analysis
🐝
Cowrie
SSH honeypot
🐍
Python
Dashboard & data processing
🐧
Ubuntu
Host operating system
📊
Kibana
Visualization dashboard

🎯 Goals & Objectives

  • Build a comprehensive understanding of real-world SSH brute-force attack patterns
  • Create an educational tool for demonstrating the scale and persistence of automated attacks
  • Develop threat intelligence capabilities through data analysis and pattern recognition
  • Gain hands-on experience with SIEM deployment, log correlation, and security monitoring
  • Eventually integrate ML-based anomaly detection for predictive threat analysis

🤖 Local LLM Optimization

Research into local Large Language Model deployment, optimizing inference performance and minimizing resource footprint using llama.cpp.

⚡ Work in Progress llama.cpp Quantization C++ AI/ML

📋 Overview

This project focuses on the local deployment and optimization of Large Language Models (LLMs) using llama.cpp — a highly efficient C/C++ inference library. The goal is to maximize inference performance while minimizing the computational and memory resource footprint, enabling LLMs to run efficiently on consumer-grade hardware.

The project explores various quantization techniques (GGUF format), hardware acceleration options (CPU, GPU, Metal, Vulkan), and model selection strategies to create an efficient, production-ready local AI workflow.

🏗️ System Architecture

// ────────────────────────────────────────── // Local LLM Inference Pipeline // llama.cpp Architecture // ────────────────────────────────────────── [Model Weights] │ │ GGUF Quantized Format │ (Q4_K_M, Q5_K_M, Q8_0...) ▼ ┌─────────────────────────┐ │ llama.cpp Inference │ │ │ │ ┌───────────────────┐ │ │ │ Quantization │ │ │ │ Q4_K_M → 4-bit │ │ │ │ Memory: ~4GB │ │ │ └───────────────────┘ │ │ │ │ ┌───────────────────┐ │ │ │ Hardware Accel │──┼──► CPU / GPU / Metal │ │ CPU / GPU │ │ │ └───────────────────┘ │ │ │ KV Cache │ │ │ │ Optimized │ │ │ └───────────────────┘ │ └─────────────────────────┘ │ │ Inference (Tokens/sec) ▼ ┌─────────────────────────┐ │ Output / API │ │ - Streaming responses │ │ - OpenAI-compatible │ │ - Batch inference │ └─────────────────────────┘ // ────────────────────────────────────────── // Key: Quantization trade-off: quality vs. // memory usage vs. inference speed // ──────────────────────────────────────────

🔬 Research Areas

  • Quantization Techniques — Exploring GGUF formats (Q2_K through Q8_0) to find the optimal balance between model quality and resource efficiency
  • Hardware Acceleration — Benchmarking CPU-only inference vs. GPU acceleration (CUDA, Vulkan, Metal) for different model sizes
  • Memory Optimization — Minimizing VRAM/RAM usage through layer offloading, KV cache optimization, and batch size tuning
  • Inference Performance — Measuring tokens-per-second across different configurations, model architectures, and quantization levels
  • Model Selection — Comparing different open-source LLM architectures (Llama, Mistral, Phi, etc.) for specific use cases
  • API Integration — Setting up OpenAI-compatible API servers for seamless integration with existing applications

🔧 Technology Stack

llama.cpp
Core inference engine
📦
GGUF
Quantized model format
⚙️
C++
Development & optimization
🎮
CUDA / Vulkan
GPU acceleration
🐧
Linux
Host operating system
🌐
FastAPI
API server integration

📊 Quantization Comparison

// ────────────────────────────────────────── // Quantization Levels (Model Size: ~7B params) // ────────────────────────────────────────── Q8_0 │ ██████████████████████████ ≈ 4.7GB │ Highest quality Q6_K │ ████████████████████░░░░░░░░ ≈ 3.5GB │ Excellent quality Q5_K_M │ ██████████████████░░░░░░░░░░ ≈ 3.7GB │ Great quality Q4_K_M │ ████████████████░░░░░░░░░░░░ ≈ 3.8GB │ ★ Recommended Q5_0 │ ██████████████████████░░░░░░░░ ≈ 4.3GB │ Good quality Q4_0 │ ████████████████░░░░░░░░░░░░ ≈ 3.5GB │ Standard Q3_K_M │ █████████████░░░░░░░░░░░░░░░ ≈ 2.7GB │ Good quality Q2_K │ ████████████░░░░░░░░░░░░░░░░ ≈ 2.2GB │ Acceptable // ────────────────────────────────────────── // Trade-off: Lower bits = less memory & // faster inference, but reduced output quality // ──────────────────────────────────────────

🎯 Goals & Objectives

  • Establish an efficient local AI workflow that runs complex LLMs on consumer hardware
  • Document quantization benchmarks for different model architectures and sizes
  • Create a reproducible setup for running open-source LLMs with minimal resource overhead
  • Explore the potential of local LLMs for automated security analysis and reporting
  • Eventually integrate the LLM into the Wazuh project for automated threat analysis

📡 WiFi Positioning System

A real-time cart tracking system using ESP32 sensors and a Django web application for monitoring and management.

✓ Completed C++ Python Django ESP32

📋 Overview

This project involves developing a positioning system for tracking carts in a warehouse/retail environment. The system uses ESP32 microcontrollers as WiFi signal receivers to determine cart locations, with data processed and displayed through a Django web application.

The architecture was designed using Use Case (UC) diagrams and Entity-Relationship Diagrams (ERD) to ensure a well-structured and scalable system design.

Key Features

  • ESP32 Sensor Network — Multiple ESP32 devices deployed as WiFi signal receivers for cart position triangulation
  • Django Web Dashboard — Real-time monitoring interface showing cart locations and movement history
  • System Architecture — Professional design using UC diagrams and ERD schemas for clear system structure
  • C++ Embedded Code — Low-level firmware for ESP32 devices handling WiFi scanning and data transmission
  • Python Backend — Django framework powering the web application with database integration and API endpoints

🔧 Technology Stack

🔌
ESP32
WiFi sensor hardware
⚙️
C++
Embedded firmware
🐍
Python
Backend development
🌐
Django
Web framework

🔷 DIY FreeBSD Server

A robust self-built server environment using FreeBSD with openZFS, Jails, and multiple network services.

✓ Completed FreeBSD openZFS Jails OpenVPN

📋 Overview

A fully configured FreeBSD server leveraging the operating system's native strengths: openZFS for enterprise-grade storage with raidZ2 redundancy, and Jails for lightweight, secure containerization. The server runs multiple services including FTP, SFTP, OpenVPN, and Plex Media Server.

Key Features

  • openZFS raidZ2 — Double-parity RAID configuration for maximum data protection
  • FreeBSD Jails — Lightweight isolation for running services securely
  • FTP / SFTP — File transfer services with proper access controls
  • OpenVPN — Secure remote access VPN tunnel
  • Plex Media Server — Media streaming service for personal media library

🔧 Technology Stack

🔷
FreeBSD
Operating system
💾
openZFS
Filesystem & RAID
📦
Jails
Containerization
🔐
OpenVPN
Secure VPN

🏹 Arch Linux Setup

A complete manual installation and configuration of Arch Linux for an optimized and productive development workflow.

✓ Completed Arch Linux Bash Workflow

📋 Overview

A fully custom Arch Linux installation performed manually — from disk partitioning to desktop environment configuration. Every package and service was hand-selected and tuned for maximum productivity and minimal resource consumption.

This project demonstrates deep Linux knowledge, from understanding the boot process to configuring networking, services, and a personalized development environment.

Key Features

  • Manual Installation — Full disk setup with partitioning, filesystem creation, and bootloader configuration
  • Custom Configuration — Every service and package hand-tuned for optimal performance
  • Productivity Workflow — Development tools, terminal customization, and automation scripts
  • System Hardening — Security best practices applied from the ground up
  • Rolling Release — Leveraging Arch's rolling release model for always-up-to-date software
Career

Work Experience

My professional journey in IT and cybersecurity.

Jul 2024 – Jul 2025

GOdevelop

DevOps / Security Engineer
  • Manage and harden infrastructure security across all environments
  • Implement Ansible for process automation and Infrastructure as Code
  • Manage and configure cloud environments on AWS
  • Optimize web servers using Apache, php-fpm, and mod_security
  • Deploy and manage Wazuh for security monitoring and observability
  • Execute penetration tests on PHP applications to identify and remediate vulnerabilities
Mar 2024 – Mar 2024

InTouch

Customer Care Engineer
  • Provided technical support for complex IT issues
  • Applied SQL and Linux knowledge for troubleshooting and data analysis
Aug 2023 – Mar 2024

Plascobel

Operator
  • Worked in a 3-shift system within an industrial production environment
  • Developed strong operational discipline and process awareness
Education

Education & Certificates

🎓

Thomas More, Geel

Professional Bachelor Electronics-ICT
1st & 2nd year completed — Specialization: Digital Innovation
🏫

Don Bosco, Helchteren

Secondary Education
Industrial ICT
📜

Cloud Transformatie voor Bedrijven

Webinar — Cloud Transformation for Businesses

Get in Touch

Contact

Let's connect and discuss opportunities, projects, or just tech.

Let's talk

Whether you're looking for a DevOps engineer, a security-conscious developer, or just want to chat about infrastructure — I'd love to hear from you.

📧
Email
[email protected]
📱
Phone
+32 (0)491 32 16 73
💼
LinkedIn
Jordi Paeshuijse
📍
Location
Pelt, Belgium

Send a message