Gideon Oteng
Network engineer building operational systems that don't fall over.
Tier-1 ISP backbone work at Cogent Communications. Multi-vendor enterprise networks at CDW. Self-hosted infrastructure for the curiosity tax — Proxmox cluster, wildcard TLS, Cloudflare Tunnel, the works. Currently studying for the next layer up.
// Selected work
Things I've built
SecureBytes Platform
Self-managed Proxmox cluster running production-style network and security infrastructure — wildcard TLS, public status page, and selective Cloudflare Tunnel exposure.
AWS Detection Engineering Portfolio
Production-quality Sigma rules for AWS IAM privilege escalation, each validated end-to-end against CloudGoat scenarios using Stratus Red Team and CloudTrail.
Network Design Lab
Multi-vendor lab on Cisco Modeling Labs and EVE-NG. Routing, switching, wireless, security, SD-WAN, identity, and observability platforms for design validation, failure testing, and certification work.
// Field notes
Recent writing
Dual-repo pattern for self-hosted platforms — public portfolio, private source of truth
Real configs and portfolio screenshots don't belong in the same git history. Here's the pattern I use, why it matters, and the gh commands to set it up.
Wildcard TLS for a self-hosted homelab — Cloudflare DNS-01, end to end
How I gave eight internal services real Let's Encrypt certificates with one wildcard, no port forwards, and automated renewal. Walks through the Cloudflare token, acme.sh setup, nginx wiring, and the gotchas that bit me.
// /now
What I'm working on
Day job
Operations Analyst at CDW — supporting hundreds of enterprise networks across SD-WAN, firewall, and cloud-connected environments.
Building
Self-hosted platform on Proxmox — nine services behind nginx with wildcard TLS, public exposure via Cloudflare Tunnel, IDS/SIEM via Security Onion.
Studying
Network automation with Python and Ansible. Migrating platform configurations toward infrastructure-as-code.