Skip to main content
sudoRunner
sudoRunner

sudoRunner Portfolio Website

Live Portfolio Project

sudoRunner is not just where I publish my portfolio. It is also one of the projects.

I built it to turn my resume, academic work, cybersecurity labs, ServiceNow SecOps direction, GRC work, incident response projects, forensics evidence, and technical writing into something a reviewer can actually navigate.

Type Professional Cybersecurity Portfolio
Stack Hugo · Blowfish · GitHub · Cloudflare Pages
Focus HCI · Security-Conscious Publishing · Technical Writing
Deployment Cloudflare Pages + Custom Domain
Brand sudoRunner Terminal-Style Identity
Status Live / Iterative

Why I Built This
#

I wanted something better than a static resume.

A resume can list ServiceNow, vulnerability management, cybersecurity labs, incident response, forensics, malware analysis, GRC, cloud, HCI, and software coursework. But it does not show how I think, how I write, how I organize evidence, or how careful I am with sensitive material.

This site is meant to solve that problem.

The goal is simple:

  • help a recruiter understand my fit quickly
  • help a technical reviewer find the strongest evidence
  • keep ServiceNow SecOps and Vulnerability Response easy to find
  • show academic work without dumping raw submissions
  • show technical depth without publishing sensitive files
  • make the site usable on desktop and mobile
  • keep the review path obvious

What I Actually Built
#

This site includes:

  • a homepage with a clear Start Here path
  • role-based review paths
  • a capability-to-evidence map
  • a project gallery with course-coded academic evidence
  • a public resume page
  • a credentials page
  • a professional contact page
  • a changelog
  • a ServiceNow SecOps lab hub
  • cybersecurity lab summaries
  • Governance, Risk & Privacy analysis summaries
  • incident response and forensics summaries
  • OT/ICS security notes
  • AI-assisted SecOps concept notes
  • mobile layout fixes
  • custom CSS and layout overrides
  • custom favicon and branding
  • privacy-conscious public publishing choices

The result is a portfolio that is organized more like a technical product than a folder of assignments.

Architecture
#

The site uses a static deployment model.

1

Local Hugo Site
#

Content, Markdown pages, layout overrides, partials, custom CSS, and static assets are maintained locally.

Local Build

2

GitHub Repository
#

Changes are committed through Git and pushed to GitHub for version control and deployment tracking.

Version Control

3

Cloudflare Pages
#

Cloudflare Pages builds and deploys the Hugo site from the GitHub repository.

Static Hosting

4

Custom Domain
#

The site is served through a custom domain with Cloudflare DNS.

DNS

5

Public Contact Layer
#

Cloudflare Email Routing and a public-facing contact alias keep personal contact details off the site.

Contact Privacy

HCI Decisions
#

A lot of the work on this site has been HCI work, not just design polish.

The biggest usability issue was that the site kept growing. As more academic projects were added, the portfolio needed stronger navigation and a clearer hierarchy.

The current structure is built around reviewer intent:

Problem
Design Decision
Result
Too many possible starting points
Added a stronger homepage Start Here button and a dedicated Start Here page.
Clear Entry
Different reviewers care about different evidence
Built role-based review paths for recruiters, ServiceNow reviewers, cybersecurity analysts, IR/forensics reviewers, GRC reviewers, OT/ICS reviewers, cloud reviewers, and HCI/software reviewers.
Role-Based Paths
Project list became too large
Reorganized Projects by evidence strength and topic instead of treating every course artifact as equal.
Hierarchy
Buttons and labels looked too similar
Separated clickable CTAs from static badges, honors, credentials, labels, and information panels.
Click Clarity
Mobile layout had visual collisions
Adjusted card stacking, spacing, button behavior, safe areas, and text wrapping for smaller screens.
Mobile HCI

Security-Conscious Publishing
#

A cybersecurity portfolio has a different publishing problem than a normal design portfolio.

A lot of my evidence involves malware labs, forensics, incident response, security tools, academic submissions, simulated environments, screenshots, credentials, and sensitive technical details. Publishing everything raw would be careless.

So the site uses a redacted summary approach.

I avoid publishing:

  • malware samples
  • forensic images
  • packet captures
  • raw lab screenshots with sensitive details
  • full academic answers
  • credential IDs
  • transcripts
  • private student data
  • client information
  • exact lab environment details
  • raw exploit or crackme instructions
  • sensitive infrastructure details

Instead, I publish:

  • what the work was about
  • what tools or methods were used
  • what the project shows
  • what I learned
  • why it matters for the roles I am targeting
  • where the limits are

That approach lets the site show real work without becoming a data leak.

Content Strategy
#

The most important content decision was to stop treating every page as equally important.

The portfolio now has an evidence hierarchy.

Level
Examples
Purpose
Flagship Evidence
ServiceNow SecOps Lab Hub, CYBER 440 Capstone, CYBER 366 Malware Analytics, IST 454 Forensics, IST 456 Security & Risk Management.
Lead With These
Strong Supporting Evidence
CYBER 342W, IST 432, IST 402, IST 331, CYBER 362, CYBER 262, IST 495.
Support the Story
Foundation Evidence
SRA 221, SRA 231, SRA 311, IST 240, IST 242, IST 250, IST 261, IST 311.
Show Progression

This makes the site more honest. Not every course artifact should be a headline project. Some pages are there to show growth, foundation, and context.

What Changed Over Time
#

The site started as a simpler portfolio. It became more structured as more evidence was added.

Major improvements included:

Guided Review Flow
#

The site now has a clearer Start Here path and role-based review paths.

Navigation

Mobile Cleanup
#

Cards, buttons, labels, and content blocks were adjusted so mobile pages feel less cramped and less broken.

Mobile

Brand Cleanup
#

The default Blowfish favicon was replaced with the sudoRunner terminal-style favicon.

Branding

Credential Cleanup
#

Education, certifications, honor societies, and credentials were rebuilt into clearer static records.

Credentials

Project Expansion
#

Academic work was reviewed course by course, then converted into portfolio-safe case summaries.

Evidence

Voice Cleanup
#

The core pages were rewritten to sound more direct and less generic.

Writing

Pages I Built or Reworked
#

Page Type
Examples
Why It Matters
Core Reviewer Pages
Start Here, Review Paths, Capabilities, Opportunity Fit
Navigation
Professional Pages
Resume, About, Credentials, Contact
Identity
Evidence Pages
Projects, Research & Labs, OT/ICS Security, AI & Security
Proof of Work
Site Maintenance Pages
Portfolio Changelog, security metadata, contact routing, privacy-conscious public publishing choices.
Product Thinking

What This Project Shows
#

This project shows a mix of technical and communication skills:

  • Hugo static site development
  • Blowfish customization
  • Markdown content architecture
  • custom CSS
  • Git workflow
  • Cloudflare Pages deployment
  • custom DNS
  • email routing
  • responsive layout cleanup
  • mobile usability testing
  • HCI-focused navigation design
  • security-conscious publishing
  • technical writing
  • content hierarchy
  • project organization
  • public professional branding

The most important part is not that I can make a website.

The important part is that I can organize a large amount of technical evidence into something understandable, safe to publish, and usable by different audiences.

What Was Harder Than Expected
#

A few things took more debugging than expected:

  • favicon replacement because browser and theme fallback caching were stubborn
  • mobile layout collisions
  • making buttons and labels visually distinct
  • avoiding repeated content as more projects were added
  • keeping course-coded project names consistent
  • deciding what should be a flagship page versus supporting evidence
  • writing about cybersecurity work without exposing too much detail
  • making the site sound like a person wrote it, not a brochure

Those were useful problems to solve because they are the same kind of problems that appear in real technical communication: structure, clarity, user flow, and safe disclosure.

Limits
#

This site is not meant to be a raw evidence repository.

It does not prove every detail by publishing every file. That is intentional. A public cybersecurity portfolio should not expose everything.

The better goal is to show enough evidence for a reviewer to understand the work, then keep private materials available only for appropriate verification.

Next Improvements
#

Things I may add later:

  • professional headshot on the About page
  • short Security Notes / Field Notes section
  • better social preview metadata
  • protected contact form with spam protection
  • project-page “How to read this page” blocks for flagship projects
  • cleaner diagrams for selected workflows
  • accessibility audit
  • more ServiceNow SecOps lab detail
  • ServiceNow IRM/GRC learning path notes
  • OT/ICS security reading notes

Related Pages#

Start Here Projects Capabilities Changelog