rohit raj rajana
network security engineer · germany
i secure networks for a living — firewalls, zero trust, cloud infrastructure, and the bits in between. 5+ years working across palo alto ngfw, cisco asa, aws, and enterprise security tooling.
outside of work i'm building homelab infrastructure, automating workflows with n8n, writing about applied ai in security engineering, and learning german. i also wrote a book — Your AI Head Start — a field guide for actually using AI.
know me
age 29.000000000i didn't plan on becoming a network security engineer.
it started with a simple question: how does all of this actually connect? networks. systems. people. invisible threads, quietly carrying everything that matters. that curiosity pulled me in — and 5+ years later, i'm the one mapping the flow, spotting the weak links, and making sure things run the way they're supposed to… not the way attackers hope they will.
along the way, i earned a master's in management information systems from the university of illinois chicago, usa, and before that, a bachelor of technology in computer science from gitam university, visakhapatnam. i'm also ccna (cisco certified network associate) certified — part engineer, part "keeper of the blinking lights," making sure the digital world stays up, running, and a little less chaotic.
but the real story? at my core, i'm driven by faith in god and curiosity. one keeps me grounded. the other keeps pulling me forward.
so i build. i learn. i question things. i automate anything that dares to repeat itself. because if i've done it twice, it's already asking to be scripted.
somewhere between clean network diagrams and late-night troubleshooting, i share what actually works — no fluff, no theory for the sake of sounding smart.
what started as curiosity about how packets move across networks became a full career. 5+ years deploying palo alto ngfw, cisco asa, arista switching, and zero trust architectures — measured against a 20-year career arc, still early days. the thing i love most is that the threat landscape never stops evolving — there's always something new to learn, break, and defend against.
this has quietly become one of my deepest skills. if a task happens more than twice, i automate it — n8n is my primary tool, and i've built pipelines for content scheduling, receipt processing, birthday messages, and more. i'm now building products and systems around it, not just using it for personal convenience — the intersection of ai and security engineering is where i spend most of my actual thinking time these days.
shooting with a sony alpha a6700. started with street photography and architecture — both suit the patient, observational mindset that security work also demands. you can follow the photography work at @pixel.hokage →
training is a non-negotiable part of my week. mostly compound lifts — consistency over intensity. a structured gym routine does more for my focus and energy than almost anything else.
semifinalist in team doubles at UIC's 2024 intramural tournament. picked up the racket properly in college and never really put it down — fast reflexes, faster footwork, and the only sport where i actually enjoy the competitive pressure.
learning german since relocating. using anki for vocabulary and structured lessons for grammar. currently at A1 — still very much a beginner but making steady progress. goal is C1.
long-term focused. investing in ucits etfs with german tax optimization in mind. heavily influenced by naval ravikant's philosophy on wealth creation: own equity, not time.
tech & gadgets
software
books
gaming
2026
last update: june 2026
a living record of what i'm building, learning, and doing this year.
| Your AI Head Start → | field guide — ai tools, systems & prompting. first book. |
| AI Prompt Vault → | companion workbook — curated, ready-to-use prompt library. |
| zimablade 7700 homelab build → | self-hosted server with casaos/debian |
| n8n automation stack → | all the workflows i'm running locally |
| security+ study system → | cert prep structured in obsidian |
| docker security stack → | portainer, watchtower, crowdsec, socket proxy |
| tryhackme rooms → | soc 101, linux 101, active rooms |
| hack the box → | machines and ctf challenges |
work
5+ years securing enterprise networks — firewall deployments, cloud architecture, soc operations, cisco networking and products.
| Role | Company | Location | Period |
|---|---|---|---|
| SCADA Network Engineer | Chevron | Colorado, USA | Dec 2024 – Feb 2026 |
| Network Security Engineer | Bath & Body Works | Chicago, USA | Sep 2023 – Nov 2024 |
| Security Consultant | Tata Consultancy Services (TCS) | Hyderabad, India | Jun 2018 – Jul 2021 |
| Degree | Field of Study | Institution | Grad Year |
|---|---|---|---|
| Master of Science · incoming | Cybersecurity | Saarland University, Germany | WS 2026/27 |
| Master of Science | Management Information Systems | University of Illinois Chicago, USA | 2023 |
| Bachelor of Technology | Computer Science | GITAM University, Visakhapatnam, India | 2018 |
| Cert | Issuer | Status |
|---|---|---|
| 🏅 CCNA | Cisco | ✅ earned |
| ☁️ AWS Cloud Practitioner | Amazon Web Services | ✅ earned |
| 🔴 PJPT — Practical Junior Penetration Tester | TCM Security | ✅ earned |
| 🔍 OSINT — Open-Source Intelligence Investigator | TCM Security | ✅ earned |
| 🛡️ Google Cybersecurity Certificate | ✅ earned | |
| 🔒 CompTIA Security+ | CompTIA | 📖 in progress |
| 🧱 Fortinet NSE | Fortinet | 📖 in progress |
| ☁️ AZ-500 — Azure Security Engineer | Microsoft | 📖 in progress |
| Domain | Tools & Skills |
|---|---|
| 🔥 next-gen firewalls | palo alto ngfw, panorama, cisco asa, policy management, nat, ssl inspection |
| 🌐 cisco networking | routing (ospf, eigrp, bgp, rip), switching (vlans, stp, etherchannel, trunking), inter-vlan routing, layer 2/3 troubleshooting, cisco ios, cdp/lldp, dhcp, dns, qos |
| 🖧 network infrastructure | arista, network segmentation, subnetting, acls, wan/lan design, network troubleshooting |
| ☁️ cloud security | aws vpc, transit gateway, iam, security groups, scada/ot network security |
| 🛡️ endpoint & threat | crowdstrike falcon, nessus, splunk, vulnerability assessment |
| 📊 monitoring | solarwinds, splunk siem, log analysis, network performance monitoring |
| 🏗️ architecture | zero trust network access (ztna), network segmentation, dmz design |
| 🤖 automation | n8n, docker, python scripting, network automation |
projects
i build, i break, i fix, i defend — a mix of homelab security research, automation pipelines, and infrastructure work.
penetration testing and ad exploitation in a homelab environment — kerberoasting, pass-the-hash, smb/llmnr spoofing, and ntlm relay to compromise a domain controller. used nmap, netcat, bloodhound, and powerview for recon and enumeration.
homelabpentestingactive directoryconducted osint investigations using maltego, theharvester, and shodan. gathered actionable intelligence from social media, breached data, and metadata. built sock puppet accounts, automated data collection, and produced detailed threat intelligence reports.
homelabosintthreat intelligenceproduction-hardened n8n docker environment with portainer, watchtower, crowdsec, and docker socket proxy for least-privilege daemon access.
dockersecurity hardeningcentralizing osint tooling (maltego, theharvester, shodan) into one dashboard for faster recon workflows.
in progressa browser extension that flags suspicious links and sender patterns before a click happens.
in progresswatches dns query patterns for signs of data exfiltration disguised as normal lookups.
in progresszimablade 7700 running casaos/debian. pi-hole, tailscale, portainer, nextcloud, jellyfin. cloudflare tunnel for remote access without port forwarding.
infrastructureself-hosteddiscovers and maps active devices on a network — building toward a clean visual topology output.
in progressbaselines normal traffic patterns and flags deviations — early-stage detection logic before alerting.
in progresslogs nearby wireless device activity for signal-strength and presence analysis in a controlled lab setup.
in progressdeploying and tuning rule sets for real-time traffic inspection and alerting in a homelab environment.
in progressmonitors traffic volume and request patterns to flag denial-of-service style behavior as it happens.
in progressprobes login flows for weak password policies, brute-force exposure, and session handling issues.
in progressend-to-end n8n workflow: google sheets content calendar → gpt-4o generation → approval email gate → auto-publish to linkedin.
n8ngpt-4olinkedin apin8n pipeline that monitors email for receipts, extracts structured data using ai, and auto-generates formatted invoices.
n8ndocument ain8n reads google calendar & contacts, generates personalized birthday messages with gpt-4o, then routes through an approval gate before sending.
n8ngoogle apigpt-4odeep-dive research into germany-optimized investing — ucits etf selection, teilfreistellung tax treatment, withholding tax strategy, and broker comparison for german residents.
investinggermanynotionguides & books
things i've written — and things that shaped how i think.
| Name | About |
|---|---|
| 🔒 zero trust on a budget → | ztna in a small org without enterprise licensing |
| 🏠 self-hosting with zimablade → | homelab build guide — casaos, portainer, tailscale |
| 🤖 n8n for security engineers → | automating repetitive security ops with n8n and ai |
| 🇩🇪 relocating to germany as a tech professional → | chancenkarte process, job market, salary expectations |
| 🔐 pentest lab setup guide → | beginner ethical hacking environment at home |
the ones that left a mark. one honest line on what i actually took from each.
see my full shelf on goodreads →store
things i've made — books, guides, and tools worth your time.
contact
want to connect? slide into my dms on linkedin or instagram — that's where i'm most responsive.
| linkedin.com/in/rohit7raj → | |
| instagram.com/rooh7t → | |
| ▶️ YouTube | youtube.com/@itsrooh7t → |
| 🎞️ Photography | instagram.com/pixel.hokage → |
| ✍️ Medium | medium.com/@rooh7t → |
| ☕ Buy Me a Coffee | buymeacoffee.com/rooh7t → |