Competition
1st Place — Beyond the Ball
NBA Tech Challenge
Security+ Certified
Jaedon Chin
Cybersecurity | Infrastructure | Systems
I build things that work, secure them so they stay working, and automate the rest.
About
I've been taking things apart since I was a kid—computers, networks, anything I could get my hands on. That habit never went away. Now I just get paid to put them back together (and make sure nobody else can break in).
My thing is making systems actually work. Not just "it runs on my machine" work, but production-grade, someone-is-depending-on-this work. I've built CRMs, deployed infrastructure, configured enterprise networks, and automated the boring stuff so I can focus on the interesting problems.
Currently finishing my MIS degree at Texas Southern with Security+ in hand and CySA+ on deck. But honestly, most of what I know came from breaking things in my homelab at 2am and figuring out how to fix them before morning.
How I Use AI
I treat AI as a force multiplier, not a crutch. I build multi-agent systems with clear separation between planning and execution — a controller decides strategy, specialized workers carry it out. I use AI to accelerate engineering work while keeping security judgment where it belongs: with the engineer. The goal is better output, faster — not less thinking.
Recognition
Speaking
Conference Presenter
Technical presentation and demonstration
Program
Title III Recognition
Federal STEM program achievement
Academic
President's & Dean's List
2x President's List · 3x Dean's List
Community & Mentorship
Prompt Engineering Curriculum
Created and delivered a structured prompt engineering lesson for students participating in the NBA Tech Challenge — bridging the gap between AI capability and practical application.
Peer Mentorship
Mentoring non-technical peers on AI tools, app development fundamentals, and how to approach technical problems — making technology accessible beyond CS majors.
Cyber Program Development
Contributing to cybersecurity program development research at TSU — helping shape curriculum and lab infrastructure for the university's growing cyber initiative.
Industry Engagement
Active engagement with defense and cybersecurity organizations including MITRE, Lockheed Martin, HII, and Leidos — building connections across the GovTech and defense ecosystem.
Projects
Stuff I've actually built and shipped. Not tutorials, not toy projects—real systems solving real problems.
TSU Cybersecurity Teaching Lab
Active
Cisco Catalyst 9200
Catalyst 8200
Meraki MS130
Firepower 1000
UCS C220
Problem
Texas Southern University had no dedicated cybersecurity lab. Students lacked access to enterprise networking equipment for hands-on learning — limiting practical skill development in a field that demands it.
Architecture
Multi-layer campus network with Cisco Catalyst 9200/8200 core switching, Meraki MS130 access layer, and Firepower 1000 series for threat inspection. UCS C220 rack servers provide compute for lab workloads. Full VLAN segmentation isolates student traffic from production.
What I Built
- Physical and logical network infrastructure from bare metal to operational
- VLAN segmentation architecture separating lab, management, and campus traffic
- Network diagrams and topology documentation for the full environment
- Configuration documentation and handoff guide for program continuity
- Rack installation, cabling, and hardware commissioning
Security
Firepower IPS/IDS providing real-time threat inspection. VLAN-based network segmentation enforcing least-privilege access between zones. Dedicated management VLAN for infrastructure administration. Built to support future expansion of the cyber program.
R-Value CRM
In Progress
Next.js
TypeScript
Supabase
PostgreSQL
Tailwind
Problem
Insulation contractors were running their businesses out of text threads, spreadsheets, and sticky notes. They had no idea if a job was profitable until it was done—and sometimes not even then. Generic CRMs didn't fit their workflow, and the industry-specific ones cost a fortune.
Architecture
Next.js App Router frontend talking to Supabase (Postgres + Auth). Row Level Security handles multi-tenancy so each contractor only sees their own data. Strict client/server split—no "use client" where it doesn't belong. Playwright catches regressions before they hit production.
What I Built
- Drag-and-drop kanban for tracking leads through the pipeline
- One-click lead → job conversion that keeps everything linked
- Time tracking that workers can use without logging in (they just need the job link)
- Real-time cost tracking that calculates labor automatically from time entries
- Profit dashboard showing estimated vs. actual—no more guessing
- Activity feed that logs everything so you know who did what and when
Current State
Core features are done and tested. Schema is locked down with migrations. Now polishing the UI and building out the marketing site. Already have contractors using it.
Pandora — Local-First AI Voice Assistant
In Progress
Python
faster-whisper
Ollama
Kokoro TTS
Docker
WireGuard
Next.js
Problem
Cloud voice assistants are a privacy nightmare, add noticeable latency, and get expensive fast. I wanted something that processes voice locally with sub-second responses, but can still tap into cloud APIs when the local model isn't enough—all without giving an AI unrestricted access to my infrastructure.
Architecture
Two-machine setup. My RTX 3070 handles the real-time voice pipeline (wake word → speech-to-text → LLM → text-to-speech) within 8GB VRAM constraints. VPS runs the persistent stuff—Postgres, n8n for automation, Qdrant for semantic search—connected over an encrypted WireGuard tunnel. About 60% of queries stay local; the rest get routed to cloud APIs intelligently. Agent Zero on the VPS handles long-running autonomous tasks.
What I Built
- Custom voice pipeline: faster-whisper (INT8) → Qwen3 via Ollama → Kokoro TTS, ~3s end-to-end
- Trained my own wake word model using synthetic speech data via openWakeWord
- Hybrid query router that decides local LLM vs. semantic cache vs. cloud API based on complexity
- Defense-in-depth security: API wrapper with explicit container allowlists, rate limiting, immutable audit logs
- WireGuard tunnel with all services bound to tunnel IP—nothing exposed on public interfaces
- Hardened Docker containers: non-root, dropped capabilities, read-only filesystems, resource limits
Security
The AI never touches the Docker socket directly. Every container operation goes through an allowlist with rate limiting, and audit logs are stored separately where the AI can't modify them. Network is segmented by trust level—WireGuard for internal traffic, Cloudflare Tunnel with Zero Trust for anything external. I've documented the threat model with specific mitigations for prompt injection, container escape, and secret leakage.
Rockets Loyalty+ — NBA Beyond the Ball
1st Place
Next.js
Supabase
Tailwind
AI-Assisted Ideation
Problem
The NBA Beyond the Ball Tech Challenge asked teams to build a fan engagement solution for the Houston Rockets. Needed to ship a working product under competition time pressure while leading a team with mixed technical backgrounds.
Architecture
Next.js frontend with Supabase backend for auth and data persistence. Tailwind for rapid UI development. AI-assisted ideation during the design phase to accelerate user research and feature scoping.
What I Built
- Led development as Lead Developer — 20+ hours of hands-on coding
- Built user personas and empathy maps to ground feature decisions in real fan needs
- Designed and led a prompt engineering lesson for participating students
- Full-stack fan loyalty application with gamification and reward mechanics
- Managed team delivery, technical direction, and final presentation
Result
Won 1st place in the NBA Beyond the Ball Tech Challenge. Demonstrated ability to ship under pressure, lead cross-functional teams, and combine technical execution with user-centered design thinking.
Production VPS Infrastructure
Docker
Traefik
Cloudflare
Ubuntu
Problem
I needed somewhere to run my projects that wasn't going to cost me $50/month per app. Vercel and Railway are great until you're running five things. Manual server setup works until you forget how you configured it six months ago.
Architecture
One VPS, everything containerized. Traefik sits in front and routes traffic to the right container based on domain. Cloudflare handles the public-facing stuff—DNS, SSL termination, DDoS protection. The whole thing is defined in Compose files so I can blow it away and rebuild it in minutes.
What I Built
- Traefik reverse proxy with automatic Let's Encrypt certs—no manual renewal
- Cloudflare Tunnels so nothing is exposed directly to the internet
- Network isolation between containers—one compromised service can't reach the others
- Automated backups that actually get tested (learned that lesson the hard way)
Security
Fail2ban watching SSH. UFW set to deny by default. Containers run as non-root with dropped capabilities. Secrets live in env files that never touch git. It's not paranoia if they're actually scanning your ports.
Skills & Certifications
Certifications
-
CompTIA Security+ SY0-701Active
-
CompTIA CySA+ CS0-003In Progress
-
AWS Cloud Practitioner CLF-C02Planned
-
AWS AI Practitioner AIF-C01Planned
Infrastructure
- Docker / Compose
- Linux (Ubuntu/Debian)
- Traefik / Cloudflare
- TCP/IP, DNS, DHCP
Networking
- Cisco Catalyst / Meraki
- Cisco Firepower
- Network Segmentation
- Wireshark
Security
- Network Security
- Risk Assessment
- Incident Response
- Firewall / RLS
Development
- TypeScript / Next.js
- Python
- PostgreSQL / Supabase
- Git / Playwright
What I'm Learning Now
CompTIA CySA+
AWS Cloud Architecture
Docker Security
Container Hardening
Experience
Cybersecurity Infrastructure Support Technician
Texas Southern University
Apr 2025 - Present
I'm the lead student tech for TSU's first dedicated cybersecurity lab. Basically, I'm the one racking Cisco gear, configuring VLANs, and making sure the Firepower doesn't block legitimate traffic. When something breaks at 4pm on a Friday, I'm the one who stays to fix it.
IT Technician – UPS Systems Installation
JosephOne Technologies / CCISD
Aug 2025 - Present
Deployed 600+ enterprise UPS units across an entire school district. That's a lot of battery backups, a lot of cable management, and a lot of classrooms that don't lose their work when the power flickers anymore. Set up centralized monitoring so IT can see battery health across every campus from one dashboard.
World Bank Project Intern
National Electrification Project
Jun 2022 - Aug 2022
Worked on IT infrastructure planning for solar electrification projects in Liberia—the kind of work where your database decisions affect whether 5,000+ households get reliable power. Collaborated with engineers from three continents and learned that "international deadline" means something different to everyone.
Writing
How I Helped Build TSU's Cyber Lab from Scratch
From bare rack to operational teaching lab — the process, decisions, and lessons from building a university cybersecurity environment on enterprise Cisco gear.
AI as a Security Tool, Not a Shortcut
Why treating AI as a force multiplier — not a replacement for judgment — produces better security outcomes.
What I Learned Installing 600 UPS Systems
Lessons from large-scale hardware deployment across a school district — logistics, troubleshooting, and working at scale.
Career Focus
I'm targeting roles in cybersecurity infrastructure, cloud security, and GovTech/defense-adjacent environments. My experience is hands-on — building secure networks with enterprise Cisco gear, shipping production applications with real access controls, and developing AI-powered security tooling that augments human judgment. I want to bring that same build-and-secure mindset to teams protecting critical systems.
Get in Touch
Got a project, a question, or just want to talk shop? I'm always down to connect. Open to internships, co-ops, and full-time opportunities.