$ whoami

Bogdan Carmaciu

$ whereis
Kaunas, Lithuania

Security and infrastructure practitioner with a background that cuts across economics, product, and design - which, as it turns out, is exactly the kind of preparation that security problems demand. They don't respect boundaries, and neither does the approach: from architecture down to the rule level, from perimeter design to individual AppArmor profiles. What started as a structured coursework lab grew into a live, production-grade SOC environment in under six months - segmented network, centralised SIEM processing 160,000+ events daily, host hardening across the stack, and automated disaster recovery - built and operated end to end.

// Connect
Homelab
~/homelab/
NoxLab
TryHackMe
~/tryhackme/
IceColdBrewBash
LinkedIn
~/linkedin/
bogdancarmaciu
GitHub
~/github/
FabulaNox
Email
~/mailto/
b.carmaciu
// Experience
Security & Infrastructure Engineering
10/2025 – Present
Personal Lab · Self-directed
  • Deployed and administered Wazuh SIEM v4.14.2 processing ~160,000 events/day across 3 monitored endpoints; authored custom decoders and detection rules for MikroTik RouterOS syslog integration and built a real-time Telegram alert pipeline for severity 7+ events
  • Configured Suricata IDS/IPS (Emerging Threats ruleset, JA3/JA4 TLS fingerprinting) and applied layered host hardening across Linux systems - STIG-based auditd (90 rules), AppArmor (142 enforced profiles), YubiKey FIDO U2F sudo, Fail2ban, and DNS-over-TLS - all feeding into centralised Wazuh log correlation
  • Designed and managed a segmented network on MikroTik RouterOS: 31-rule stateful firewall with GeoIP blocking, isolated guest WiFi subnets, VPN lateral movement restrictions, and OpenVPN AES-256-GCM remote access; enforced a role-based SSH public key infrastructure with directional trust between endpoints - preventing lateral SSH movement across hosts
  • Deployed and operated containerised self-hosted infrastructure on Docker: GitLab CE with CI/CD runners (VPN-only access), Traefik reverse proxy with automated Let’s Encrypt TLS, and a custom FastMCP API server (vault-mcp.carmaciu.com) secured with domain certificate and basicauth via Cloudflare Tunnel
  • Authored a 17-role Ansible disaster-recovery playbook enabling full bare-metal rebuild in under 80 minutes; maintained a 4-layer backup strategy across USB, self-hosted GitLab, and automated configuration exports
  • Iteratively designed and hardened a 7-layer defence-in-depth architecture - perimeter, network, host, application, authentication, monitoring, and recovery - evolving from a structured coursework lab into a live personal infrastructure deployment
Freelance Photographer
01/2020 – Present
Fabula Nox · Kaunas, Lithuania
  • Delivered client shoots end to end against pre-defined packages, on deadline and to spec, every time
  • Ran and optimised paid advertising campaigns across Google and Meta on an independent budget
  • Continuously developed technical shooting and retouching skills to maintain and raise output quality
Technical Designer
05/2023 – 01/2025
Melsoft (acquired by Moonactive) · Vilnius, Lithuania
  • Worked on an Agile timeline to deliver new levels for end users
  • Worked closely with internal and external QA to provide the best user experience possible
  • Worked as part of a multi-disciplinary team to continuously iterate on product variations
  • Provided feedback, suggestions and mock-ups for internal tools
  • Collaborated on developing new design concepts
Commerce Specialist
10/2018 – 11/2019
Maxima International Sourcing, UAB · Vilnius, Lithuania
  • Produced market segment analysis for commercial managers
  • Reviewed pricing and centralized offers for assessment by commercial managers
  • Coordinated internal product A/B testing
  • Prepared product sheets and registered in SAP product database
Project Manager
06/2018 – 10/2018
Crafts, UAB · Vilnius, Lithuania
  • Built internal management processes for a more efficient project tracking system
  • Updated clients on regular progress regarding project delivery
  • Built project roadmaps and established milestones for individual projects
  • Built an in-house resource allocation process and tools
  • Negotiated project budgets based on client needs and demands
Sales Commercial Manager
10/2017 – 06/2018
Hegelmann Transporte UAB · Kaunas, Lithuania
  • Started in the company inputting received orders in the ERP system in preparation to transmission to drivers
  • Supervised deliveries by liaising with drivers, providing on-the-spot problem solving
  • Worked as part of a team to ensure delivery goals are met without incurring delays
  • Reached out to potential clients in the French market to ensure sales targets are met and provide new revenue streams
  • Provided initial analytics results regarding process efficiency
Product Manager / Export Manager
10/2015 – 10/2017
B-NOVO Technologies · Kaunas, Lithuania
  • Assembled product development team
  • Implemented new processes to speed up product development - reached regular monthly updates
  • Gathered and analyzed shareholder feedback about the product suite and delivered a cohesive product vision
  • Set out the product roadmap and implemented processes that would enable the delivery
  • Oversaw the process of standardizing our products to enlarge product portfolio
  • Developed and implemented new processes of sales partner relationship with our company
  • Unlocked new markets for the company to expand in (Baltic region)
  • Participated in improving internal business processes at a strategic level
  • Reviewed and provided feedback used in product development
  • Was given responsibility of mapping out a business and development strategy for a complementary product to existing line-up
Strategic Buyer
11/2013 – 10/2015
Littelfuse · Kaunas, Lithuania
  • Facilitated inflow of input materials for projects throughout their development cycles
  • Developed in-house forecasting method for raw material demand
  • Ran continuous negotiations with suppliers on terms and conditions, as well as pricing
  • Participated in multi-disciplinary project teams to deliver on-budget and per-specification products
  • Participated in cross-continental purchasing efforts in sourcing for mass assembly of client-approved products
  • Acted as liaison between sales and purchasing departments, as well as company wide liaison for particular projects and/or items that required international cooperation
  • Performed continuous risk and opportunity monitoring
// Education
CodeAcademy
Cyber Security Program
Jul 2025 – Mar 2026 · 504 hours
Intensive program across three cybersecurity levels:
>_ Network Security: firewall & VPN, IDS/IPS, wireless → Wireshark, Nmap, Suricata, OpenVPN, Firewall Config >_ Windows & Linux hardening: access control, privilege mgmt → Linux, Windows Admin, Bash, PowerShell >_ SOC operations: SIEM, event monitoring, incident response → Wazuh, Incident Response >_ Penetration testing: vulnerability assessment, red/blue team → Metasploit, Burp Suite, Hydra >_ DevSecOps: CI/CD security, infrastructure as code → Docker, Ansible, Git / GitHub >_ Network segmentation: VLAN design, micro-segmentation → VLANs, Networking >_ Advanced: APT analysis, threat intelligence, ISO 27001, IAM/SSO
University of Essex
BSc International Economics
2009 – 2012 · Colchester, United Kingdom