Available for Opportunities

Shubham (Sam) Singla
Cybersecurity & IT Professional

Securing digital infrastructures and building robust web solutions. Specialized in SOC operations, Penetration Testing, and Full-stack Development.

View ProjectsContact Me

Professional Experience

A timeline of my journey in Cybersecurity and IT Operations.

SOC Team Leader

NAB SOC
Oct 2025 - CurrentDocklands, VIC
  • Led SOC operations during high-volume periods, managing 150+ security calls and alerts daily.
  • Directed incident triage, escalation, and final resolution, ensuring SLA and client compliance.
  • Set priorities, allocated workloads, and guided the team to maintain operational efficiency.
  • Acted as the final authority on incident severity, response actions, and closure decisions.
  • Coordinated with stakeholders and clients to communicate incidents, remediation, and outcomes.

Cyber Security Analyst

Web Alive
June 2025 - Oct 2025South Yarra, VIC
  • Performed web app security testing on Web Commander, Events Booking, Exsited ERP, and Reed Events using Burp Suite Pro and manual testing (SQL, XSS).
  • Conducted data access control checks across role-based views in Events Booking.
  • Used Kali tools for directory, brute-forcing, and HTTP header analysis.
  • Ran Nessus scans to identify vulnerabilities across WebAlive's network.
  • Performed server setup with XCP-ng, Proxmox and VM creation on Rocky Linux 9.
  • Performed API testing using Postman and performed manual testing.

Security Operations Centre Operator

NAB SOC
Feb 2024 - Oct 2025Docklands, VIC
  • Managed over 150 calls daily, ensuring timely and effective response to security incidents.
  • Actioned tickets based on client needs, improving response times by 20%.
  • Provided technical support for security systems, enhanced functionality, and reliability.
  • Delivered excellent customer service, addressing client inquiries and concerns.
  • Implemented and monitored security protocols, resulting in a safer environment.

Featured Projects

A snapshot of recent work — security tools, marketplaces, and automation. Click a card to see the full development timeline.

View all projects

Crypto Trade Agent

AI

An AI-driven crypto signal terminal that auto-validates setups against live Binance market data and runs them through a server-side risk engine for paper trading. Built around a one-minute Vercel Cron heartbeat with anti-spam guardrails so noise never reaches the trade log.

Next.jsTypeScriptSupabaseBinance API+2
View Timeline
Visit Website

TiffinHub AU

Web App

A two-sided marketplace connecting Australian home cooks with customers craving authentic, home-style tiffin meals. Customers explore providers and build a persistent cart; providers manage menus and earnings; admins moderate listings and track platform metrics — all behind a warm, food-inspired UI.

Next.jsTypeScriptTailwind CSSFramer Motion+1
View Timeline
Visit Website

Scam Checker

Security

Privacy-first security tool that helps users spot online scams. It analyses text, emails, links, images, and files entirely client-side — no uploads, no tracking — and returns a weighted risk score with a breakdown of every flagged signal.

Next.jsTypeScriptTailwind CSSClient-side NLP+1
View Timeline
Visit Website

Copy Paste Converter Hub

Developer Tools

A fast, ad-free, no-login utility site for developers. Every conversion runs in the browser — JSON formatter, Base64, URL encoders, timestamp converter, hash generators — so nothing ever leaves your machine.

Next.jsTypeScriptTailwind CSSStatic Site Generation
View Timeline
Visit Website

Flight Tracking System

Web App

Real-time flight status tracking with SMS and email alerts. Powered by AviationStack data, Twilio messaging, and SendGrid email — with WebSocket-driven live updates and rate-limit-aware delivery queues.

ReactExpress.jsTwilioSendGrid+2
View Timeline
Visit Website

Groundlayer IT

Web App

Corporate web presence for an Australian IT solutions provider. Mobile-first marketing site with a hardened lead-capture flow, structured data, and 95+ Lighthouse scores across every page.

Next.jsReactTailwind CSSSendGrid+1
View Timeline
Visit Website

From the Blog

Daily cybersecurity writing — incident analysis, vulnerability disclosures, and defensive playbooks.

All posts
Fortinet's EMS Just Gave Away the Keys: Patch Your Endpoint Management, Yesterday.
Vulnerability
Jun 02, 20268 min read

Fortinet's EMS Just Gave Away the Keys: Patch Your Endpoint Management, Yesterday.

A critical deserialization RCE in FortiClient EMS could let attackers own your endpoints with alarming ease.

Your CI/CD Pipeline Just Became a Minefield: Jenkins RCEs Are Here
Vulnerability
Jun 01, 20267 min read

Your CI/CD Pipeline Just Became a Minefield: Jenkins RCEs Are Here

New RCEs and critical flaws in Jenkins mean your build environment could be handing over your keys to attackers.

SharePoint's Latest Blind Spot: Your Intranet Just Got RCE'd
Vulnerability
May 31, 20267 min read

SharePoint's Latest Blind Spot: Your Intranet Just Got RCE'd

Microsoft dropped a critical SharePoint RCE in its latest Patch Tuesday, and if you're not patching, your internal docs are now public.

Core Skills

Tools and technologies I use to secure and build systems.

Cybersecurity Operations

Incident ResponseThreat DetectionRisk AssessmentComplianceMobile Testing

Technical Skills

Penetration TestingVulnerability AssessmentWeb App Security (Burp Suite)Linux AdministrationAPI Testing

Development & Tools

Scripting & AutomationVersion Control (Git)Network ConfigurationSDLC Awareness