Available for Opportunities

Shubham (Sam) Singla
Cybersecurity & IT Professional

Securing digital infrastructures and building robust web solutions. Specialized in SOC operations, Penetration Testing, and Full-stack Development.

View ProjectsContact Me

Professional Experience

A timeline of my journey in Cybersecurity and IT Operations.

SOC Team Leader

NAB SOC
Oct 2025 - CurrentDocklands, VIC
  • Led SOC operations during high-volume periods, managing 150+ security calls and alerts daily.
  • Directed incident triage, escalation, and final resolution, ensuring SLA and client compliance.
  • Set priorities, allocated workloads, and guided the team to maintain operational efficiency.
  • Acted as the final authority on incident severity, response actions, and closure decisions.
  • Coordinated with stakeholders and clients to communicate incidents, remediation, and outcomes.

Cyber Security Analyst

Web Alive
June 2025 - Oct 2025South Yarra, VIC
  • Performed web app security testing on Web Commander, Events Booking, Exsited ERP, and Reed Events using Burp Suite Pro and manual testing (SQL, XSS).
  • Conducted data access control checks across role-based views in Events Booking.
  • Used Kali tools for directory, brute-forcing, and HTTP header analysis.
  • Ran Nessus scans to identify vulnerabilities across WebAlive's network.
  • Performed server setup with XCP-ng, Proxmox and VM creation on Rocky Linux 9.
  • Performed API testing using Postman and performed manual testing.

Security Operations Centre Operator

NAB SOC
Feb 2024 - Oct 2025Docklands, VIC
  • Managed over 150 calls daily, ensuring timely and effective response to security incidents.
  • Actioned tickets based on client needs, improving response times by 20%.
  • Provided technical support for security systems, enhanced functionality, and reliability.
  • Delivered excellent customer service, addressing client inquiries and concerns.
  • Implemented and monitored security protocols, resulting in a safer environment.

Featured Projects

A snapshot of recent work — security tools, marketplaces, and automation. Click a card to see the full development timeline.

View all projects

Crypto Trade Agent

AI

An AI-driven crypto signal terminal that auto-validates setups against live Binance market data and runs them through a server-side risk engine for paper trading. Built around a one-minute Vercel Cron heartbeat with anti-spam guardrails so noise never reaches the trade log.

Next.jsTypeScriptSupabaseBinance API+2
View Timeline
Visit Website

TiffinHub AU

Web App

A two-sided marketplace connecting Australian home cooks with customers craving authentic, home-style tiffin meals. Customers explore providers and build a persistent cart; providers manage menus and earnings; admins moderate listings and track platform metrics — all behind a warm, food-inspired UI.

Next.jsTypeScriptTailwind CSSFramer Motion+1
View Timeline
Visit Website

Scam Checker

Security

Privacy-first security tool that helps users spot online scams. It analyses text, emails, links, images, and files entirely client-side — no uploads, no tracking — and returns a weighted risk score with a breakdown of every flagged signal.

Next.jsTypeScriptTailwind CSSClient-side NLP+1
View Timeline
Visit Website

Copy Paste Converter Hub

Developer Tools

A fast, ad-free, no-login utility site for developers. Every conversion runs in the browser — JSON formatter, Base64, URL encoders, timestamp converter, hash generators — so nothing ever leaves your machine.

Next.jsTypeScriptTailwind CSSStatic Site Generation
View Timeline
Visit Website

Flight Tracking System

Web App

Real-time flight status tracking with SMS and email alerts. Powered by AviationStack data, Twilio messaging, and SendGrid email — with WebSocket-driven live updates and rate-limit-aware delivery queues.

ReactExpress.jsTwilioSendGrid+2
View Timeline
Visit Website

Groundlayer IT

Web App

Corporate web presence for an Australian IT solutions provider. Mobile-first marketing site with a hardened lead-capture flow, structured data, and 95+ Lighthouse scores across every page.

Next.jsReactTailwind CSSSendGrid+1
View Timeline
Visit Website

From the Blog

Daily cybersecurity writing — incident analysis, vulnerability disclosures, and defensive playbooks.

All posts
vCenter's Open Gate: Critical RCEs Hand Over Your Virtual Kingdom
Vulnerability
May 20, 20268 min read

vCenter's Open Gate: Critical RCEs Hand Over Your Virtual Kingdom

Three critical flaws in VMware vCenter Server can let attackers take full control of your virtual environment.

Your ESXi Hypervisor Just Opened Its Root Door
Vulnerability
May 19, 20267 min read

Your ESXi Hypervisor Just Opened Its Root Door

Turns out, the foundation of your virtual kingdom had a critical flaw, letting authenticated users write files and escalate privileges.

PyPI's Dirty Secret: Your `pip install` Just Became a Trojan Horse
Threat Intelligence
May 18, 20267 min read

PyPI's Dirty Secret: Your `pip install` Just Became a Trojan Horse

Developers are targets, and the open-source supply chain is a prime attack vector for credential theft and backdoors.

Core Skills

Tools and technologies I use to secure and build systems.

Cybersecurity Operations

Incident ResponseThreat DetectionRisk AssessmentComplianceMobile Testing

Technical Skills

Penetration TestingVulnerability AssessmentWeb App Security (Burp Suite)Linux AdministrationAPI Testing

Development & Tools

Scripting & AutomationVersion Control (Git)Network ConfigurationSDLC Awareness