Brian Latchman

Picture

About Me

I'm an aspiring IT and cloud engineer who learns by building and experimenting with real systems. Through my home lab, I've worked on setting up servers, remote access solutions, and self-hosted services, gaining hands-on experience in networking and system administration. My current goal is to break into cloud engineering and expand my knowledge in infrastructure, automation, and secure system design.

Projects

Personal Home Server Build & Home Lab

My home lab journey started by repurposing an old iMac desktop as my first server. I wiped it, installed a Linux-based OS, and began running services on it — learning the fundamentals of server administration, networking, and self-hosting through trial and error. It was my first real exposure to managing a live system and understanding how services interact with each other on a network.

As my needs grew and the iMac started showing its limitations, I decided to build my own personal server from scratch. I researched compatible components, selected hardware suited for a low-power, always-on workload, and assembled it myself. The server runs Ubuntu — I chose the full desktop install rather than going fully headless, since I use the terminal heavily for command practice and day-to-day administration but still wanted the option of a GUI when needed. It acts as the backbone of my entire home lab, hosting all of my self-hosted applications, storage, and services. Managing it day-to-day has given me strong experience in Linux system administration, package management, file system management, user permissions, service configuration, and general troubleshooting.

Skills Demonstrated: Hardware building, Ubuntu, Linux administration, terminal usage, server configuration, package management, system troubleshooting, home lab design.

Self-Hosted Services & Infrastructure

One of the things I enjoy most about running my own server is having full control over my own infrastructure. I've set up and manage a wide range of self-hosted services, all deployed and orchestrated using Docker and Docker Compose. Docker Compose lets me define every service, its dependencies, environment variables, volumes, and networking in a single file — making it easy to spin things up, tear them down, and keep everything consistent.

My setup includes a personal NAS for centralized file storage and access across devices, a Jellyfin media server for streaming my own media library, and the full arr stack (Sonarr, Radarr, Prowlarr, and others) for automated media management and organization. I also host dedicated game servers for Minecraft and Terraria, which I've used to play with friends — managing server configs, mods, backups, and updates myself. Every service runs in its own container, keeping things isolated and easy to manage.

Skills Demonstrated: Docker, Docker Compose, container networking, NAS configuration, Jellyfin, arr stack, game server administration, service isolation, infrastructure management.

Remote Access & Network Security

Having reliable and secure remote access to my home lab was a priority. I self-hosted a RustDesk relay and ID server directly on my personal server, which allows me to remotely connect to any of my machines without routing traffic through a third-party service. Combined with Tailscale, I have a secure, private mesh network that makes my devices accessible from anywhere as if they were on the same local network — without exposing any ports to the public internet.

On the network security side, I configured my GL.iNet GL-AXT1800 router to handle DNS sinkholing, blocking ads and known malicious domains at the network level before they reach any device. I also set up a VPN on the router itself so that all traffic leaving my network is encrypted and routed through a trusted tunnel. This setup replaced what I previously had running on my server and centralized everything at the network edge, improving both performance and coverage across all devices including those that can't run their own VPN clients.

Skills Demonstrated: RustDesk self-hosting, Tailscale mesh networking, VPN configuration, DNS sinkholing, GL.iNet router administration, network security, port management.

Website Development & Personal Subdomain

I designed and built this portfolio website entirely from scratch using HTML, CSS, and JavaScript — no templates or frameworks. Every section, style, and interaction was written by hand, which gave me a solid understanding of how the web works at a fundamental level. The site is fully responsive, adapting cleanly to both desktop and mobile screens, and includes smooth scrolling navigation between sections.

Beyond the main portfolio site, I configured a personal subdomain to serve as my own private download page. I handle everything myself — DNS record configuration, pointing the subdomain to the right server, and managing the hosted files. This gave me practical experience with DNS management and understanding how domains, records, and web servers all tie together.

Skills Demonstrated: HTML, CSS, JavaScript, responsive web design, DNS configuration, subdomain setup, web hosting, domain management.

Home Automation with Home Assistant

My apartment came with a standard non-smart thermostat — no app, no scheduling, no remote control. Rather than replace it with an expensive smart thermostat, I integrated Home Assistant with a smart switch wired in a way that lets Home Assistant control the thermostat's power state. Through the Home Assistant app, I can turn the heat or AC on and off with a single tap on my phone from anywhere in the world.

I also set up voice command support, so I can just say a command out loud and Home Assistant triggers the thermostat automatically. Setting this up required configuring automations, integrations, and understanding how Home Assistant communicates with smart devices over the local network. It was a great introduction to IoT concepts, YAML-based automation scripting, and how to build practical smart home setups without relying on cloud-dependent commercial products.

Skills Demonstrated: Home Assistant, YAML automation scripting, IoT integration, smart home configuration, voice assistant integration, remote device control.

Hardware Builds

I built my own custom gaming PC from the ground up — researching parts for compatibility and performance, comparing specs and prices, and assembling everything myself. Going through the full build process taught me a lot about how computer hardware works together: CPU and motherboard compatibility, RAM specs, cooling solutions, cable management, and BIOS configuration. Troubleshooting issues that came up during and after the build also gave me hands-on diagnostic experience.

I also set up a mini PC that I originally configured as a retro game emulation station, loading it up with emulators and ROMs and setting up a controller-friendly frontend for a clean couch experience. Over time I repurposed it into a dedicated living room media device, integrating it with my Jellyfin server so I can stream my full media library directly from the TV without any external streaming service.

Skills Demonstrated: PC building, hardware compatibility research, BIOS configuration, system diagnostics, emulation setup, media center configuration.

Custom Discord Bot Development

What started as a simple bot with rotating statuses has grown into a full-featured Discord application. The bot is built in Python using discord.py with app_commands for slash command support, with utility and fun commands like /sb for sending random images, reaction-based polls, and quick link commands.

The most substantial feature is a fully interactive D&D Party Inventory System, launched with a single /inv slash command. It posts a live embed panel that anyone in the server can interact with using buttons and dropdown menus — no commands needed after that. Features include:

  • Compendium search — searches a local compendium.xml file parsed with Python's xml.etree.ElementTree, with paginated results and a dropdown to select and add items directly to inventory
  • Custom item creation — modal form to add homebrew or custom items with name, quantity, cost, weight, and description
  • Item removal — dropdown picker with quantity control, or remove all at once
  • Item details — view full stats and description for any item in the inventory
  • Spell lookup — search the compendium's spell list with paginated results and full spell detail embeds including level, school, cast time, range, components, and description
  • Gold tracking — separate party gold and per-player gold wallets, with transfer between the two and a live grand total on the panel

All inventory data is stored in JSON files sharded by guild ID, so each Discord server gets its own isolated inventory. The entire UI is built with Discord's component system — modals, select menus, and button rows — keeping everything inside Discord without needing any external dashboard.

Code Snippet:


    # D&D Inventory panel — launched with /inv
    @bot.tree.command(name="inv", description="Open the party inventory panel")
    async def inv(interaction: discord.Interaction):
        await interaction.response.send_message(
            embed=_make_embed(interaction.guild_id),
            view=InventoryView(interaction.guild_id)
        )

    class InventoryView(discord.ui.View):
        def __init__(self, guild_id: int):
            super().__init__(timeout=None)
            self.guild_id = guild_id

        @discord.ui.button(label="📖 Add from Compendium", style=discord.ButtonStyle.primary, row=0)
        async def add_compendium(self, interaction: discord.Interaction, button: discord.ui.Button):
            await interaction.response.send_modal(
                CompendiumSearchModal(self.guild_id, interaction.message)
            )

        @discord.ui.button(label="🪙 Gold", style=discord.ButtonStyle.secondary, row=1)
        async def gold(self, interaction: discord.Interaction, button: discord.ui.Button):
            await interaction.response.send_message(
                "What would you like to do with gold?",
                view=GoldActionView(self.guild_id, interaction.message),
                ephemeral=True,
            )

        @discord.ui.button(label="✨ Spell Lookup", style=discord.ButtonStyle.primary, row=2)
        async def spell_lookup(self, interaction: discord.Interaction, button: discord.ui.Button):
            await interaction.response.send_modal(SpellSearchModal())

    bot.run('YOUR_BOT_TOKEN')

You can read more about the bot's features and implementation in the documentation.

Skills Demonstrated: Python, discord.py, app_commands, slash commands, Discord UI components (modals, views, select menus, buttons), XML parsing, JSON file storage, asynchronous programming, bot development.

Penetration Testing & Security Tools

I've used a Flipper Zero paired with a Wi-Fi Devboard to conduct hands-on security testing exercises in a controlled environment. On the wireless side, I practiced capturing WPA handshakes from Wi-Fi networks and then running password cracking attacks against those captures using wordlists and cracking tools. This gave me a real understanding of how weak passwords and unprotected networks can be exploited, and reinforced why strong passphrases and proper network configuration matter.

I also explored RFID and NFC capabilities with the Flipper Zero, experimenting with reading and emulating cards to understand how these technologies work at a low level. These projects were done entirely for learning purposes in my own lab environment and helped bridge the gap between theory and real-world security concepts.

Skills Demonstrated: Wi-Fi security testing, WPA handshake capture, password cracking, RFID/NFC analysis, Flipper Zero, Wi-Fi Devboard, wireless security concepts.

Google Cybersecurity Certificate — Labs & Projects

As part of earning the Google Cybersecurity Certificate, I completed a comprehensive series of hands-on labs and projects covering the core domains of cybersecurity. These weren't just multiple choice exercises — each project involved working through real scenarios using industry-standard tools and frameworks.

  • Security Audit & Risk Assessment — Conducted a full internal security audit using NIST-based frameworks. Identified security gaps, risks, and control weaknesses across simulated organizational assets, and produced a detailed report with actionable remediation recommendations.
  • Incident Response Investigation — Analyzed simulated security incidents by following the incident response lifecycle from detection through containment and recovery. Documented root causes, attack timelines, and mitigation steps in structured incident reports.
  • Network Traffic Analysis (Wireshark / tcpdump) — Captured and analyzed live packet data to identify suspicious activity and potential threats. Investigated protocol-level anomalies and practiced applying network security monitoring techniques to real traffic.
  • SIEM Threat Detection (Splunk / Chronicle) — Worked inside SIEM platforms to investigate security alerts, correlate log data across sources, and identify indicators of compromise (IOCs). Practiced the full threat detection and response workflow from alert to escalation.
  • Linux Security & Log Analysis — Used the Linux command line for system monitoring, log analysis, and security operations tasks. Managed file permissions, reviewed auth logs and system logs, and applied basic hardening techniques.
  • SQL Log Analysis — Wrote SQL queries to extract and analyze security-relevant data from databases. Filtered large log datasets to surface suspicious or unauthorized activity and support simulated investigations.
  • Python Security Automation — Developed Python scripts to automate repetitive security tasks such as log parsing, pattern matching, and alert summarization. Focused on improving efficiency in security workflows through scripting.
  • Threat Modeling & Risk Analysis — Identified organizational assets, modeled potential threats, and evaluated vulnerabilities. Applied risk scoring to prioritize mitigation strategies using structured threat modeling methodologies.
  • Detection & Response Workflow (IDS/SIEM) — Practiced alert triage, escalation procedures, and structured response processes. Worked with IDS concepts and tools including Suricata to detect and classify network-based threats.
  • Cybersecurity Portfolio & Case Studies — Compiled a professional portfolio documenting hands-on projects focused on detection, analysis, and incident response — aligned with the skills and expectations of entry-level SOC analyst roles.

Skills Demonstrated: NIST frameworks, incident response, Wireshark, tcpdump, Splunk, Chronicle, Linux CLI, SQL, Python, threat modeling, Suricata, SIEM, IDS, log analysis, security auditing.

Certifications

Google Cybersecurity Certificate

In Progress

CompTIA Security+ (In Progress)