Currently at Reed City Group

Trevor Steinke

AI Security Engineer

AI-Driven Penetration Testing, Red Teaming & Self-Hosted Infrastructure Security

Get In Touch

BackgroundAbout Me

Trevor Steinke

I'm an IT professional turned AI security researcher with 1.5 years of hands-on enterprise IT experience (endpoint operations, system deployment, and ticketing system administration) and a growing track record in AI-driven penetration testing and red teaming. My most recent work focuses on multi-agent AI pentesting systems, OWASP-aligned black-box assessments, and benchmarking frontier LLMs against security workloads.

Outside of my day job, I maintain a self-hosted homelab on Ubuntu 24.04 with zero trust networking, containerized services, and automated security monitoring. I'm currently pursuing CompTIA Network+ certification and building toward a career in AI security and frontier red teaming.

Based in McBain, Michigan, I'm always looking for opportunities to expand my skills in AI security, red teaming, and self-hosted infrastructure hardening.

ToolboxSkills & Technologies

Network Infrastructure

  • Switch & Access Point Configuration
  • VPN Configuration & Support
  • Network Troubleshooting
  • Connectivity Diagnostics

Automation & Tools

  • PowerShell Scripting
  • Python
  • Bash / Shell Scripting
  • Git & GitHub

Systems & Endpoints

  • Windows 10/11 Administration
  • Linux Server Administration
  • PC Imaging & Deployment (MDT)
  • Hardware Troubleshooting

Security & Infrastructure

  • Active Directory
  • Firewall Configuration (UFW)
  • Zero Trust Networking (Tailscale)
  • Docker & Container Management
  • Server Hardening & CIS Benchmarks

Cloud AdminMicrosoft 365 Administration

Identity & Access

  • Entra ID (User/Group Management)
  • Conditional Access Policies
  • SSO & MFA Configuration

Exchange Online

  • Mailbox Management
  • Distribution Groups
  • Mail Flow Rules

Device Management

  • Microsoft Intune
  • Device Compliance Policies
  • App Deployment

Licensing & Admin

  • License Assignment & Management
  • Microsoft 365 Admin Center
  • Compliance & Security Center

Build LogProjects & Work History

AI-Driven Penetration Testing with Strix + GLM-5.2

Personal Project

Configured an open-source multi-agent AI pentesting system (Strix) with GLM-5.2 (753B MoE) via an OpenAI-compatible API. Benchmarked against Claude Code and Opus 4.8 (Semgrep IDOR: 39% F1 vs 32%; CyBT-CTF: 28/59 tied with Opus), then ran a black-box assessment of OWASP Juice Shop producing 26 validated findings across 7 vulnerability classes (5 critical, 5 high, 16 medium) with full remediation report aligned to OWASP WSTG/PTES/OSSTMM.

AI Pentesting GLM-5.2 Strix Multi-Agent OWASP Cybersecurity Full Report →

IT Ticketing System Deployment

Reed City Group

Designed and deployed the company's first centralized IT ticketing system, establishing structured workflows for issue tracking and prioritization. Improved visibility into support demand and response efficiency.

Ticketing Systems Workflow Design Process Improvement

Automated Notification System

Reed City Group

Developed backend automation to deliver real-time ticket status notifications to end users. Reduced manual follow-up and improved communication throughout the support process.

PowerShell Automation Task Scheduler

MDT Deployment Server

Reed City Group

Built and configured a Microsoft Deployment Toolkit server to standardize and automate Windows workstation imaging. Reduced setup time and ensured consistent system configuration across all devices.

MDT Windows Deployment Imaging

FlowPress — NIST Calibration System

Reed City Group

Built a Python desktop application that automates NIST-traceable pressure sensor calibration in a cleanroom environment. Integrates three bench instruments via VISA/SCPI (Additel pressure controller, Keysight multimeter + power supply), runs automated test sequences with pass/fail validation, performs 30-second leak tests, and generates NIST certificate PDFs from DOCX templates. Reduced calibration time from 30+ minutes manual per sensor to a fully automated sequence.

Python PyVISA SCPI Tkinter Industrial Automation Hardware Integration NIST Compliance

angl3r — Michigan Fishing Regulations

Personal Project

A fast, mobile-first lookup site for Michigan fishing regulations. Search 1,150+ named waterbodies across all 83 Michigan counties by lake, stream, or species. Features an interactive choropleth county map with click-for-details panels, species filtering, and historical DNR survey data integration. Built from the official DNR 2026 Fishing Regulations PDF with automated PDF parsing, Wikipedia waterbody enrichment, and CI/CD auto-deploy on data updates.

TypeScript Vite Python SVG Data Visualization GitHub Pages CI/CD Live Site → View Source →

InfrastructureHomelab & Security

Self-hosted infrastructure running on Ubuntu 24.04 (VPS) with zero trust networking, containerized services, and security monitoring. Every service is built, configured, and maintained from scratch.

GitHub Pages

Static frontend hosting

Tailscale

Zero trust VPN + ACLs

Ubuntu VPS

UFW + Fail2Ban + systemd

Docker

Container runtime

Caddy

Reverse proxy + TLS

Contact API
Hermes
Jellyfin
Vaultwarden

Self-Hosted Portfolio Platform

VPS / GitHub Pages

Full-stack portfolio with GitHub Pages front-end, Cloudflare DNS, Node.js contact API on a VPS backend (Caddy reverse proxy + systemd), and self-hosted analytics with SQLite. Every component built and deployed from scratch.

Node.js Caddy systemd SQLite GitHub Pages View Source →

Zero Trust Network Architecture

Tailscale / WireGuard

Implemented zero trust networking with Tailscale (WireGuard-based mesh VPN). Identity-based ACLs restrict service access by device and user. Tailscale Serve exposes services securely without opening public ports. All infrastructure access routes through the mesh.

Tailscale WireGuard Zero Trust ACLs Network Segmentation Read More →

Linux Server Hardening

Ubuntu 24.04 VPS

Hardened Ubuntu VPS with defense-in-depth: UFW firewall rules, Fail2Ban intrusion prevention, SSH key-only authentication, automatic security updates, and Caddy reverse proxy with TLS termination. Services run under dedicated user accounts with least-privilege access.

UFW Fail2Ban SSH Hardening TLS CIS Benchmarks View Source →

Containerized Service Management

Docker / systemd

Deployed and manage multiple Docker containers on the VPS including qBittorrent and FileBrowser. Services are network-isolated, accessed exclusively through Tailscale mesh VPN. Managed via systemd with proper user isolation and resource controls.

Docker systemd Network Isolation Service Management

Automated Security Audit Tool

Python / Ubuntu

Built a comprehensive security audit script in Python that scans SSH hardening, firewall status, open ports, SSL certificates, failed logins, pending updates, and system resources. Generates multi-format reports (JSON, Markdown, plain text) for documentation and remediation tracking.

Python Linux Security Automation Scripting View Source →

AI Automation & Orchestration

Hermes Agent / Node.js

Deployed Hermes Agent (by Nous Research) for infrastructure automation and monitoring. Agents handle device pairing, service management, security checks, and scheduled tasks — demonstrating AI-assisted IT operations and automated workflows.

AI Agents Automation Monitoring Webhooks

Privacy-Friendly Analytics

Node.js / SQLite

Built a self-hosted, cookie-free analytics system tracking page views and referrers without third-party scripts. SQLite backend with authenticated stats dashboard. No Google Analytics — privacy by design.

Node.js SQLite Privacy REST API

Honeypot Stack (Endlessh + Cowrie)

Docker / Ubuntu

Deployed a multi-layer SSH honeypot for intrusion detection and threat intelligence. Endlessh tarpits attackers on port 22 while Cowrie captures attacks on port 2223 with a fake emulated shell. Isolated Docker network with egress-restricted iptables rules, automated JSONL log analysis, SMS alerting via msmtp, and weekly digest emails with attack summaries and source IP analysis.

Docker Security Cowrie SSH Python systemd Threat Intel

GrowthProfessional Development

CompTIA Network+

Currently Pursuing

Expected 2026

OWASP Security Testing

Hands-On Assessment

26 Validated Findings

AI Red Teaming

Strix + GLM-5.2

Multi-Agent Pentesting

NIST Compliance Automation

FlowPress

Industrial Calibration

ConnectGet In Touch

Let's Connect

Interested in automation solutions, IT consulting, or collaboration on tech projects? I'm always open to discussing new opportunities and ideas. Feel free to reach out via email or connect with me on LinkedIn.