Open to opportunities

Hi, I'm
Malusi Nkosi

Software Engineer · DevOps · Cloud · AI

I'm a Software Engineering student at Eduvos in Durban. I started with a Higher Certificate in 2024, then kept building until my projects stopped feeling like coursework and started looking like systems: pipelines, scanners, APIs, deployments, and the occasional bug that teaches you more than the tutorial did. My goal is DevSecOps and Cloud Engineering — I want to be the person who makes deployments both fast and secure.

Cloud & DevOps DevSecOps AI / ML Full-Stack

AWS Generative AI AWS Cloud Practitioner (in progress) Azure AZ-900 (in progress)

View My Work Download CV Contact

Right now

What I'm Currently Doing

malusi@durban ~ status.sh

$ cat current_focus.json "studying": "AWS Cloud Practitioner + Azure AZ-900", "building": "C# multithreaded apps (TCP networking, thread safety)", "freelancing": "Makau Skills Academy website (PHP, IIS, Afrihost)", "exploring": "local offline AI assistant (Raspberry Pi target)", "open_to": "DevOps / Cloud Engineering internships" $ git log --oneline -3 a3f9c12 fix: resolved BOM encoding breaking PHP form on IIS 7b8e041 feat: GitHub Actions secret scanning + Trivy image scan c1d4a88 refactor: rewrote Resume Analyzer scoring with weighted rubric $ echo "Last updated: June 2026"

What I bring

Built for the Modern Stack

Cloud & DevOps

Hands-on with AWS, Docker containerisation, and GitHub Actions pipelines. I am learning the full path from commit to deployed app: scan secrets, audit dependencies, build images, and keep the release simple enough to maintain.

AWSDockerCI/CD

Security-First Development

I am building the habit of asking security questions early: what can leak, what should fail the pipeline, and what needs a test before it reaches production. That mindset shows up in my project workflows.

DevSecOpsSASTJWT

AI / ML Integration

Built an NLP-powered Resume Analyzer (FastAPI + React + Docker) with weighted scoring and a full security pipeline. AWS Generative AI certified, actively exploring model deployment patterns.

PythonFastAPINLP

Full-Stack Engineering

React frontends, ASP.NET Core APIs, SQL Server databases, and Flutter mobile apps. Also real client work — PHP backends on Windows IIS where the usual Stack Overflow answers don't apply.

React.NETPHP

Spotlight

Featured Project

DevSecOps · Python · React

AI Resume Analyzer

An NLP-powered tool that scores resumes against job descriptions using a weighted rubric across skills, experience, and education. FastAPI backend, React frontend, fully Dockerised — with a CI/CD pipeline that runs secret scanning, SAST, dependency auditing, and Trivy container scanning on every push.

Real challenge I hit The initial scoring logic just counted keyword matches — so a resume with 10 mentions of "Python" scored higher than one with genuine senior experience. Rewrote it with a weighted rubric that differentiates must-have skills from nice-to-haves. That one change made the output actually useful.

5CI/CD stages

4Security scans

<2sParse time

PythonFastAPIReact DockerGitHub ActionsTrivySAST

All Projects GitHub

.github/workflows/ci.yml YAML

# AI Resume Analyzer — CI/CD + Security name: CI / Security Pipeline on: [push, pull_request] jobs: security-pipeline: runs-on: ubuntu-latest steps: - name: Secret scan uses: gitleaks/gitleaks-action@v2 - name: SAST (bandit) run: bandit -r backend/ -ll - name: Dependency audit run: pip-audit -r requirements.txt - name: Build image run: docker build -t resume-analyzer . - name: Container scan (Trivy) uses: aquasecurity/trivy-action@master

Secrets

→

SAST

→

Deps

→

Build

→

Trivy

Infrastructure

How This Site Is Deployed

software-dev-portfolio.netlify.app

Live netlify / static

Push to main

→

Netlify build hook

→

CDN deploy

→

HTTPS / TLS

Static HTML/CSS/JS served via Netlify CDN. Redirects handled via netlify.toml. EmailJS handles contact form delivery without needing a server. No build step, no unnecessary complexity — intentional choice for a static portfolio.

Hi, I'mMalusi Nkosi