Experience

watchTowr

• Singapore
• Computer and Network Security
• 1 - 100 Employee

• Principal Security Researcher

  • Oct 2023 - 3 months

  Singapore hack all the things



ExpressVPN

• Virgin Islands, British
• Computer and Network Security
• 200 - 300 Employee

• Senior Offensive Security Engineer

  • Oct 2020 - Jul 2023

  Singapore - First member of the offensive security team; defined processes and SOPs for testing and tracking vulnerabilities in applications in the organization - Led red team operations, managed project timelines and developed novel TTPs on SaaS applications and macOS endpoints, including finding 0-days on SSO and EDR products - Performed whitebox testing for C, C++, Rust, Golang, Ruby, TypeScript and JavaScript codebases, planning and completing testing of all client applications within the first… Show more - First member of the offensive security team; defined processes and SOPs for testing and tracking vulnerabilities in applications in the organization - Led red team operations, managed project timelines and developed novel TTPs on SaaS applications and macOS endpoints, including finding 0-days on SSO and EDR products - Performed whitebox testing for C, C++, Rust, Golang, Ruby, TypeScript and JavaScript codebases, planning and completing testing of all client applications within the first year in the organization - Developed and deployed cost-effective infrastructure for cloud security posture monitoring tooling (Prowler) in Terraform and Python that performs compliance scans and developed process for alerting across all 49 AWS accounts in the organisation - Built and deployed a custom reporting framework on top of Hedgedoc that fully automates the reporting process from Markdown notes to .docx files and JIRA tickets, improving report experience and reducing manual effort spent on reporting to mere minutes - Managed the Bug Bounty Program on BugCrowd - Managed Yubikey tooling and smartcard deployment across the entire engineering organisation - Pioneered source code review interview loop to evaluate candidate success in whitebox testing Show less



Carnegie Mellon University

• United States
• Higher Education
• 700 & Above Employee

• Graduate Teaching Assistant

  • Aug 2019 - May 2020

  Head Teaching Assistant for - 14-741/18-631 - Introduction to Information Security. - 14-828/18-636 - Browser Security Managed a team of teaching assistants of varying sizes for the courses listed above. Developed assignments, teaching materials, and held recitations. Received rave reviews for the assignments from the students, with some examples given below: "I loved the last two CTF problems, having done web development before, I felt it accurately synthesized problems… Show more Head Teaching Assistant for - 14-741/18-631 - Introduction to Information Security. - 14-828/18-636 - Browser Security Managed a team of teaching assistants of varying sizes for the courses listed above. Developed assignments, teaching materials, and held recitations. Received rave reviews for the assignments from the students, with some examples given below: "I loved the last two CTF problems, having done web development before, I felt it accurately synthesized problems which many website possess and were a treat to understand and exploit." "I love the fact that we have a chance to apply the knowledge/theory learnt from class and also have hands-on practices. My favorite ones are the Baby CSRF and 'I am root'." Nominated for Outstanding Student Service Award for Teaching Assistants Show less



Splunk

• United States
• Software Development
• 700 & Above Employee

• Product Security Intern

  • May 2019 - Aug 2019

  San Francisco Bay Area - Wrote secure coding guidelines for common developer use cases based on anti-patterns found in existing codebases - Found and triaged vulnerabilities and anti-patterns; communicated remediation strategies directly with development teams - Pioneered a new CTF-style onboarding workshop for new hires, in which developers learn to break and fix vulnerable web applications on a self-hosted platform with automatic testing using docker-compose - Awarded 2nd in Most Innovative Project among… Show more - Wrote secure coding guidelines for common developer use cases based on anti-patterns found in existing codebases - Found and triaged vulnerabilities and anti-patterns; communicated remediation strategies directly with development teams - Pioneered a new CTF-style onboarding workshop for new hires, in which developers learn to break and fix vulnerable web applications on a self-hosted platform with automatic testing using docker-compose - Awarded 2nd in Most Innovative Project among 36 projects in the first Engineering Effectiveness Show less



Carnegie Mellon University

• United States
• Higher Education
• 700 & Above Employee

• Graduate Teaching Assistant

  • Aug 2018 - Dec 2018

  Greater Pittsburgh Area Teaching Assistant for the course 14-741/18-631 - Introduction to Information Security.



Centre for Strategic Infocomm Technologies (CSIT)

• Singapore
• IT Services and IT Consulting
• 200 - 300 Employee

• Info Security Technology Intern

  • May 2018 - Jul 2018

  - Developed an IDA Pro plugin for Automated Malware Unpacking - Wrote an x86 PE loader on top of open source frameworks, namely Unicorn and Angr, to emulate malware - Used the heuristic of write-execution to determine when code is unpacked - End product performs similarly to existing research for malware unpacking, in particular, the Renovo plugin for the BitBlaze binary analysis platform



Carnegie Mellon University

• United States
• Higher Education
• 700 & Above Employee

• Student Helper at Cylab

  • Aug 2017 - May 2018

  - Developed tooling for connecting ECUs to our own CAN network



Google Summer of Code

• Nmap Scripting Engine—Script Developer (Vulnerability and exploitation specialist)

  • May 2017 - Aug 2017

  Research vulnerabilities and devise (and implement) scripts on top of NSE to detect and/or exploit vulnerable network services - Wrote the detection NSE for SambaCry / CVE-2017-7494 and CVE-2017-8917 - Refactored exploit code to an exploit library that can be reused and expanded - Wrote a detection script that checks whether naive signing is enabled for Puppet server installations



Whitehat Society

• Computer and Network Security
• 1 - 100 Employee

• President

  • Oct 2016 - Jul 2017

  Singapore Management University - Lead initiatives for information security education in SMU, from organising competitions (Whitehacks@SG) to conducting workshops to teach useful software (such as Excel/Wordpress) and security implications when using them - Establish relations with key industry players for talks, internship opportunities and training opportunities - Conduct weekly training for incoming members and led the competitive CTF team (4th in Singapore Cyber Conquest 2016)

• Vice President

  • Sep 2015 - Oct 2016

  Singapore Management University - Liase with key industry players to bring talks for members and for other activities - Educate the general public on information security through easy to access talks - Organize information security competitions for the SMU student body and general public



Singapore Management University

• Singapore
• Higher Education
• 700 & Above Employee

• Teaching Assistant for IS203 - Software Engineering

  • Aug 2016 - Dec 2016

  Singapore - Headed the change of web application hosting from OpenShift to Amazon Web Services, creating tutorials for students to follow - Mentored teams on the software engineering process, including eliciting feedback from supervisors and how to work based on the feedback given - Implemented scripts that utilized the MOSS system and a tutorial for end users for plagiarism checks on students'​ software projects https://theory.stanford.edu/~aiken/moss/



EY

• United Kingdom
• IT Services and IT Consulting
• 700 & Above Employee

• Intern - Cyber Security, Advisory Services

  • Jun 2016 - Aug 2016

  Singapore Development of the Red Team Exploitation Framework - Wrote a general obfuscator in Python that also embeds arbitrary scripts or portable executables as macros in Excel Workbooks that executes on workbook open - Wrote command and control malware in Python that uses Slack as a encrypted covert channel for communication and data exfiltration - Utilized wine and pyinstaller to create a web service in a Docker container to convert Python malware to a portable executable - Contributed… Show more Development of the Red Team Exploitation Framework - Wrote a general obfuscator in Python that also embeds arbitrary scripts or portable executables as macros in Excel Workbooks that executes on workbook open - Wrote command and control malware in Python that uses Slack as a encrypted covert channel for communication and data exfiltration - Utilized wine and pyinstaller to create a web service in a Docker container to convert Python malware to a portable executable - Contributed to the backend of the attacker dashboard, written using nodejs, express.js, mongoDB, elasticsearch Show less



Singapore Management University

• Singapore
• Higher Education
• 700 & Above Employee

• Teaching Assistant for IS201 - Object Oriented Application Development

  • Apr 2016 - May 2016

  Singapore - Assisted in designing course exercises for students that reinforces object-oriented design - Walked through with students problem solving skills required in the course - Gave personal feedback of exercises and labs completed by the students to bring them to a greater level of competency in their coding standards



Singapore Management University

• Singapore
• Higher Education
• 700 & Above Employee

• Teaching Assistant for ISSS605 - Cloud and Big Data Analytics

  • Sep 2015 - Dec 2015

  - Assisted in designing Jupyter notebook assignments for teaching Apache Spark - Wrote guides on how to host Jupyter notebooks which instructed students on how to go about setting up tmpnb servers on Amazon Web Services (on EC2) - Troubleshooted problems associated with modifying the underlying Docker image



Centre for Strategic Infocomm Technologies (CSIT)

• Singapore
• IT Services and IT Consulting
• 200 - 300 Employee

• Intern (Info Security Technology)

  • Jan 2015 - Apr 2015

  Research in Methodologies for Identifying Malware Topology



Singapore Army

• Singapore
• Armed Forces
• 700 & Above Employee

• Network/Information Assurance Operator

  • Jun 2013 - Dec 2014

  - Conducted network monitoring which required high competency in network equipment (firewalls, VPNs, servers, switches, routers), theoretical knowledge (CCNA) - Performed system administration tasks, such as troubleshooting errors in network communications between hosts - Assisted in teaching new NSFs in the company to bring them to a high level of competency in networking



InCampus Pte Ltd

• Singapore
• IT Services and IT Consulting

• Job Experience Programme

  • Nov 2011 - Dec 2011

  Together with a team from ACJC Tech Council, we developed an interactive whiteboard on mobile devices written in HTML5. I handled the backend services (Apache Web Server, PHP) interacting with an open source solution to create the interactive whiteboard.