KUNO
kuno
August 25, 2025
224 Views
Welcome

About Me

This article documents my professional growth journey, from initially participating in Minecraft server operations, to gradually moving into the DevSecOps field, and finally to participating in internationalization project development. Along the way, I've accumulated practical experience in network security, cloud computing, and AI, and have been fortunate enough to receive several professional certifications and industry recognition. In this article, I attempt to record my learning process and some key milestones, and share my insights and reflections. I hope these experiences can provide some reference or inspiration for friends who, like me, are exploring their career paths.

Career Timeline

Note: Certain specific dates and locations are not disclosed due to confidentiality agreements.

Personal Milestone

July 2002 - Born

Early Tech & Entrepreneurship (2015–2019)

2015

  • Jul 6 - Founded a Minecraft server network
  • Jul 26 - Server officially launched
  • Nov 24 - Server architecture upgraded
  • Dec - Featured by multiple major Minecraft platforms in China

2016

  • Jan - Reached 10,000 users; QQ group ranked #1 nationally
  • Feb - Server subjected to sustained DDoS attacks (20,000–40,000 hits/day), prompting self-study in cybersecurity
  • Apr - Launched Xuemian online trading platform for virtual goods
  • Apr 11 - Xuemian Technology official website launched
  • Jun - Platform upgraded
  • Jul - Partnered with a data center to develop a server leasing platform (ToC)

2017

  • Mar - Invited to join multiple cybersecurity organizations
  • Mar - Built corporate website for a chemical industry client

2018

  • Participated in a city-level red team/blue team cybersecurity exercise as an offensive team member

2019

  • Aug - Passed Huawei Certified ICT Professional (HCIP) — Data Communication

hcip

Professional Certifications & Industry Recognition (2020–2022)

2020

  • Apr 9 - Passed Huawei HCIE Security written exam
  • Jun 22 - Passed Huawei HCIE Security lab exam
  • Aug 7 - Passed Huawei HCIE Security interview
  • Sep 4 - Became a core member of Huawei HDZ Hangzhou
  • Sep 20 - Personal blog launched
  • Oct - Established Huawei HERO Academy chapter in Hangzhou Xiasha
  • Oct 19 - Official WeChat public account resumed operations
  • Dec - Participated in city-level cybersecurity exercise as a defensive team member
  • Dec 12 - Obtained NSFOCUS Senior Security Professional (NSSP) certification
  • Dec 22 - Passed Alibaba Cloud Associate certification with a score of 92/100

ie
ace

2021

  • Feb 23 - Attended MWC21 (Mobile World Congress)
  • Mar - Participated in city-level cybersecurity exercise at a local bank as defensive team member
  • Apr 24–26 - Invited to Huawei Developer Conference, Shenzhen
  • May 20 - Signed cooperation agreement with Visual China Group
  • Jun 24 - Attended Ant Group Blockchain Summit
  • Jun - Ranked #1 nationally among Huawei Cloud Academy chapter leaders
  • Jun - Organized and delivered Huawei expert lectures at three universities
  • Sep 29 - Passed Alibaba Cloud Certified Professional (ACP) — Solutions Architect
  • Nov 19 - Passed Alibaba Cloud Advanced Computing certification
  • Dec 19 - Co-hosted a 350-person lecture with Huawei Research Institute

2022

  • Jan 7 - Received 2021 Huawei HDZ Outstanding Leadership Award
  • Provided technical support to a municipal propaganda department for cybersecurity audits

tv1

Cybersecurity Expertise & Recognition (2023–2024)

2023

  • Provided technical support to a municipal health commission for cybersecurity audits
  • Jul - Participated in a national-level red team/blue team exercise in Beijing as a defensive team member for a large manufacturing company
  • Jul - Received 2023 Huawei Outstanding Academy Leadership Award
  • Oct - Contributed to key cybersecurity operations for the Hangzhou Asian Games

huawei

2024

  • Jan - Obtained China Computer Software Copyright Registration for "Enterprise Intranet Security Audit System"
  • May - Participated in cybersecurity red/blue team exercise for one of China's four major state-owned banks; responsible for attack interception and analysis
  • Jul - Received 2024 Huawei Pioneer Youth Award
  • Aug - Awarded QUT International Merit Scholarship

huawei1
huawei2
huawei
po
huaweicert

DevSecOps & Platform Engineering (2024–Present)

Queensland University of Technology (QUT) – Australia (2024–Present) | Master's Student

2024 - Enrolled in Master of Information Technology at QUT

  • Specialisation: Information Security & Networks
  • Research focus: AI applications in cybersecurity

tafe
qut
qut2

Luxholdings Pty – Australia (2024–Present) | Platform Engineer

2024 - Built and maintained a property & leasing management SaaS platform (r.ict.run)

  • Developed iOS & Android apps for remote home automation: temperature/humidity control, security cameras, and device integration
  • Integrated smart home APIs (Home Assistant, Hikvision, Dahua, Daikin, Tuya IoT) for seamless device control
  • Deployed Ollama + Llama 3 for real-time AI chat with SSE streaming output
  • Developed Django backend integrated with client-facing applications
  • Tech Stack: Ollama, Llama, DeepSeek, SSE, Django, Vue 3, PostgreSQL, MySQL, Docker, Bootstrap, React Native (Expo), Home Assistant API, Hikvision, Dahua, Tuya IoT

KUNO – Global (2025–Present) | Full-Stack Developer

2025 - Built an internationalisation-first CMS platform with AI-powered content management

  • Multi-language blog platform supporting 70+ languages with advanced i18n architecture
  • Advanced SEO features with automated optimisation and keyword tracking
  • Real-time analytics with geographic distribution and behaviour tracking
  • Embedding quality dashboard with PCA/t-SNE dimensionality reduction, similarity network graphs, and real-time RAG visualisation using D3.js
  • Rich media management supporting images, videos, and custom upload handling
  • Docker containerised deployment with one-click installation scripts
  • GitHub: https://github.com/xuemian168/kuno | Live Demo: https://qut.edu.kg

Tendor.ai – Australia (2025–Present) | Platform Engineer

2025 - Building core backend infrastructure for an AI-powered government tender and grant automation platform serving Australian SMEs

  • Developed AI-driven proposal generation pipeline, leveraging LLMs to produce compliant, high-quality tender submissions aligned with government procurement requirements
  • Built a tender matching engine integrating with 80,000+ government opportunity feeds across federal, state, and local sources, with automated relevance scoring
  • Implemented RAG (Retrieval-Augmented Generation) architecture to ground AI outputs in tender documents, legislation, and client business context, reducing hallucination and improving compliance
  • Designed and maintained scalable backend APIs handling concurrent tender searches, document processing, and proposal drafting workflows
  • Built document parsing and extraction pipelines to process PDFs, government specification files, and compliance checklists
  • Implemented user authentication, subscription management, and role-based access control
  • Deployed and maintained containerised microservices on cloud infrastructure with CI/CD pipelines
  • Tech Stack: Python, FastAPI, PostgreSQL, Redis, LLM APIs, RAG, Docker, Next.js

Security Research & CVE Disclosure – Global (2025–2026) | Independent Security Researcher

2025–2026 - Independent security research with multiple CVEs published in NIST NVD and ENISA EUVD

  • CVE-2025-62614 / EUVD-2025-35633: Booklore — Reporter (HIGH)
  • CVE-2025-12919 / EUVD-2025-38720: Evershop — Reporter (HIGH)
  • CVE-2025-13121: Liketea — Reporter (HIGH)
  • CVE-2025-65519: ezbookkeeping — Reporter (HIGH)
  • CVE-2026-25591: new-api — Reporter (HIGH)
  • GHSA-p536-vvpp-9mc8 / GHSA-p25h-9q54-ffvw: Openclaw — Reporter (MEDIUM/HIGH)
  • CVE-2026-33144: GPAC — Reporter (MEDIUM)
  • CVE-2025-61768 / CVE-2025-61681: Publisher & Patch Author (MEDIUM)
  • Contributed security detection tools and patches to the open-source community

Zli.li – Global (2025–Present) | Founder & Platform Engineer

2025 - Developed open-source and commercial domain scanner

  • Containerised deployment on virtualisation platform using Docker Compose
  • GitHub trending project, recommended by industry press
  • Open-source version: https://github.com/xuemian168/domain-scanner (500+ Stars)
  • Commercial version: https://zli.li (450+ users)
  • Tech Stack: Golang, Gin, React, Next.js, OAuth, Docker, MongoDB

TikHub.io – USA (2025–Present) | Platform Engineer (Remote)

2025 - Built high-performance backend systems for a social media data platform serving millions of daily requests

  • Refactored caching service from Python to Go, achieving 40x performance improvement; handles 3M+ daily requests at 10,000+ QPS with ~100MB memory footprint
  • Architected multi-platform social media dataset system with ~100 million records, supporting 9 platforms and 39 data parsers
  • Built tiered caching architecture: Redis (hot data, 1-hour TTL) + PostgreSQL/TimescaleDB (persistent storage with hourly partitioning for billions of records)
  • Implemented Kafka producer/consumer pattern with RabbitMQ worker pools for high-concurrency async writes
  • Integrated Zstandard compression achieving 70–80% storage reduction with automatic encoding/decoding
  • Designed 18 database tables with TimescaleDB time-series optimisation and materialised views for analytics
  • Developed OAuth2/JWT authentication middleware and high-performance log system (10k+ QPS)
  • Deployed containerised microservices on Kubernetes with sub-second startup time
  • Tech Stack: Go, Gin, GORM, PostgreSQL, TimescaleDB, RabbitMQ, Redis, Kafka, ClickHouse, Docker, Kubernetes

Enjoyed this article?

Share it with your friends and colleagues!

Welcome
Last updated: March 18, 2026
相关文章
正在检查服务状态...
About Me - ICTRUN