ZEPHER ASHE
ZEPHER ASHE
Hello! I'm Zepher — a Systems Analyst turned DevSecOps / Platform Engineer in the making. I bring years of experience in infrastructure, disaster recovery, and security, and I’m now focused on secure automation, cloud-native platforms, and resilience engineering.
AWS, Terraform, Ansible, CI/CD pipelines, Kubernetes, Docker
MFA, LDAP/SSO, PKI, Backup & Disaster Recovery (3-2-1), Incident Response, Secure by Default
Bash, PowerShell, Python, PHP/MySQL, HTML/CSS/JS
I hold a BSc (Hons) in Computing and IT from the Open University. Alongside my career, I’ve built a wide range of personal and professional projects — from cloud-native homelab deployments to security-first infrastructure — many of which are shared on GitHub and LinkedIn.
My proficiency in each skill (drag to scroll)
Lowest possible value: 10% - Used for short period of time such as with a class project.
Highest possible value: 100% - Very extensive experience with this particular skill.
10k+ user environments, AlmaLinux, Debian, RHEL — secure, stable deployments
Modular, multi-env IaC with AWS (IAM, EC2, S3, VPC, Route53)
Automated config & upgrades (Proxmox, Linux migrations, pipelines)
Secure container builds, manifests, health probes, early orchestration work
System automation, custom tooling, security projects (C2, blockchain, RATs)
MFA, SSH key mgmt, SIEM (Wazuh), Vulnerability Mgmt, SAST/DAST
SAN migrations (Dell EMC), Ceph clustering, HA, Disaster Recovery (Cohesity/Bareos)
pfSense firewalls, VLANs, L2/L3 switches, VPN, SDN in Proxmox
September 2016 - September 2020
Open University
Studied Computing & IT
May 2018 - December 2019
Signworks UK
IT Specialist
Janurary 2021
Graduated University
BSc (Hons) Computing & IT
Janurary 2020 - August 2023
Signworks UK
Systems Architect
August 2023 - Present
St George's University of London
Systems Analyst/Administrator
Here are some examples of projects I have produced.
Designing and implementing robust infrastructure solutions with Proxmox VE and Ceph for hyperconverged functionalities.
Hyperconverged Proxmox VE cluster with Ceph for distributed storage, HA, and full-mesh networking. Designed for homelab-scale production-like workloads.
Skills: Proxmox, Ceph, HA, SDN, Virtualisation
Led a full-scale SAN data migration from legacy Dell EMC storage with minimal downtime, using LVM, rsync, and multipath for precision cutovers. Focus on resilience and DR.
Skills: SAN, EMC, Linux, Disaster Recovery
A hardened, HA LDAP server for privileged IT users with MFA (Google Authenticator), centralised SSH key management, encrypted NFS home directories, and breakglass protocols.
Skills: Linux, LDAP, MFA, SSH, NFS, PAM
Demonstrating expertise in automating, optimising, and securing cloud and DevOps workflows to enhance operational efficiency and reliability.
Design and implementation of an automated cloud infrastructure using Terraform, AWS and GitHub Actions following best practices.
Skills: Terraform, AWS, GitHub Actions, CI/CD
A year-long structured roadmap to transition from SysAdmin to DevSecOps — covering Docker, Kubernetes, Terraform, Ansible, AWS, CI/CD, and SAST/DAST with security-first practices.
Skills: Terraform, Ansible, AWS, CI/CD, Kubernetes
Ever since I challenged myself to create a social media website similar to Facebook as a way of learning HTML, CSS, JavaScript, PHP, MySQL, etc... I have been intrigued by web technologies from a creativity and hacking perspective. Here are some of the projects I worked on both in and outside of my studies.
Valhalla2 is a full scale social media website! Not only does it contain all the main functionality you get with the likes of Facebook or Twitter, but it also respects privacy!
Hardened using PBKDF2 and each user having a unique salt.
TwitterClone is clone of the social media website Twitter written with Node.JS, MongoDB and Socket.IO.
Features • Tweets • Likes, comments, and retweets • Profile pages • Following and followers • Instant Messaging in real-time • Group chat support* • Profile pictures • Cover photos
Doogle is a search engine and web crawler which can search indexed websites and image, and then using keywords be searched later.
MonoBlockchain discover the engineering ideas behind blockchain technology and build a blockchain-based cryptocurrency network.
Every outage tells a story – here are mine
In IT Infrastructure and DevSecOps, incidents are inevitable — how you respond is what counts.
These are real-world examples of the challenges I’ve faced, the lessons I’ve learned, and how they’ve shaped my approach to secure, resilient systems.
During a routine yum upgrade, Dell’s watchdog timer forcibly rebooted the system mid-transaction.
Critical system packages (e.g., networkmanager, yum) were left in a corrupted state —
binaries reduced to 0 bytes, services masked, and the filesystem unstable.
Recovery required full out-of-band access, manual filesystem repair, and package reconstruction before the host could be stabilised. From this, we adopted stricter upgrade procedures, kernel parameter hardening, and enforced staged patching with rollback checkpoints.
Lesson: Even “routine” OS patching can leave a system unrecoverable if interrupted. A robust patching strategy must include not only staging and validation, but also clear rollback and full rebuild procedures to restore service if critical packages or filesystems are destroyed.
A gas-based fire suppression event unexpectedly triggered a site-wide I/O freeze. SAN controllers locked up, VMware hosts stalled on storage, and critical services cascaded into failure. Infrastructure components such as directory services, DNS/DHCP, and Wi-Fi went offline, alongside business-critical applications including finance, procurement, HR, and wider portfolio platforms. Several systems were unrecoverable despite restoration attempts.
I led the response: isolating workloads, coordinating with vendors, and performing emergency SAN migrations, filesystem repairs, and data validation. Recovery was triaged by business impact — restoring identity and authentication first, HR systems and then finance, followed by the wider portfolio of systems. Where recovery was not possible, I documented gaps and initiated planning for stronger backup and failover coverage.
Lesson: Disaster recovery must account for environmental chain reactions that extend beyond IT hardware. This event reinforced the need for SAN replication, rigorous 3-2-1 backup compliance, verified restore testing, and realistic failover strategies that assume the complete loss of core infrastructure.
© safesploit.com . All rights reserved.
