James Zhu · Network / Full-Stack / Ops

联系方式 Contact

电话 Phone

澳门 Macau

6867 2003

内地 Mainland CN

191 6867 2003

台湾 Taiwan

0967 030 721
邮箱 Email yjzy030721@gmail.com

个人信息 / 流动性 Identity / Mobility

英文名 Name (EN)

James Zhu

现居 Current base

澳门 (长期逗留签证) Macau (long-stay permit)

户口 / 常住 Household / Stay

广州户口 | 福建连江籍贯 | 福州常住地 Guangzhou household | Fujian (Lianjiang) origin | Fuzhou frequent stay

可工作地区 Work Locations

澳门香港台湾内地任意城市美国日本 Macau Hong Kong Taiwan Mainland China (any city) United States Japan

出入境记录 Travel history

美国澳大利亚新西兰英国法国比利时日本韩国台湾香港澳门 US AU NZ UK FR BE JP KR TW HK MO

电子身份 Digital ID

爱沙尼亚 e-Residency 电子身份证可做欧盟合规电子签署 Estonia e-Residency digital ID with qualified EU e-signature capability

可胜任岗位 Available For

网络工程师 (BGP/MPLS, 园区网, 出口策略, QoS, VLAN, NAC, 多种代理/隧道协议) Network Engineer (BGP/MPLS, campus core, egress policy, QoS, VLAN, NAC, tunneling/proxy stacks)
系统/运维工程师 (vSphere, ESXi 集群, Linux/Windows, Docker, 备份恢复) Systems / Ops Engineer (vSphere, ESXi clusters, Linux/Windows, Docker, DR/backup)
全栈工程师 (Spring Boot + Vue3 + MySQL, RBAC, 审批流, LDAP 单点登录) Full-Stack Engineer (Spring Boot + Vue3 + MySQL, RBAC, approval flow, LDAP SSO)
运维自动化 / 安全巡检 (Python/Shell, LLDP 报表, 口令审计, 异常告警) Ops Automation / Sec Audit (Python/Shell, LLDP reports, credential audit, anomaly alerts)
终端管控 (Android ROM 定制, 平板统一策略, 批量刷机) Device Control (Android ROM customization, fleet lockdown, mass flashing)
AI 辅助快速交付 (ChatGPT / Codex 生成接口/前端/脚本后经人工审计) AI-assisted delivery (ChatGPT / Codex scaffolding APIs/frontend/scripts with manual review)

核心技术 Core Skills

网络与安全 Networking & Security

BGP MPLS L3VPN OSPF QoS / ACL / NAT HSRP / LACP VLAN / QinQ 802.1X / Portal / RADIUS H3C / Cisco 核心汇聚 IPSec / DMVPN / OpenVPN / AnyConnect vmess / vless / trojan / ssr L4-L7 代理/分流 DDoS 基础防护

系统与虚拟化 Systems & Virtualization

VMware vSphere vCenter / ESXi HA / DRS / vMotion Linux (Debian / Ubuntu / CentOS) Windows Server / AD / LDAP Nginx / IIS / MySQL SNMP / Syslog / IMC 备份 / 灾备演练 Docker / Compose

全栈 / 自动化 Full-Stack / Automation

Spring Boot Vue3 / Vite / TS MyBatis / REST API MySQL 结构 / 索引 RBAC / 审批流 LDAP 单点登录 Python 巡检脚本 Shell 诊断脚本 LLDP/端口报表自动输出 Android ROM 定制 AI 辅助代码生成

常用工具 Tooling

Wireshark / tcpdump BurpSuite Git IMC / SNMP Trap AnyConnect / IPSec LLDP Mapping

学历与认证 Education & Certifications

泉州信息工程学院计算机网络工程本科 Quanzhou University of Information Engineering · Computer Network Engineering (B.Eng.)

2021 - 2025 2021 - 2025

信息安全竞赛奖项入侵检测软件著作权第一作者 InfoSec competition awards and intrusion detection software IP (first author)

全国计算机专业职业资格证书 — 中级网络工程师 National Computer Professional Qualification — Intermediate Network Engineer

国家级职业资格网络规划/运维方向 National credential in network planning and operations

CCIE 思科认证互联网专家 CCIE Cisco Certified Internetwork Expert

网络工程师资格 Network Engineer qualification

澳门城市大学研究生录取 (信息方向) Admitted · City University of Macau Postgraduate (Information)

因职业规划暂未入读 Deferred for career planning

GitHub / 开源 GitHub / Open Source github.com/qzblue github.com/qzblue

ESP-AP-Audit-LLDP-Tool LLDP AP 巡检. 统计 AP 在线/口速率(百兆/千兆). 标记离线口/遗留口. 导出多表 Excel (pandas/xlsxwriter). LLDP-driven AP audit. Detects AP link speed, flags offline/orphaned ports, exports multi-sheet Excel.
ESP-VLAN-Audit-Tool 解析 H3C 配置. 生成颜色分级 VLAN 稽核表 (在用/未命名/需复核/可下线). 支持离线审计. Parses H3C config. Emits color-coded VLAN compliance Excel. Offline friendly.
ESP_MealCard_Generator 批量生成学生饭卡. Excel+照片 → A4 高分辨率模板 (带裁切标记) 可直接打印发卡. Batch student meal card generator. Tiles 9 cards per A4 at print resolution with cut marks.
ITDB_java 学生/资产信息库 (student_info.sql). 预留和预约/借用/维修/审批系统打通. Student / asset DB seed (student_info.sql). Backbone for booking/loan/repair workflows.

账号 Account

github.com/qzblue

工作经验 Experience 核心网 / 虚拟化 / 全栈 / 终端控制 / AI 交付 Core Network / Virtualization / Full-Stack / Fleet Control / AI delivery

资讯系统分析员 · 澳门圣保禄学校 Information Systems Analyst · St. Paul’s School (Macau)

2025.02 - 现在 Feb 2025 - Present

校园网全栈: 核心/汇聚/接入交换机 (H3C), VLAN 规划, 三层网关, IRF 堆叠, LACP 汇聚, HSRP 双机冗余, QoS 限速与优先级. Campus network end to end: core/aggregation/access (H3C), VLAN design, L3 gateways, IRF stacking, LACP uplinks, HSRP redundancy, QoS shaping.
出口策略: 内部 OSPF 收敛 + 上游 BGP. ACL / NAT 分区隔离, 控制横向访问和外网暴露, 支持按业务分流. Egress policy: OSPF internally + BGP upstream. ACL/NAT segmentation for isolation and minimal external exposure, plus per-service routing policy.
无线与准入: 批量上线 AP, SSID-VLAN 绑定, 802.1X / Portal / RADIUS 统一认证, 统计 AP 在线率/口速率. Wireless/NAC: mass AP onboarding, SSID-to-VLAN mapping, 802.1X / Portal / RADIUS auth, AP uptime and link speed tracking.
vSphere 平台: vCenter + ESXi 集群, 资源池化, 开启 HA / DRS / vMotion, 做 P2V/V2V 把物理业务整合进虚拟化. vSphere: vCenter + ESXi clusters with HA / DRS / vMotion. Ran P2V/V2V to consolidate legacy physical workloads.
运维 Linux/Windows: Nginx, IIS, MySQL, LDAP, RADIUS, DHCP, DNS. 设计 MySQL 全量+增量备份并定期恢复演练. Linux/Windows ops: Nginx, IIS, MySQL, LDAP, RADIUS, DHCP, DNS. Designed full+incremental MySQL backup and restore drills.
内部门户开发: 场地预约 / 设备借用 / 维修工单 / 审批流. 后端 Spring Boot + MyBatis + MySQL. 前端 Vue3 + Vite + TS. Internal portal: venue booking, asset loan/repair tickets, approval flow. Backend Spring Boot + MyBatis + MySQL. Frontend Vue3 + Vite + TS.
单点登录: 对接 Microsoft LDAP/AD. 系统只维护 RBAC 角色和审批范围. SSO: Integrated Microsoft LDAP/AD. App stores only RBAC roles and approval scopes.
自动化巡检: Python / Shell 抓 LLDP 端口速率, AP 在线, 接口 up/down, 生成日报/周报, 输出异常口/闲置口清单. Audit automation: Python / Shell pulls LLDP link speed, AP status, interface up/down, then builds daily/weekly health reports.
安全基线: 弱口令审计, 防火墙/IAG 策略, DDoS 基础防护, Syslog 告警闭环. Security baseline: weak credential audit, firewall/IAG policy tuning, baseline DDoS defense, Syslog alert loop.
AI 辅助交付: 用大模型生成后端接口雏形/前端表单组件/批量运维脚本, 我审核后落地。 AI-assisted delivery: used LLMs to draft backend endpoints, frontend components, and ops scripts, then hardened manually.

网络工程师 · 广州布鲁云网络技术有限公司 Network Engineer · Guangzhou Bluenet Tech

2023.08 - 2025.08 Aug 2023 - Aug 2025

规划跨区域专线: MPLS L3VPN 多分支互联. 用 BGP 做路由分发 / 出口冗余. 按业务等级下发 QoS. Designed cross-region WAN: MPLS L3VPN for branches. BGP for route distribution and egress redundancy. QoS tiers by service class.
交付远程接入: IPSec VPN / DMVPN / OpenVPN / AnyConnect, 以及 vmess / vless / trojan / ssr 等加密代理通道. Delivered remote access: IPSec VPN / DMVPN / OpenVPN / AnyConnect plus vmess / vless / trojan / ssr encrypted channels.
维护核心/汇聚 (H3C / Cisco): VLAN 隔离, ACL/NAT 分段, Portal/802.1X 无线准入, 降低横向移动风险。 Maintained core/aggregation (H3C / Cisco): VLAN isolation, ACL/NAT segmentation, Portal/802.1X NAC to limit lateral movement.
Linux 上用 Docker 发布内网服务, 加 SNMP / Syslog 监控并集中日志。 Shipped internal services via Docker on Linux, wired SNMP/Syslog for monitoring and logging.
大批量 Android 教学/企业平板: 解锁 Bootloader, 刷自定义 Recovery+ROM, 强制白名单策略, 禁止私装。 Rolled out classroom / corporate Android fleets: bootloader unlock, custom recovery and trimmed ROM, whitelist-only policy.
做弱口令审计和基础渗透测试 (BurpSuite). 输出整改单 (密码策略, 暴露端口, 防火墙白名单) 给客户签收。 Ran weak credential audits and baseline web pentests (BurpSuite). Issued remediation on password policy, exposed ports, firewall whitelist.

网络工程师 · 福州今一网络科技有限公司 Network Engineer · Fuzhou Jinyi Network Tech

2022.04 - 2023.08 Apr 2022 - Aug 2023

为企业/校区搭建园区网: 多部门 VLAN 隔离, ACL 访问控制, 出口带宽策略, 固定资产口管理。 Built SMB / campus networks: multi-department VLAN isolation, ACL access control, egress bandwidth policy, port-to-asset mapping.
部署 AC/AP 企业无线: 接入 RADIUS 与访客 Portal. 输出覆盖热力与信号质量报告。 Rolled out AC/AP Wi-Fi with RADIUS auth and Portal guest access. Produced heatmaps and signal quality reports.
多线出口聚合 (PPPoE/专线). 用策略路由+链路健康检测做智能切换, 降低丢包和高延迟。 Managed multi-ISP egress (PPPoE / leased line). Policy routing + health checks for failover to cut packet loss and high RTT.
运维 Linux LNMP (Nginx + PHP-FPM + MySQL) 和 VMware ESXi / vCenter 测试环境, 交付客户内网门户。 Operated Linux LNMP (Nginx + PHP-FPM + MySQL) and VMware ESXi/vCenter testbeds to deliver internal portals.
写 Shell / Python 巡检脚本, 自动抓接口 up/down, CPU/内存/带宽, 每日生成巡检报表给管理层。 Authored Shell / Python audit scripts to capture interface up/down, resource usage, and generate daily health reports.

代表项目 Key Projects 实际落地 / 可复用 Shipped / Reusable

校园虚拟化平台 · vSphere 资源池 Campus Virtualization Platform · vSphere Resource Pool

2025 2025

部署 vCenter + ESXi 集群, 池化 CPU / 内存 / 存储, 启用 HA / DRS / vMotion 保障高可用与负载均衡。 Deployed vCenter + ESXi cluster, pooled CPU/RAM/storage, enabled HA / DRS / vMotion for HA and load balancing.
执行 P2V / V2V 把旧物理/临时业务迁入统一资源池, 降本降复杂度。 Ran P2V / V2V to migrate legacy physical workloads into a unified resource pool to cut cost and complexity.
设计分布式交换机, 把管理网 / 业务网 / 存储网 / vMotion 网隔离, 降低横向移动风险。 Designed dvSwitch layout isolating mgmt / prod / storage / vMotion networks to contain lateral movement.

场地预约 / IT 维修与借用管理系统 Venue Booking / IT Repair & Loan System

2025 2025

后端 Spring Boot + MyBatis + MySQL. 处理预约申请, 冲突校验, 审批流, 借用登记, 维修进度跟踪。 Backend: Spring Boot + MyBatis + MySQL. Booking requests, conflict check, approval flow, loan tracking, repair status.
前端 Vue3 + Vite + TS + Element Plus. 老师自助入口 + IT 管理后台. 移动端自适配。 Frontend: Vue3 + Vite + TS + Element Plus. Teacher self-service UI + IT admin dashboard. Mobile responsive.
对接 Microsoft LDAP/AD 单点登录. 统一 RBAC 授权. 系统不重复建账号。 Integrated Microsoft LDAP/AD SSO. Unified RBAC. No duplicate local accounts.

LLDP/端口巡检与网络健康报表自动化 LLDP / Port Audit & Network Health Reporting Automation

2025 / Python 2025 / Python

Python 拉交换机 LLDP 邻居, 接口 up/down, 口速率(100M/1G), AP 在线状态, AC 注册情况。 Python tooling pulls LLDP neighbors, port up/down, link speed (100M/1G), AP status, AC registration.
自动生成日报/周报: 异常口, 低速口, 掉线 AP, 空闲端口复用建议. 管理层直接看到健康度。 Auto-generated daily/weekly reports: bad ports, low-speed links, offline APs, reclaim candidates for unused ports.
用于整改跟踪和验收归档. 省掉人工逐口巡检。 Used for remediation tracking and acceptance records. Removes manual port-by-port audits.

跨区域专线与出口 QoS 策略 Cross-Region Backbone & Egress QoS Policy

2023 - 2024 2023 - 2024

MPLS L3VPN + BGP 统一多分支网络, 按服务类型分流路由。 Used MPLS L3VPN + BGP to unify multi-branch WAN and split traffic by service class.
针对关键业务打带宽保障和优先级, 避免被大流量业务抢占。 Applied QoS tiers with bandwidth guarantees for critical flows to prevent starvation by bulk traffic.
ACL 白名单 + NAT 控制暴露面 + 基础 DDoS 防护。 Combined ACL whitelists and NAT exposure control with baseline DDoS protection.

Android 教学终端批量落地 Android Classroom Fleet Rollout

2023 2023

批量解锁 Bootloader, 刷入自定义 Recovery 和裁剪 ROM, 移除不需要的系统组件和设置项。 Mass bootloader unlock, custom recovery flash, trimmed ROM deployment, removal of unused system components.
下发白名单策略: 终端只允许运行课堂相关 App, 禁止娱乐类私装。 Enforced whitelist-only mode. Tablets allow only classroom apps and block sideloaded entertainment apps.
规划 OTA/批量升级通道, 保证设备版本一致并且可回滚。 Designed OTA-style upgrade channel for consistent fleet versioning with rollback safety.

ESP_MealCard_Generator · 学生饭卡批量生成 ESP_MealCard_Generator · Student Meal Card Batch Generator

2025 / Python + Pillow 2025 / Python + Pillow

Excel 学生信息 + 照片 → 自动生成个人饭卡 PNG。 Reads Excel roster and photos to render individual meal card PNGs.
自动排版成 A4 (3×3) 高分辨率整页并加裁切标记, 直接打印发卡。 Tiles 9 cards per A4 at print resolution with cut marks for direct on-site issuance.
替代人工 PS 排版, 提升发卡速度。 Removes manual Photoshop-style layout and speeds issuance.

ITDB_java · 学生/资产信息库雏形 ITDB_java · Student / Asset Info DB Seed

2024 - 2025 / Java + SQL 2024 - 2025 / Java + SQL

定义 student_info.sql 结构, 把人员/卡号/设备/班级等核心字段统一到同一库。 Defines student_info.sql schema centralizing people/card/device/class fields.
目标是与预约/借用/维修/审批系统打通, 共用 RBAC + LDAP SSO。 Intended to back booking/loan/repair/approval systems under shared RBAC and LDAP SSO.